PS4TLA: Privacy Support for the Total Learning Architecture Volume 5 - Policy Requirements
2019; Clemson University; Knijnenburg, B.P.; Ghaiumy Anaraky, R.; Bahirat, P; He, Y.; Namara, M.; Ash, E.; Johnson, A
The purpose of this document is to outline how privacy regulations and recommendations outlined in Federal laws and memorandums, DoD Directives and Instructions, and standardized guidelines are applicable to Total Learning Architecture (TLA)-based systems. The set of recommendations put forth in this document will allow ADL and other TLA performers to build the TLA specifications and TLA-based systems with compliance to these regulations and recommendations in mind.
This document makes recommendations regarding the following aspects:
• The scope of privacy and the protection of PII as it is legally defined in light of DoD Components like the TLA infrastructure and its learning activities.
• Recommendations for safeguarding data using physical, technical, and managerial mechanisms.
• Guidelines for onboarding learning activities to make them a trusted and authenticated part of the TLA ecosystem, which includes cybersecurity training, a Privacy Impact Assessment, and a publication of the learning activity in the federal register.
• Procedures to follow when requesting (learning activities) and providing (TLA infrastructure) access to personal information, including notice, consent, and disclosure accounting.
• Guidelines regarding data, devices, and authentication, to regulate who can access what information from which devices.
• Procedures to follow in case of violations and review requirements to prevent such violations.
It is important to note that this document provides a non-exhaustive analysis of the most prominent laws, directives, and guidelines. The authors of this document do not guarantee that following the recommendations described herein ascertain compliance with all rules that predate it. Moreover, the document provides no comparison against directives and guidelines in other sectors to fill potential gaps in the policy landscape as it pertains to TLA.