2. Terminology and Definitions
The following terms are used throughout this specification. Where a term has an established meaning under a referenced regulatory framework, the PCT definition is consistent with that meaning unless otherwise stated.
| Term | Definition |
|---|---|
| PCT | Privacy Claims Token. A structured, signed object encoding the data obligations attached to a specific dataset or data flow. |
| Claim | A discrete, structured assertion within a PCT about a specific obligation or constraint governing the data. Analogous to a claim in the JWT specification (RFC 7519). |
| Issuer | The entity responsible for generating and signing a PCT. The issuer attests to the accuracy of the claims at the time of issuance. |
| Subject | The dataset, data flow, or processing operation to which the PCT is attached. |
| Verifier | Any system, service, or component that receives a PCT and evaluates its claims before permitting or blocking an action. |
| Enforcement point | A system component at which PCT verification is performed and an allow/block decision is made. Equivalent to a policy enforcement point (PEP) in access control architecture. |
| Lawful basis | The legal ground under which personal data may be processed. Under GDPR and equivalent frameworks, examples include consent, contract, legal obligation, vital interests, public task, and legitimate interests. |
| Purpose limitation | The principle that data may only be used for the specific purpose(s) for which it was collected or subsequently legitimately specified. |
| Data obligation | Any legal, regulatory, or contractual requirement that constrains how data may be collected, stored, processed, transferred, or used. |
| Transfer restriction | A constraint on the movement of data across a jurisdictional boundary, arising from regulatory requirements such as GDPR Chapter V, HIPAA cross-border provisions, or national data localisation laws. |
| Audit record | A structured, tamper-evident log entry generated at each PCT verification event, recording the decision, the claims evaluated, and the timestamp. |
| Signature | A cryptographic mechanism — in this specification, an HMAC-SHA256 or RS256 signature — that allows a verifier to confirm that a PCT was issued by a trusted party and has not been modified since issuance. |
| Extension namespace | A convention for adding non-standard claims to a PCT without conflicting with the core schema, using a prefixed key format (e.g. x-hipaa:minimum_necessary). |
| PCT lifecycle | The sequence of states through which a PCT passes: issuance, attachment, transmission, verification, decision, and audit. |