This document provides a privacy framework which: —    specifies a common privacy terminology; —    defines the actors and their roles in processing personally identifiable information (PII); —    describes privacy safeguarding considerations; —    provides references to known privacy principles for information technology. This document is applicable to natural persons and organizations involved in specifying, procuring, architecting, designing, developing, testing, maintaining, administering, and operating information and communication technology systems or services where privacy controls are required for the processing of PII.