data-protection

Installation

SKILL.md

Data Protection Skill

🔴 AI FIRST Quality Principle

Apply the AI FIRST principle: never accept first-pass quality. Minimum 2 iterations. Read all output, improve every section. No shortcuts.

Purpose

Defines data protection practices ensuring privacy-by-design, GDPR compliance, and secure data handling across all Hack23 projects.

Data Classification Levels

Level	Description	Handling
PUBLIC	Open data, published information	No restrictions
INTERNAL	Operational data, system metadata	Access controlled
CONFIDENTIAL	Personal data, business sensitive	Encrypted, logged
RESTRICTED	Credentials, keys, PII aggregation	Encrypted, MFA required

Privacy-by-Design Principles

Proactive — Prevent privacy issues before they occur
Default — Maximum privacy as default setting
Embedded — Privacy built into design
Positive-Sum — Privacy AND functionality
End-to-End — Full lifecycle protection
Transparency — Open and documented
User-Centric — Respect user privacy

GDPR Requirements

Lawful basis for processing
Data minimization (collect only what's needed)
Purpose limitation
Storage limitation (retention policies)
Data subject rights (access, deletion, portability)
Privacy impact assessments for new features

Static Site Considerations

No cookies without consent
Privacy-preserving analytics only
No tracking pixels or fingerprinting
Secure external links (rel="noopener noreferrer")
No PII in URLs or query parameters

ISO 27001 Mapping

A.5.34 — Privacy and protection of PII
A.8.11 — Data masking
A.8.12 — Data leakage prevention

Related Policies

Secure Development Policy

Related skills

More from hack23/riksdagsmonitor

Installs

12

Repository

hack23/riksdagsmonitor

GitHub Stars

8

First Seen

Mar 4, 2026

Security Audits

Gen Agent Trust HubPass