Enterprise Privacy Authorization Language

From Wikipedia, the free encyclopedia

Enterprise Privacy Authorization Language (EPAL) is a formal language for writing enterprise privacy policies to govern data handling practices in IT systems according to fine-grained positive and negative authorization rights. It was submitted by IBM to the World Wide Web Consortium (W3C) in 2003 to be considered for recommendation. In 2004, a lawsuit was filed by Zero-Knowledge Systems claiming that IBM breached a copyright agreement from when they worked together in 2001 - 2002 to create Privacy Rights Markup Language (PRML). EPAL is based on PRML, which means Zero-Knowledge argued they should be a co-owner of the standard.[1]

See also[edit]

  • XACML - eXtensible Access Control Markup Language, a standard by OASIS.


  1. ^ Paul F. Roberts (June 10, 2004). "Lawsuit questions IBM's ownership of EPAL standard". networkworld.com. Retrieved February 12, 2018.