User consent can be required for 3GPP features depending on local regulations. Therefore, this Annex describes the generic security requirements and procedures to support user consent enforcement in 3GPP services. While the use cases can differ, the Annex focuses on the common and generic aspects related to the storage, checking and revocation of the user consent.
The user consent related requirements and mechanism in the present document are applicable only when it is required by regional regulations or operator's local policy, not otherwise.
The term data processing in this Annex is used to convey the same meaning as in [101].
It is assumed that the user consent is obtained from the end-users. The end-user(s) is the subscriber itself or authorize the subscriber to provide consent on behalf of the end-users. Alternatively, the end-users are authorized by the subscriber to provide the consent. That means user consent is always tied to the subscription information. How authorization is provided between the subscriber and the end-users is out-of-scope of this specification.
The UDM shall support the following services related to the user consent.
Retrieval of user consent parameters.
Notification of user consent parameters change.
The user consent parameters shall be stored in the UDM/UDR as subscription data.
The user consent parameters shall be bound to a SUPI/GPSI.
The user consent parameters shall be bound to the purpose of data processing.
The user consent parameters shall include whether the user consent is granted or not.
The user consent shall be effective only after the point in time that user consent was given.The user consent shall be effective until revoked. It means that there is no expiry/validity timer for the user consent parameters stored in the subscription data.
Any NF that is deemed an enforcement point for user consent shall support to retrieve the user consent parameters from the UDM.
Any NF that is deemed an enforcement point for user consent shall not accept any services or requests for data processing unless user consent is granted.
Any NF that is deemed an enforcement point for user consent shall determine the purpose of data processing prior to the data processing. If the purpose of data processing is not implicitly known from the service request, the user consent enforcement point shall request it or otherwise deny the service.
NFs obtaining or checking the user consent parameters shall consider the user consent parameters as effective until revoked.
Any NF that is deemed an enforcement point for user consent shall support subscription to the user consent parameter change notification provided by the UDM.
Consumer NFs (processing the data pertaining to user consent) shall subscribe to UDM for user consent parameter change notification, except if the consent enforcement NF that is deemed an enforcement point is tracking of those NFs and is actively informing those consumer NFs in case of user consent revocation.
Upon notification of user consent revocation, any NF that is deemed an enforcement point for user consent shall no longer accept any service request for data processing subject to a revoked user consent.
Upon notification of user consent revocation, any NF that is deemed an enforcement point for user consent may notify other NFs to halt the processing of the data subject to the revoked user consent.
Upon notification of user consent revocation, NFs (processing the data pertaining to the revoked consent) shall halt processing and collection of the data.
Upon notification of user consent revocation, NFs may delete, quarantine, or temporarily retain the data pertaining to the revoked user consent based on local policies and legal constraints.