ENHANCED METHOD OF CONTROL OR MANAGEMENT OF USER RELATED DATA SUBJECT TO USER CONSENT

Abstract

Abstract: Systems, methods, apparatuses, and computer program products for supporting user consent management, tracking of user specific data and UE specific data requiring user consent, and distributing information about revocation of the user consent to involved network entities, are provided.

Description

Claims

1-30. (canceled)

31. An apparatus, comprising: at least one processor; andat least one memory comprising computer program code, the at least one memory and the computer program code configured, with the at least one processor, to cause the apparatus at least to: control or manage user related data;obtain or receive a data request from a data consumer, the data request configured to target a data source;obtain, based on the data request being subject to user consent, information on whether the user consent is at least one of: available for user data requested in the data request, orvalid for user data requested in the data request;allow, based on the user consent being at least one of available or valid, the data source to provide a data response with the requested data to the data consumer.

32. The apparatus according to claim 31, wherein the apparatus comprises at least one of: a network function (NF),a data source,a data consumer,a data collection coordination function (DCCF),a network data analytics function (NWDAF),a user related data controlling function (URDCF), orother network entity.

33. The apparatus according to claim 31, wherein the apparatus is configured as at least one of: a proxy on the data request path,a proxy on the data response path, ora proxy on the data collection path between the data consumer and the data source.

34. The apparatus according to claim 31, wherein the apparatus is co-located with at least one of: a data collection coordination function (DCCF), ora data source.

35. The apparatus according to claim 31, wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus at least to: store a record about data requested in the data request.

36. The apparatus according to claim 31, wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus at least to: obtain the information by checking the validity of the user consent based on at least one of: already obtained knowledge from a previous request, ora handshake procedure with the data source.

37. The apparatus according to claim 36, wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus at least to: check the validity of the user consent by checking with a unified data management (UDM) or data repository to learn about at least one of: user consent information availability in the subscription information, or values of the user consent stored in the UDM or data repository.

38. The apparatus according to claim 31, wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus at least to: receive, from the data consumer or the data source, a notification about the requested data or about data that was or will be provided to the data consumer.

39. The apparatus according to claim 31, wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus at least to: serve as a proxy for the data response; andstore a record of the data provided in the data response.

40. The apparatus according to claim 31, wherein the data response comprises a validity time indicating a duration over which the user consent is valid, andwherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus at least to store the validity time together with the requested data.

41. An apparatus, comprising: at least one processor; andat least one memory comprising computer program code, the at least one memory and the computer program code configured, with the at least one processor, to cause the apparatus at least to: control or manage user related data;register with a unified data management (UDM) or data repository to be notified about changes in subscription information related to user consent;track information related to the user consent, the information comprising at least one of data requests, analytic requests or data responses; andreceive, from the UDM or data repository, a notification based on a change, update or revocation of the user consent.

42. The apparatus according to claim 41, wherein the apparatus comprises at least one of: a network function (NF),a data source,a data consumer,a data collection coordination function (DCCF),a network data analytics function (NWDAF),a user related data controlling function (URDCF), orother network entity.

43. The apparatus according to claim 41, wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus at least to: check, based on the requested data being subject to user consent, whether the user consent is available or valid for the requested data.

44. The apparatus according to claim 43, wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus at least to: check whether the user consent is available or valid for the requested data, based on at least one of: already obtained knowledge from a previous request, ora handshake procedure with the data source.

45. The apparatus according to claim 43, wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus at least to: check whether the user consent is available or valid for the requested data by receiving information, from the UDM or data repository, about the user consent information available in the subscription information.

46. The apparatus according to claim 41, wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus at least to: maintain a validity time having a value indicating a duration over which the user consent is or was valid.

47. The apparatus according to claim 41, wherein the notification comprises additional information about the user consent including any conditions related to the user consent.

48. A method, comprising: controlling or managing user related data;registering with a unified data management (UDM) or data repository to be notified about changes in subscription information related to user consent;tracking information related to the user consent, the information comprising at least one of data requests, analytic requests or data responses; andreceiving, from the UDM or data repository, a notification based on a change, update or revocation of the user consent.

49. The method according to claim 48, further comprising: checking, based on the requested data being subject to user consent, whether the user consent is available or valid for the requested data.

50. The method according to claim 49, further comprising: checking whether the user consent is available or valid for the requested data, based on at least one of: already obtained knowledge from a previous request, ora handshake procedure with the data source.