Privacy is a fundamental concern for ORCID. One of the bedrock principles that guide our operations is that "Researchers will control the defined privacy settings of their own ORCID record data" -- they decide what information they share, and who they share it with. We are committed to this principle even though the information in ORCID records is often available publicly from other sources.
Every year we review our privacy and security practices to ensure that they remain in line with this important principle and the other values outlined in the ORCID Trust Program. We also ensure that these practices reflect global best practices. We make any needed adjustments and then submit them for evaluation by a third party. This year our policy and practices were reviewed against assessment criteria of the EU-U.S. and Swiss-U.S. Privacy Shield Verification Program; TRUSTe has provided a letter of attestation of this review.
- Clearer release policy for government data requests. Our policy has always indicated that we may share information with regulators, enforcement agents, courts and/or other government entities if legally required to do so. In our most recent review, we decided that the language we used in this statement was ambiguous, leading to a lack of clarity about the conditions under which your data may be shared. We therefore removed the conditions of public safety or public policy, leaving only the legal requirement as a condition under which we would share data (section 6.4)
- Stronger privacy protections for deactivated accounts. While email addresses have always been protected in our database, we have decided to provide additional privacy protections for addresses belonging to individuals who have decided to deactivate their account. We maintain email addresses so that, in future, users can reactivate their ORCID iD if they wish. However, these addresses are now stored in a cryptographically-masked form that enables the iD to be matched to the email if the owner chooses to reactivate the account, but is not otherwise visible or accessible under any circumstance, including by ORCID staff (section 7.0)
- Greater security for data “at rest”. ORCID data are now even more secure. They have always been encrypted when displayed on a webpage or sent, with your permission, to another system. Now data are also encrypted “at rest”, ie, stored in an encrypted filesystem. This means that even if a bad actor were able to get direct access to the hard drives in our data centre, they would still not be able to read any Registry data. This closes off a potential attack vector, and complements the many other security measures we have in place. (section 10.0)
- Clearer policies for GDPR complaint handling. Under the European General Data Protection Regulations (GDPR), organizations are expected to handle complaints about the data they hold on individuals in a specific way. Our policy now clarifies these methods and provides a reference to the local Data Protection Agencies that can help with resolving complaints if needed (section 11.0)
Thank you for your continued trust in ORCID!