5.1.3.9: Private access to personal data

Where auditory output is provided as non-visual access to closed functionality, and the output contains data that is considered to be private according to the applicable privacy policy, the corresponding auditory output shall only be delivered through a mechanism for private listening that can be connected without requiring the use of vision, or through any other mechanism explicitly chosen by the user.

Notes

  1. This requirement does not apply in cases where data is not defined as being private according to the applicable privacy policy or where there is no applicable privacy policy.
  2. Non-private output might be preferred when closed functionality is used, for example, in the privacy of the user's home. A warning highlighting privacy concerns might be appropriate to ensure that the user has made an informed choice.

Testing methods

Type of complianceTesting
Pre-conditions
  1. Auditory output is provided as non-visual access to closed functionality.
  2. The output contains data.
  3. There is an applicable privacy policy which considers that data to be private.
Procedure
  1. Check that the auditory output is only delivered through a mechanism for private listening.
  2. Check that the mechanism for private listening can be connected without requiring the use of vision.
  3. Check that the auditory output is delivered through any other mechanism that can be chosen by the user.
Result Pass: Checks 1 and 2 or 3 are true 
Fail: Checks 1 or 2 and 3 are false

Requirement details

Reference number: 5.1.3.9

Related requirements

Related functional statements

Related technical requirements

No related technical requirements are associated with this technical requirement