ISO/IEC 5207:2024

International
Standard
ISO/IEC 5207
First edition
Information technology — Data
2024-04
usage — Terminology and use cases
Technologies de l'information — Utilisation des données —
Terminologie et cas d'utilisation
Reference number
© ISO/IEC 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
© ISO/IEC 2024 – All rights reserved
ii
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms, definitions and abbreviated terms . 1
4 Abbreviated terms: .12
Annex A (informative) Use case template .13
Annex B (informative) Use cases . 16
Annex C (informative) Controlled environment and levels of control — Overview .49
Bibliography .51

© ISO/IEC 2024 – All rights reserved
iii
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical activity.
ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations,
governmental and non-governmental, in liaison with ISO and IEC, also take part in the work.
The procedures used to develop this document and those intended for its further maintenance are described
in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the different types
of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/
IEC Directives, Part 2 (see www.iso.org/directives or www.iec.ch/members_experts/refdocs).
ISO and IEC draw attention to the possibility that the implementation of this document may involve the
use of (a) patent(s). ISO and IEC take no position concerning the evidence, validity or applicability of any
claimed patent rights in respect thereof. As of the date of publication of this document, ISO and IEC had not
received notice of (a) patent(s) which may be required to implement this document. However, implementers
are cautioned that this may not represent the latest information, which may be obtained from the patent
database available at www.iso.org/patents and https://patents.iec.ch. ISO and IEC shall not be held
responsible for identifying any or all such patent rights.
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and expressions
related to conformity assessment, as well as information about ISO's adherence to the World Trade
Organization (WTO) principles in the Technical Barriers to Trade (TBT) see www.iso.org/iso/foreword.html.
In the IEC, see www.iec.ch/understanding-standards.
This document was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 32, Data management and interchange.
Any feedback or questions on this document should be directed to the user’s national standards
body. A complete listing of these bodies can be found at www.iso.org/members.html and
www.iec.ch/national-committees.

© ISO/IEC 2024 – All rights reserved
iv
Introduction
The purpose of this document is to provide terminology and use cases in order to support organizations
during the decision-making processes that occur throughout the use, sharing and exchange of data.
Given the breadth of data use, exchange and sharing activities, these use cases are presented with a
description of the data usage activity including an overview of the data project, objectives, relevant entities
involved, and the processes and interventions used in each case.
The use cases are structured to assist users in identifying the decision-making processes within data related
activities, irrespective of the business or industry sector context. These use cases can provide users with
guidance in considering where control measures can be applied to manage risks within the data process, the
data lifecycle or the data environment.
This document can be used in the development of other International Standards and in support of
communications among diverse stakeholders and other interested parties.
ISO/IEC 5207 was developed in collaboration with ISO/IEC 5212. Users of this document can refer to
ISO/IEC 5212 for additional guidance for the decision-making process for the use, sharing and exchange of data.

© ISO/IEC 2024 – All rights reserved
v
International Standard ISO/IEC 5207:2024(en)
Information technology — Data usage — Terminology and
use cases
1 Scope
This document sets out terminology and use cases for data use, sharing and exchange. This document
provides use cases detailing various types of data usage from both historical and hypothetical perspectives.
This document is applicable to all types of organizations.
2 Normative references
There are no normative references in this document.
3 Terms, definitions and abbreviated terms
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/ .
3.1
information
knowledge concerning objects, such as facts, events, things, processes, or ideas,
including concepts, that within a certain context has a particular meaning
[SOURCE: ISO/IEC 2382:2015, 2121271, modified — Notes to entry deleted]
3.2
data
re-interpretable representation of information (3.1) in a formalized manner suitable for communication,
interpretation, or processing
Note 1 to entry: Data can be used for communication, interpretation or processing by humans or automatic means.
Note 2 to entry: Communication, interpretation or processing can include the exchange or sharing of data by one or
more entities.
[SOURCE: ISO/IEC 2382:2015, 2121272, modified — Note 1 to entry modified, Note 2 to entry replaced and
Note 3 deleted]
3.3
metadata
data (3.2) that defines and describes other data
[SOURCE: ISO/IEC 11179-3:2023, 3.2.30]

© ISO/IEC 2024 – All rights reserved
3.4
data element
unit of data (3.2) that is considered in context to be indivisible
Note 1 to entry: The definition states that a data element is “indivisible” in some contexts. This means that it is possible
that a data element considered indivisible in one context (e.g. telephone number) can be divisible in another context,
(e.g. country code, area code, local number).
EXAMPLE The data element “age of a person” with values consisting of all combinations of 3 decimal digits.
[SOURCE: ISO/IEC 11179-31:2023, 3.23, modified — domain “” deleted]
3.5
data object
collection of data (3.2) that have a natural grouping and may be identified collectively
[SOURCE: ISO/TS 27790:2009, 3.20, modified — “as a complete entity” replaced by “collectively”]
3.6
data type
datatype
named set of distinct values, characterized by properties of those values, and by operations on those values
Note 1 to entry: Images, audio files and video files are considered complex data types.
[SOURCE: ISO/IEC 11404:2007, 3.12, modified — used “data type” instead of “datatype” as preferred term,
used “named set” instead of “set” in definition and added Note 1 to entry]
3.7
data set
dataset
identifiable collection of data (3.2) available for access or download in one or more formats
Note 1 to entry: A data set can be a smaller grouping of data which, though limited by some constraint such as spatial
extent or feature type, is located physically within a larger data set. Theoretically, a data set can be as small as a single
feature or feature attribute contained within a larger data set.
Note 2 to entry: A data set can be presented in a tabular form and stored and distributed in tables in word processed
documents, spread sheets or databases. It could also be presented in any one of a number of alternative formats,
including AVRO, JSON, RDF and XML.
[SOURCE: ISO/IEC 11179-33:2023, 3.5]
3.8
data set collection
curated collection of one or more data sets (3.7)
[SOURCE: ISO/IEC 11179-33:2023, 3.6]
3.9
data set distribution
specific available form of a data set (3.7) or data set collection (3.8)
Note 1 to entry: Each data set might be available in different forms and each of these forms represents a different
format of the data set or a different endpoint.
Note 2 to entry: Examples of distributions include a downloadable CSV file, an API or an RSS feed. This represents a
general availability of a data set.
[SOURCE: ISO/IEC 11179-33:2023, 3.7]

© ISO/IEC 2024 – All rights reserved
3.10
data representation
format, data type (3.6), character set and other characteristics used to represent data (3.2)
Note 1 to entry: Data types apply to individual data elements (3.4). Formats can apply to sets of data elements, such as
records, tables or messages.
3.11
data transformation
conversion from one form of data representation (3.10) to another
Note 1 to entry: Transformation of a single data element (3.4) can involve a change of character set, data type (3.6) or both.
Note 2 to entry: Transformation of a data set (3.7) can involve a change of format, such as from XML to JSON, or from a
table to a data matrix.
Note 3 to entry: Data transformation does not change the data (3.2) value, just the way it is represented. For example,
when the letter ‘A’ is transformed from ASCII to EBCDIC, it is still the letter ‘A’, just represented in a different character
encoding.
Note 4 to entry: Data transformation does not change the semantics of the data.
Note 5 to entry: Where the metadata (3.3) for the data includes data provenance, then the metadata should be updated
to reflect the data transformation.
3.12
data translation
conversion of a data (3.2) value from one code set to another
EXAMPLE 1 Conversion of codes representing human sexes from ‘M’ or ‘F’ to ‘0’ or ‘1’, or vice versa.
EXAMPLE 2 Conversion of country codes from 2-alpha code to 3-alpha code or 3-numeric code.
Note 1 to entry: Translation is typically used to convert data from different sources into a standard set of values.
3.13
data product
collection of one or more data objects (3.5) that are packaged for or by a specific application
Note 1 to entry: A data product may still provide access to the underlying data (3.2) or alternatively be engineered to
prevent access to the underlying data from which the data product was created.
Note 2 to entry: A data product that has been specifically created to prevent access to the underlying data should be
noted as such and recorded in the data set (3.7) records.
[SOURCE: ISO 21961:2003, 1.5.2, modified — “data items” changed to “data objects”. Notes 1 and 2 to
entry added]
3.14
data project
programme of work that involves the use, sharing or exchange of data (3.2)
3.15
data process
steps involved in the creation, analysis, or alteration of a specific set of data (3.2)
3.16
data processing
systematic performance of operations upon data (3.2)
[SOURCE: ISO/IEC 23751:2022, 3.8]

© ISO/IEC 2024 – All rights reserved
3.17
data processing system
computer system
computing system
one or more computers, peripheral equipment, software, human operations, physical processes and
information (3.1) transfer means that perform data processing (3.16)
[SOURCE: ISO/IEC 2382:2015, 2121290, modified — added “human operations and physical processes and
information transfer means” and notes 1 and 2 to entry deleted.]
3.18
data environment
set of conditions under which data processing (3.16) or the data process (3.15) occurs
Note 1 to entry: The data environment can include the physical, operational, behavioural and organizational factors
which may affect data process outcomes.
3.19
lifecycle
stages involved in the management of an asset
Note 1 to entry: The target of lifecycle in this document is data (3.2).
[SOURCE: ISO 55000:2014, 3.2.3, modified — ‘life cycle’ changed to ‘lifecycle’, and Note 1 to entry replaced]
3.20
data lifecycle
stages in the management of data (3.2)
Note 1 to entry: The target of lifecycle (3.19) in this document is data.
[SOURCE: ISO/IEC 20547-3:2020, 3.16, modified — “a” deleted from definition, Note 1 to entry reworded]
3.21
party
natural person or legal person, whether or not incorporated, or a group of either
[SOURCE: ISO 27729:2012, 3.1]
3.22
organization
unique framework of authority within which a person or persons act, or are designated to act towards
some purpose
Note 1 to entry: The kinds of organizations covered by this document include the following examples:
a) an organization incorporated under law;
b) an unincorporated organization or activity providing goods and/or services including:
1) partnerships;
2) social or other non-profit organizations or similar bodies in which ownership or control is vested in a group of
individuals;
3) sole proprietorships;
4) governmental bodies.
c) groupings of the above types of organizations where there is a need to identify these in information interchange.
[SOURCE: ISO/IEC 6523-1:2023, 3.1]

© ISO/IEC 2024 – All rights reserved
3.23
entity
party (3.21) or data processing system (3.17) with distinct and independent existence from a data (3.2)
perspective
3.24
data originator
party (3.21) that created the data (3.2) and that can have rights
Note 1 to entry: A data originator can be an individual person.
Note 2 to entry: Rights can include the right to publicity, right to display name, right to identity, right to prohibit data
use (3.30) in a way that offends honourable mention.
[SOURCE: ISO/IEC 23751:2022, 3.2, modified – Note 2 to entry deleted, and Note 3 to entry renumbered as
Note 2.]
3.25
data holder
party (3.21) that has legal control over data (3.2) to authorize data processing (3.16) of the data by other parties
Note 1 to entry: A data originator (3.24) can be a data holder.
[SOURCE: ISO/IEC 23751:2022, 3.4, modified — “control to authorize data processing of data” changed to
“control over data to authorize data processing of data”.]
3.26
data user
party (3.21) that is authorized to perform processing of data (3.2) under the legal control of a data holder (3.25)
[SOURCE: ISO/IEC 23751:2022, 3.5]
3.27
ratio scale
continuous scale with equal sized scale values and an absolute or natural zero point
[SOURCE: ISO/IEC 23751:2022, 3.11]
3.28
data level objective
DLO
commitment that a data holder (3.25) or a data user (3.26) makes for a specific, quantitative characteristic of
a data set (3.7), where the value follows the interval scale or ratio scale (3.27)
Note 1 to entry: A data level objective commitment may be expressed as a range.
[SOURCE: ISO/IEC 23751:2022, 3.12]
3.29
data qualitative objective
DQO
commitment that a data holder (3.25) or a data user (3.26) makes for a specific, qualitative characteristic of
a dataset (3.7), where the value follows the nominal scale or ordinal scale
Note 1 to entry: A data qualitative objective can be expressed as an enumerated list.
Note 2 to entry: Qualitative characteristics typically require human interpretation.
Note 3 to entry: The ordinal scale allows for existence/non-existence.
[SOURCE: ISO/IEC 23751:2022, 3.13]

© ISO/IEC 2024 – All rights reserved
3.30
data use
handling or dealing with data (3.2) for a specific purpose
Note 1 to entry: This includes reproducing the data but does not include disclosing the data.
[SOURCE: ISO/TS 14265:2011, 2.11, modified — ‘information’ has been changed to ‘data’ in both the
definition and Note 1 to entry.]
3.31
data exchange
concerning the representation, transmission, reception, storage, and retrieval of data (3.2)
[SOURCE: ISO/IEC 20944-1:2013, 3.21.13.1, modified — Note 1 to entry deleted]
3.32
data sharing
access to or processing of the same data (3.2) by more than one authorized entity (3.23)
Note 1 to entry: Access to or processing of the data can be synchronous or asynchronous.
Note 2 to entry: In this document, data sharing refers to allowing access to, or the execution of operations over, the
original data set (3.7).
Note 3 to entry: The way in which data are shared fundamentally influences the available controls and the statements
needed in a data sharing agreement (3.35).
[SOURCE: ISO/IEC 23751:2022, 3.7, modified — ‘use of’ changed to ‘access to’ in Note 1 to entry, Note 2 to
entry replaced]
3.33
data usage
any activity involving data (3.2)
Note 1 to entry: Data usage includes data use (3.30), data sharing (3.32) and data exchange (3.31).
3.34
data usage framework
framework that sets out the characteristics which should be assessed by the entity (3.23) in possession of
the data (3.2) and captured within the metadata (3.3) description
3.35
data sharing agreement
DSA
documented agreement that defines, guides and protects data sharing (3.32)
Note 1 to entry: A data sharing agreement generally includes a description of data (3.2), data sharing scenarios, roles
and participants, platforms, processes, requirements and controls, rights, obligations and responsibilities etc.
3.36
data recipient
entity (3.23) that receives data (3.2) via data sharing (3.32) or data exchange (3.31)
3.37
data accountability
accountability for data (3.2) and its usage
Note 1 to entry: Data usage (3.33) includes data use (3.30), data sharing (3.32) and data exchange (3.31).
[SOURCE: ISO/IEC 38505-1:2017, 3.4, modified — “use” replaced by “usage” and Note 1 to entry replaced.]

© ISO/IEC 2024 – All rights reserved
3.38
competent person
person who has acquired, through training, qualification, experience or a combination of these, the
knowledge and skill enabling that person to correctly perform the required tasks
[SOURCE: ISO 11525-1:2020, 3.4]
3.39
responsible data officer
officially nominated individual with data accountability (3.37)
Note 1 to entry: Responsibility should include enterprise-wide governance and utilization of information (3.1) as an
asset, via data processing (3.16), analysis, data (3.2) mining, information trading and other means.
Note 2 to entry: The responsible data officer can be an individual which reports to a governing body which oversees
data related activities, can be a delegated position for a specific task such as a major financial project or can be a
responsibility under a permanent role within an organization (3.22) such as Chief Executive Officers (CEOs), Heads of
Government Organizations, Chief Financial Officers (CFOs), Chief Operating Officers (COOs), Chief Information Officers
(CIOs), or Chief Data Officers (CDOs), and similar roles.
Note 3 to entry: The delegated data authority should be recognized as a competent person (3.38).
3.40
chain of custody
demonstrable possession, movement, handling, and location of material from one point in time until another
[SOURCE: ISO/IEC 27050-1:2019, 3.1]
3.41
access level
level of authority required from a resource owner to access a protected resource
Note 1 to entry: In the context of this document, items to which an access level may be specified are limited to a data
set (3.7), a data set collection (3.9) and a data set distribution (3.8).
Note 2 to entry: For the public, the level of authority might describe the degree of public availability of a data set.
EXAMPLE Public, restricted public and non-public.
[SOURCE: ISO/IEC 11179-33:2023, 3.3]
3.42
confidential information
information (3.1) that is not intended to be made available or disclosed to unauthorized individuals, entities
(3.23) or data processes (3.15)
[SOURCE: ISO/IEC 27002:2022, 3.1.7, modified — “processes” replaced by “data processes”]
3.43
sensitive information
information (3.1) that needs to be protected from unavailability, unauthorized access, modification or public
disclosure because of potential adverse effects on an individual, organization (3.22), national security or
public safety.
[SOURCE: ISO/IEC 27002:2022, 3.1.33]
3.44
identifiable natural person
individual who can be identified, directly or indirectly, in particular by reference to an identification number
or one or more factors specific to their physical, physiological, mental, economic, cultural or social identity
[SOURCE: ISO 22857:2013, 3.7, modified — term changed from “identifiable person”, “one” changed to
individual”, “his” changed to “their”.]

© ISO/IEC 2024 – All rights reserved
3.45
personal information
personal data
any information (3.1) on or about an identifiable individual that is recorded in any form, including
electronically or on paper
EXAMPLE Information about a person’s religion, age, financial transactions, medical history, address or blood type.
[SOURCE: ISO/IEC 15944-5:2008, 3.103, modified — added “personal data” as an admitted term. Changed
Note 1 to entry to EXAMPLES.]
3.46
data subject
individual about whom personal data (3.45) are recorded
[SOURCE: ISO 5127:2017, 3.13.4.01, modified – Note 1 to entry deleted]
3.47
personally identifiable information
PII
any information (3.1) that (a) can be used to establish a link between the information and the natural person
to whom such information relates, or (b) is or can be directly or indirectly linked to a natural person
Note 1 to entry: The “natural person” in the definition is the PII principal (3.48). To determine whether a PII principal
is identifiable, account should be taken of all the means which can reasonably be used by the privacy stakeholder (3.49)
holding the data (3.2), or by any other party (3.21), to establish the link between the set of PII and the natural person.
[SOURCE: ISO/IEC 29100:2011/Amd1: 2018, 2.9, modified — “NOTE” replaced by “Note 1 to entry”]
3.48
PII principal
natural person to whom the personally identifiable information (PII) (3.47) relates
Note 1 to entry: Depending on the jurisdiction and the particular data protection and privacy legislation, the synonym
data subject (3.46) can also be used instead of the term “PII principal”.
[SOURCE: ISO/IEC 29100:2011, 2.11]
3.49
privacy stakeholder
natural or legal person, public authority, agency or any other body that can affect, be affected by, or perceive
themselves to be affected by a decision or activity related to personally identifiable information (PII) (3.47)
processing
[SOURCE: ISO/IEC 29100:2011, 2.22]
3.50
PII controller
privacy stakeholder (3.49) (or privacy stakeholders) that determines the purposes and means for processing
personally identifiable information (PII) (3.47) other than natural persons who use data (3.2) for personal
purposes
Note 1 to entry: A PII controller sometimes instructs others, e.g. PII processors (3.51) to process PII on its behalf while
the responsibility for the processing remains with the PII controller.
[SOURCE: ISO/IEC 29100:2011, 2.10]
3.51
PII processor
privacy stakeholder (3.49) that processes personally identifiable information (PII) (3.47) on behalf of and in
accordance with the instructions of a PII controller (3.50)
[SOURCE: ISO/IEC 29100:2011, 2.12]

© ISO/IEC 2024 – All rights reserved
3.52
de-identification
general term for any process of reducing the association between a set of identifying data (3.2) and other
data about the data subject (3.46)
[SOURCE: ISO 25237:2017, 3.20, modified – inserted “other data about”]
3.53
pseudonymization
process applied to personally identifiable information (PII) (3.47) which replaces identifying information (3.1)
with an alias
Note 1 to entry: Pseudonymization can be performed either by the PII principals (3.48) themselves or by PII controllers
(3.50). Pseudonymization can be used by PII principals to consistently use a resource or service without disclosing
their identity to this resource or service (or between services), while still being held accountable for that use.
Note 2 to entry: Pseudonymization does not rule out the possibility of there being (a restricted set of) privacy
stakeholders (3.49) other than the PII controller of the pseudonymized data (3.2) which are able to determine the PII
principals identity based on the alias and the data linked to it.
[SOURCE: ISO/IEC 29100:2011, 2.24, modified – Notes to entry have been revised.]
3.54
data publication
form of data sharing (3.32) that makes data (3.2) discoverable by any entity (3.23)
Note 1 to entry: Data publication may involve an authorized entity who makes the data available for example through
publication online.
Note 2 to entry: Data access may still be controlled via mechanisms such as registration and access systems, log in
tracking, user identification etc.
Note 3 to entry: Data publication may involve security mechanisms such as de-identification (3.52) or pseudonymization
(3.53) or the use of a data product (3.13) which prevents access to the underlying data.
Note 4 to entry: Data publication may be entirely unrestricted creating public domain data (3.55) which can persist in
perpetuity.
3.55
public domain data
class of data objects (3.5) over which nobody holds or can hold copyright or other intellectual property
Note 1 to entry: Data (3.2) can be in the public domain in some jurisdictions, while not in others.
Note 2 to entry: The concept of public domain and the difference between this and “publicly available” is subtle and
varies between jurisdictions. Readers should make themselves aware of the specific legal requirements that may
apply to them.
[SOURCE: ISO/IEC 19944-1:2020, 3.4.4]
3.56
likelihood
probability of something happening
[SOURCE: ISO/IEC/IEEE 15026-3:2015, 3.13]
3.57
consequence
outcome of an event affecting objectives
[SOURCE: ISO/IEC/IEEE 15026-1:2019, 3.4.1]

© ISO/IEC 2024 – All rights reserved
3.58
data storage
data store
persistent repository for digital data (2)
Note 1 to entry: A data store can be accessed by a single entity (3.23) or shared by multiple entities via a network or
other connection.
[SOURCE: ISO/IEC 20924:2021, 3.1.14]
3.59
non-volatile storage
storage that retains its contents after power is removed
[SOURCE: ISO/IEC 27040:2024,3.2.11]
3.60
storage medium
storage media
material on which digital data (3.2) are, or can be, recorded or retrieved
[SOURCE: ISO/IEC 27040:2024, 3.2.16]
3.61
storage device
any component or aggregation of components made up of one or more devices containing storage media
(3.60), designed and built primarily for the purpose of accessing non-volatile storage (3.59)
[SOURCE: ISO/IEC 27040:2024, 3.2.14]
3.62
big data
extensive datasets (3.7) – primarily in the data (3.2) characteristics of volume, variety, velocity, and/or
variability – that require a scalable technology for efficient storage, manipulation, management, and analysis
Note 1 to entry: Big data is commonly used in many different ways, for example as the name of the scalable technology
used to handle big data extensive data sets.
[SOURCE: ISO/IEC 20546:2019, 3.1.2]
3.63
cloud computing
paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual resources
with self-service provisioning and administration on-demand
Note 1 to entry: Examples of resources include servers, operating systems, networks, software, applications and
storage equipment.
Note 2 to entry: Self-service provisioning refers to the provisioning of resources provided to cloud services (3.1.2)
performed by cloud service customers (3.3.2) through automated means.
[SOURCE: ISO/IEC 22123-1:2023, 3.1.1]
3.64
cloud service agreement
documented agreement between the cloud service provider and cloud service customer that governs the
covered service(s)
Note 1 to entry: A cloud service agreement can consist of one or more parts recorded in one or more documents.
[SOURCE: ISO/IEC 19086-1:2016, 3.3]

© ISO/IEC 2024 – All rights reserved
3.65
data broker
party (3.21) that collects data (3.2) from one or more sources and sells the data to one or more data users (3.26)
Note 1 to entry: In the context of data broker, sell means to provide data in exchange for money or other item of value.
[SOURCE: ISO/IEC 23751:2022, 3.3]
3.66
machine learning
ML
process of optimizing model parameters through computational techniques, such that the model’s behaviour
reflects the data (3.2) or experience
[SOURCE: ISO/IEC 22989:2022, 3.3.5]
3.67
artificial intelligence system
AI system
engineered system that generates outputs such as content, forecasts, recommendations, or decisions for a
given set of human-defined objectives
Note 1 to entry: The engineered system can use various techniques and approaches related to artificial intelligence to
develop a model to represent data (3.2), knowledge, processes, etc. which can be used to conduct tasks.
Note 2 to entry: AI systems are designed to operate with varying levels of automation.
[SOURCE: ISO/IEC 22989:2022, 3.1.4]
3.68
label
target variable assigned to a sample
[SOURCE: ISO/IEC 22989:2022, 3.2.10]
3.69
training data
data (3.2) used to train a machine learning (3.66) model
[SOURCE: ISO/IEC 22989:2022, 3.3.16]
3.70
natural language processing
NLP
information (3.1) processing based upon natural language understanding or natural language
generation
[SOURCE: ISO/IEC 22989:2022, 3.6.9]
3.71
stakeholder
any individual, group, or organization (3.22) that can affect, be affected by, or perceive itself to be affected
by a decision or an activity
[SOURCE: ISO/IEC 38500:2015, 2.24]

© ISO/IEC 2024 – All rights reserved
4 Abbreviated terms:
API Application Programming Interfaces
ASCII American Standard Code for Information Interchange
CDO Chief Data Officer
CEO Chief Executive Officer
CFO Chief Financial Officer
CIO Chief Information Officer
COO Chief Operating Officer
CSV Comma-separated Values
EBCDIC Extended Binary Coded Decimal Interchange Code
JSON JavaScript Object Notation
RDF Resource Description Framework (W3C)
RSS Really Simple Syndication
© ISO/IEC 2024 – All rights reserved
Annex A
(informative)
Use case template
A.1 Introduction to use case template
A.1.1 General
Use cases were structured using the template described in A.2, however, each case offers a unique
perspective on a particular data usage process. For example, use cases can relate to the complexity of the
data project, the sensitivity of the data involved or the specific process management mechanisms that
were put in place. The focus within these use cases is to examine what measures can be used in data usage
projects, particularly in relation to data sharing, to address data privacy, security or integrity issues.
The following are the descriptors for each of the sections presented in the use cases.
A.1.2 Use case name and overview
The use case name and overview provide high level context, with focus more on the data related decisions as
they pertain to the data project itself rather than any industry sector specific praxis.
A.1.3 Domain areas
Domain or area to which the use case pertains.
A.1.4 Objectives
Each use case provides context on the objectives of the data project.
A.1.5 Narrative
This section provides a more detailed description of the use case, how it was structured, and the decisions
and recommendations that were identified within the use case.
A.1.6 Data lifecycle stages
This section provides context on the data project in terms of the data lifecycle which can be useful for
organizations in identifying vulnerabilities within their own data processes.
A.1.7 Figures
This section can assist users of this document in understanding the use case as it is shown diagrammatically.
These figures can provide context for the use case, at a high level, as an overview or can reference specific
elements within the use case.
A.1.8 Stakeholders and stakeholder considerations
This section can assist users of this document in identifying stakeholders in a data project.
A.1.9 Data characteristics
This section describes the data characteristics within the case study and can include reference to the data
type, data representation and data systems.

© ISO/IEC 2024 – All rights reserved
A.1.10 Key performance indicators
The key performance indicators (KPIs) are described as those elements used for evaluating the performance
or outcomes of the data project.
A.1.11 Challenges and issues
The challenges and issues identified within the case study can vary and can include technical data
management issues, privacy and security concerns or stakeholder management.
A.1.12 Societal concerns
This section provides commentary on issues that are not commonly considered in scoping a data project as
they can relate to issues such as unintended consequences related to how the data outputs are understood,
interpreted or applied.
A.1.13 Data security, privacy and trustworthiness
This section provides context as to how security, privacy and trust issues can arise, be identified, and be
managed within the data project. The management of data security, privacy and trustworthiness can involve
the implementation of levels of control as outlined in Annex C.
A.1.14 Key insights
This section provides context on the insights and learnings from the data project.
A.2 Use case template
The template used for the collation of use cases is provided in Table A.1 and is based on:
— IEC 62559-2
— ISO/IEC TR 24030:2021
— ISO/IEC TR 30176:2021
— ISO/IEC TR 20547-2
© ISO/IEC 2024 – All rights reserved
Table A.1 — Use case template
Field Description
1. Use case name and overview Name of the use case and short overview.
2. Domain areas Domain or area to which the use case pertains.
Objectives of the data usage defined by the use case can include the following:
—  What is to be accomplished.
3. Objectives
—  Intended benefits.
—  Scope, boundaries and limitations.
Description, decisions, predictions, recommendations; capabilities and features
4. Narrative
that are unique to the use case.
Description of the data lifecycle stages related to the use case, decisions made
5. Data lifecycle stage(s)
and outcomes.
Diagrams related to the data usage use case. Diagrams can include:
—  Drawing of a use case.
6. Figures
—  Data flow diagram of use case.
—  Sequence diagram of data actions in use case.
7. Stakeholders and stakeholder
Key stakeholders and any considerations, expectations related to the use case.
considerations
8. Data characteristics Describes the characteristics of the data.
9. Key performance indicators Describes the KPIs for evaluating the performance or outcome of the data usage.
10. Challenges and issues Descriptions of challenges and issues of the use case.
Describe how societal concerns related to the data use are understood, identified,
controlled and mitigated. Entries in this field can include key considerations of
11. Societal concerns Sustainable Development Goals in relation to the use case context; approach taken
to digital inclusion considerations; particular attention given to potential harms
and sensitivities.
12. Data security, privacy and Describe the security, privacy and trust aspects of the use case and how they
trustworthiness identified, controlled and mitigated.
Brief description of key lessons and insights to be learnt from this use case. This
13. Key insights field is useful both for overall analysis of the use cases and for general application
of the use cases.
© ISO/IEC 2024 – All rights reserved
Annex B
(informative)
Use cases
B.1 Use case 1: Online education analytics
B.1.1 General
This use case describes a commercially developed analytics environment that used proprietary data from an
online learning platform to assess online learning activity and outcomes, and the performance of an online
education system.
B.1.2 Use case name and overview
This use case provides an overview of a data use project from inception to operation which had several
sensitive aspects, including the following:
— students and minors as data subjects;
— data collected direct from data subjects;
— data analysis provided back to data subjects and education institutions;
— automated online interventions based on data analysis.
B.1.3 Domain areas
This use case describes online education reporting and learning analytics (LA).
B.1.4 Objectives
This use case describes the mechanisms for integrating learning analytics, data privacy technologies and
ethical practices into a unified operational framework for ethical and privacy-preserving learning analytics.
It introduces a new standardized measurement of privacy risk as a key mechanism for operationalising
and automating data privacy controls within the traditional data pipeline. It also describes a repeatable
framework for conducting ethical learning analytics.
The premise of the project described in this use case is that the existing body of work on the ethics of data
management, privacy enhancing technology and ethical analytics can be harnessed to systematize ethical
data analytics and reporting. The approach consists in equal parts of education and methodology, secure
collaboration and analytics capabilities, and privacy enhancing technology [Figure B.1 a)].
B.1.5 Narrative
This use case describes the use of data by an online education service provider wherein the data source is
the service provider’s online learning platform (OLP). These data include information about participating
students, their online activities and learning outcomes such as:
— engagement with the learning platform and material;
— engagement with other students (in team-based projects);
— engagement with teachers or facilitators;
— assessment details and results.

© ISO/IEC 2024 – All rights reserved
Many of the programmes involve experiential project-based learning with a real-world client and industry
mentor. Feedback and normative grading from these are also included.
The data are put to two uses:
a) Providing experimental data for collaborative learning analytics (LA) research programmes with
research collaboration partners. Experimental data include information about participating students,
their online activities and learning outcomes and the following:
1) “time on task” (time spent on each activity);
2) details of the frequency and sequence of discrete engagements with the learning materials.
These are only accessible to a small and vetted research team after de-identification (details below).
b) Creating dashboards and reports on student activity and outcomes for internal, external client and
public consumption.
This is mostly summarized information, however, some drill-down data is available to customers. This
includes:
1) Internal performance reporting: Platform and program usage, student engagement, program-
related ratings, billing-related data.
2) Internal product reporting: Feature usage and engagement.
3) Customer reporting (mainly teaching institutions): Usage and engagement for their institution,
student performance.
4) Whitepapers for general publication: Studies of student engagement, completion rates and outcomes.
The key intended outcomes include the following:
— improved understanding of behaviours conducive to experiential learning and ability to use online
learning data as a proxy;
— understand engagement with the learning platform and student outcomes to improve platform features
and learning programme design;
— develop public domain whitepapers on student outcomes and other benefits of the platform;
— standard business metrics reporting.
B.1.6 Data lifecycle stages
B.1.6.1 General
The data lifecycle stages for this use case are described against a four-tiered data management structure
[Figure B.1 b)].
B.1.6.2 Extraction and de-identification
This stage maps to “2. Extraction and De-identification” in Figure B.1 b).
See also the data management quadrant in Figure B.1 a).
Data were not collected from the end user for this use case. Semi-structured data were extracted from the
source learning platform by an internal API. Basic de-identification was performed as part of this process.

© ISO/IEC 2024 – All rights reserved
Direct identifiers, such as student name and ID, phone numbers, etc. were replaced by non-reversible unique
identifiers (UIDs) or removed altogether. The resulting de-identified data were stored in a data lake.
a) Control environment level: High control.
Data extraction for analytics was done in accordance with the organization’s data privacy and data
use policies, and approval was provided via client agreements. The purpose of collection and use was
clearly stated.
b) Principles:
1) Separation of uses (a key principle). Source system data was not available in its “raw” form for
anything other tha
...