Site Security Requirements

Access Level: Limited to general site functions based on the subdomain (e.g., commenting in Pond, voting in Consensus).
Data Handling: Access only to public information; personal data is anonymized when displayed.
Authentication: Multi-factor authentication (MFA) recommended, especially for accounts with voting or financial interactions.
Encryption: Data encryption in transit and at rest for all personally identifiable information (PII).
Verification: Third-party identity verification required for actions like voting and creating issues.
Permissions: Cannot view or access other users' private data or location information beyond general aggregated statistics.
Actions: Create issues, vote, comment, and support projects based on permissions granted by verification status.

Access Level: Restricted to the Ducklings subdomain.
Data Handling: All PII is highly restricted and anonymized to ensure youth privacy.
Authentication: Youth users should have simplified authentication to make access easy but secure, with no PII collected beyond age validation.
Encryption: Enhanced encryption protocols for youth data, with age-restricted access mechanisms.
Permissions: Can participate in Ducklings Model UN, access educational resources, and interact with other youth users. Cannot access the voting functionality in Consensus or other adult-specific features.
Protections: Additional anti-harassment tools, moderated forums, and parental control options if needed.

Access Level: Full access to Consensus for voting and to other subdomains according to permissions (e.g., Flightplan for contributing project ideas).
Data Handling: Anonymous voting ID used in Consensus to prevent tracking of individual votes, with limited regional information (city or province).
Authentication: Mandatory multi-factor authentication and third-party identity verification.
Encryption: Voting data is encrypted in transit and stored with pseudonymization to maintain anonymity.
Permissions: Can cast votes, support issues, and access expanded details in Consensus and Flightplan (if applicable).
Restrictions: Cannot view or access private user data tied to other individuals’ votes or contributions.

Access Level: Restricted to Ducklings for participating in Model UN but includes elevated permissions for leadership functions.
Data Handling: Limited to handling non-PII data (general statistics and anonymized engagement metrics) with no access to youth participants' private information.
Authentication: Basic authentication, with parental consent verification if needed.
Permissions: Can lead discussions, create proposals, and interact with other youth leaders in the Model UN. For specific issues with high consensus, these users can make the youth perspective visible in Consensus with additional approval.
Protections: Moderated environment with robust oversight and internal flagging for abusive or inappropriate interactions.

Access Level: Access to Flightplan for project management and documentation contributions.
Data Handling: Access to issue-related data, budgets, and project documentation, with restrictions on accessing any personally identifiable user data.
Authentication: Multi-factor authentication required; user account requires additional permissions for project management.
Encryption: Project data encrypted in transit and at rest.
Permissions: Can create, edit, and manage project documentation, set milestones, and interact with contributors. Limited visibility on user profiles, with anonymized voting and support metrics only.
Restrictions: Cannot view private user data or access voting details in Consensus outside of aggregated, anonymized summaries.

Access Level: Access to Support subdomain for managing tickets, tracking issues, and handling feature requests.
Data Handling: Access to ticket details and user-reported issues, limited to support purposes; no access to PII beyond what’s provided voluntarily by the user in the support context.
Authentication: Multi-factor authentication required.
Encryption: All support data encrypted at rest and in transit.
Permissions: Can create, respond to, and close support tickets. Can also view issue status and related metadata across the platform to assist users.
Restrictions: Cannot view or modify user voting data, financial information, or personal profile details beyond what is included in support tickets.

Access Level: Full administrative access to manage site functions across subdomains.
Data Handling: Limited, supervised access to anonymized user data and engagement metrics. Restricted access to user PII, which is protected by cryptographic measures and only accessible through formal legal channels.
Authentication: Enhanced authentication with multi-factor requirements, role-based access control, and regular password rotation.
Encryption: Full encryption on all data with audit logs maintained for any access to sensitive information.
Permissions: Can oversee user registrations, manage site-wide configurations, monitor analytics, and moderate user activity. Access to an audit trail to track actions taken within the administrative scope.
Restrictions: Cannot access detailed PII without formal authorization (court order or legal warrant).

Access Level: Oversight role with access to audit logs, compliance reports, and encrypted user data when legally authorized.
Data Handling: Handles user data as per legal and compliance standards, with strict protocols for data access, monitoring, and retention.
Authentication: High-level security with multi-factor authentication and time-restricted access, with documented authorization processes.
Encryption: Data access occurs through hardware security modules (HSMs) and other cryptographic methods to ensure that data is accessible only through authorized, legal channels.
Permissions: Can access encrypted user data with legal authorization, monitor compliance with privacy regulations, and produce audit logs.
Restrictions: Limited to audit and compliance activities, with strict oversight and logging of access actions. Cannot modify user data or engage in direct administrative actions.