Hugging Face's logo

Spaces:
GodsDevProject
/
FOIA_Doc_Search
Sleeping

App Files Community
FOIA_Doc_Search / NIST_PRIVACY_FRAMEWORK_MAPPING.md
GodsDevProject's picture
GodsDevProject
Create NIST_PRIVACY_FRAMEWORK_MAPPING.md
ff23231 verified
preview code
|
raw
history blame contribute delete
1.77 kB
 # NIST Privacy Framework Mapping
### Federal FOIA Intelligence Search
---
## Framework Reference
NIST Privacy Framework v1.0
(Core Functions: Identify, Govern, Control, Communicate, Protect)
---
## System Privacy Posture
**Privacy Risk Level:** Minimal
**Personal Data Processing:** None
**Persistent Identifiers:** None
**User Tracking:** None
This system operates exclusively on **public government metadata** and
**ephemeral user input**.
---
## IDENTIFY-P (ID-P)
| Subcategory | Implementation |
|-----------|----------------|
| ID-P1 Data Inventory | No personal data collected |
| ID-P2 Data Mapping | FOIA URLs + metadata only |
| ID-P3 Context | Public reading rooms |
---
## GOVERN-P (GV-P)
| Subcategory | Implementation |
|-----------|----------------|
| GV-P1 Policies | Public disclosures & README |
| GV-P2 Roles | Maintainer accountability |
| GV-P3 Oversight | Feature flags, opt-in AI |
---
## CONTROL-P (CT-P)
| Subcategory | Implementation |
|-----------|----------------|
| CT-P1 Data Processing | User-initiated only |
| CT-P2 Data Retention | In-memory session only |
| CT-P3 Data Sharing | None |
---
## COMMUNICATE-P (CM-P)
| Subcategory | Implementation |
|-----------|----------------|
| CM-P1 Transparency | Explicit disclosures |
| CM-P2 User Consent | AI opt-in required |
| CM-P3 Notice | README + UI banners |
---
## PROTECT-P (PR-P)
| Subcategory | Implementation |
|-----------|----------------|
| PR-P1 Security | HTTPS only |
| PR-P2 Access | No accounts |
| PR-P3 Safeguards | No persistence |
---
## Privacy Conclusion
βœ” No PII
βœ” No surveillance
βœ” No profiling
βœ” No data aggregation
**This system meets or exceeds NIST Privacy Framework expectations for
public research tools.**