Personally Identifiable Information (PII)

These are the starting point for my recommendation for PII data elements for CCC based on the NIST recommended PII data elements (Alex Jackl):

Element	NIST Level	Obfuscated?	Encrypted?	Aggregate Only?	Notes
Full name (if not common)	1	Y	N	N
Face (photograph)	1	Y	N	N
Home address	1	Y	N	N
Email address	1	Y	N	N
National identification number/SSN	1	Y	Y	N/A
Passport number	1	Y	Y	N/A
Vehicle registration plate number	1	Y	Y	N/A
Driver's license number	1	Y	Y	N/A
Fingerprints	1	Y	Y	N/A
Handwriting capture	1	Y	N	N/A
Credit card numbers	1	Y	Y	N/A
Digital identity	1	Y	Y	N/A
Date of birth	1	N	N	N	If linked to other Class 1 Elements this must also be obfuscated
Birthplace	1	N	N	N	If linked to other Class 1 Elements this must also be obfuscated
Genetic information	1	Y	Y	N/A
Telephone number	1	Y	Y	N/A	Aggregating by Area Code is acceptable
Login name,	1	Y	Y	N/A
Screen name	1	Y	Y	N/A
Nickname, or handle	1	Y	Y	N/A

Class 1 Elements: Obfuscated in open reports - except for Date of Birth as noted

Full name (if not common)

Face (photograph)

Home address

Email address

National identification number/SSN Encrypted

Passport number

Vehicle registration plate number

Driver's license number

Fingerprints

Handwriting capture

Credit card numbers

Digital identity

Date of birth (if linked to any other Class 1 element, otherwise allowed)

Birthplace

Genetic information

Telephone number

Login name, screen name, nickname, or handle

Class 2 Elements: Allowed in open reports so long as not associated with any Class 1 Elements]

First or last name individually, if common

Country, state, postcode or city of residence

Age

Gender

Race (if not linked to class 1 data)

Name of the school they attend or workplace

Grades

Salary

Job position

Criminal record (if not linked to class 1 data)

Web cookie

Class 3: (CCC Elements not covered by NIST)

Sexual Orientation Obfuscated and encrypted