Links

Privacy Compliance Templates by Locale

Nightfall provides numerous Personally Identifiable Info (PII) detectors. These are the recommended configurations for locale-specific privacy compliance.
PII Compliance by Locale

PII Compliance - United States

Basic Detection Rule
Advanced Detection Rule(s)

Detectors

  • US Drivers License
  • US Passport
  • US Social Security Number (SSN)
  • US Individual Taxpayer Identification Number (ITIN)

Settings

  • Set Minimum Confidence level to Very Likely.
  • Set Flag as finding when Any Detectors are found.
Create separate detection rules for the PII data types of interest, flag when both a Person Name AND the data type are found.
Example: US Social Security Number

PII Compliance - Canada

Basic Detection Rule
Advanced Detection Rule(s)

Detectors

  • Canada Driver License
  • Canada Passport
  • Canada Social Security Number
  • Canada Government ID
  • Canada Permanent Resident Number

Settings

  • Set Minimum Confidence level to Very Likely.
  • Set Flag as finding when Any Detectors are found.
Create separate detection rules for the PII data types of interest, flag when both a Person Name AND the data type are found.

PII Compliance - UK

Basic Detection Rule
Advanced Detection Rule(s)

Detectors

  • UK Driver License Number
  • UK Passport
  • UK Electoral Roll Number
  • UK Taxpayer Reference

Settings

  • Set Minimum Confidence level to Very Likely.
  • Set Flag as finding when Any Detectors are found.
Create separate detection rules for the PII data types of interest, flag when both a Person Name AND the data type are found.

PII Compliance - Brazil

Basic Detection Rule
Advanced Detection Rule(s)

Detectors

  • Brazil Natural Person Registry Number (CPF)

Settings

  • Set Minimum Confidence level to Very Likely.
  • Set Flag as finding when Any Detectors are found.
Create separate detection rules for the PII data types of interest, flag when both a Person Name AND the data type are found.

PII Compliance - France

Basic Detection Rule
Advanced Detection Rule(s)

Detectors

  • French CNI (Carte Nationale d’Identité)
  • France INSEE (National Institute of Statistics and Economic Studies)
  • France Passport

Settings

  • Set Minimum Confidence level to Very Likely.
  • Set Flag as finding when Any Detectors are found.
Create separate detection rules for the PII data types of interest, flag when both a Person Name AND the data type are found.

PII Compliance - Germany

Basic Detection Rule
Advanced Detection Rule(s)

Detectors

  • Germany ID Number
  • Germany Passport

Settings

  • Set Minimum Confidence level to Very Likely.
  • Set Flag as finding when Any Detectors are found.
Create separate detection rules for the PII data types of interest, flag when both a Person Name AND the data type are found.

PII Compliance - India

Basic Detection Rule
Advanced Detection Rule(s)

Detectors

  • India Aadhaar Card Number
  • Indian Permanent Account Number (PAN)

Settings

  • Set Minimum Confidence level to Very Likely.
  • Set Flag as finding when Any Detectors are found.
Create separate detection rules for the PII data types of interest, flag when both a Person Name AND the data type are found.

PII Compliance - Ireland

Basic Detection Rule
Advanced Detection Rule(s)

Detectors

  • Ireland Personal Public Service Number (PPSN)
  • Ireland Passport

Settings

  • Set Minimum Confidence level to Very Likely.
  • Set Flag as finding when Any Detectors are found.
Create separate detection rules for the PII data types of interest, flag when both a Person Name AND the data type are found.

General Guidance

Other detectors that exist are not recommended for use for the above compliance frameworks.
See Creating Detection Rules for general information on creating and tuning detection rules.
For all use cases, Nightfall recommends:
  • Scoping should cover all locations where the sensitive data should not be disclosed
  • Tune and amend rules over time in accordance with your violations and data.
  • Use Context and Exclusion Rules to reduce false positives and fine-tune alerts.
  • Consider increasing the number of detections required before triggering an alert - more findings often mean higher confidence.
  • Upgrade your rules from Basic to Advanced as needed.
  • Please report any false positives to [email protected]. We will use your reports to improve our ML models.
If you need support for data types or locales not listed above, please contact [email protected].