Purpose

This taxonomy provides a structure framework for organizations to manage the visibility of personal and professional information (i.e. PII) about their staff and community online. As civil society and non-profit organizations face increasing pressures to be both visible/transparent and earnest in the protection of their staff, this taxonomy helps to map out which data points (i.e. “attributes”) can or should be shown, hidden, or partially revealed in different scenarios. It offers clear levels of privacy, tied to the severity and type of threat, organizational needs, compliance/legal requirements, and individual staff preferences.

Furthermore, it is designed to guide organizations in making principled, consistent decisions when handling privacy requests–balancing safety compliance, operational continuity, and public trust. By offering a standardized way to classify, prioritize, and act on attribution information, it enables rapid, coordinated, and flexible responses to emerging threats.

The goal here is to move beyond ad hoc or “all-or-nothing” privacy choices, to equip organizations with a toolkit for nuanced, context-sensitive management of their online presence in an increasingly complex, hostile digital spaces. It is also, intended to support collaborative decision-making, to ensure that both staff and organizations retain appropriate control over their digital footprint.