> For the complete documentation index, see [llms.txt](https://whitepaper.open-data-rights.org/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://whitepaper.open-data-rights.org/future-considerations/security.md). # Security Given that the requests concern the entirety of a person's personal information within an organisation, the Open Data Rights API must be secure without question. To support continuous guarantees on security, practices need to be established in this area. Firstly, the security of the current proposal must be proven. Correspondingly, we strongly encourage a security audit to be completed in the near future. We consider this essential before a definitive v1 release is made. After completion, learnings should be incorporated in the further development process. Further, continuous security audits should be a regular staple of this development process. Secondly, a process needs to be established where critical vulnerabilities can be (confidentially) accepted and addressed within the smallest frame of time. This goes beyond a GitHub issues checklist for serious security issues. Secure infrastructure for this communication must be setup and monitored. Additionally, manpower must be made available to verify and accommodate these issues. Thirdly, common implementations on both front- and back-end should be regularly tested and scrutinised for particular implementation or security faults. We encourage the Data Rights API to not only take responsibility for specification, but implementations as well. These practices should increase the security of the ecosystem at large. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://whitepaper.open-data-rights.org/future-considerations/security.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.