Brown collects and stores a great deal of information, including data about its students, faculty, and staff, as well as many other individuals and organizations connected to the university. Brown has established the protections necessary to maintain the privacy of all connected to the university, and to maintain compliance with all regulatory mandates on storing and using private information.
This Attribute Release Policy is targeted only for single sign-on, and falls under the general provisions of the Brown Privacy Policy.
It is important for the Brown community to know that the University shares identifying information, or "attributes", with others. The ability to share such information allows for seamless and secure access to the web pages of partner service providers (SP) without further authentication of the user.
Brown has announced itself as a Federated Authentication Identity Provider (IdP), and the transfer, release, and use of attribute information is central to the operation of Federated Authentication. However, attribute values may represent 'personal data' and are subject to protection, regulatory oversight, and mandatory compliance measures.
The University is dedicated to ensuring the privacy and proper handling of the identity data of its students, employees, and individuals associated with the University. The goal of this Attribute Release Policy (ARP) is to ensure that the necessary procedures and awareness exist for the use and release of identity data, while also enabling secure federation and authentication between Brown and its partners.
Brown University follows established best practices governing the release of personally identifiable information to service providers – be they internal Brown service providers, or external resources at another institution. Brown has identified several categories of service providers, and the attributes that may be released to service providers falling into each category. The release of additional available attributes may be requested by contacting the Shibboleth Administrator.