According to the principles of FIPP, what must agencies identify in their notices?

The correct answer addresses a key tenet of the Fair Information Practice Principles (FIPP), which emphasize transparency in how personal identifiable information (PII) is managed by agencies. Identifying the authority to create and process PII is crucial because it builds trust with individuals whose data is being collected, and it ensures accountability. This not only helps in complying with legal regulations but also informs individuals about who has the right to handle their information and under what circumstances.

Understanding the source of authority is essential for the responsible handling of data as it clarifies the legitimacy of data processing activities. This ensures that individuals are aware of the governance frameworks that protect their rights regarding their personal information.

In contrast, the other elements mentioned—such as the number of employees handling PII, the volume of PII collected, and the length of time data is stored—though important, do not directly relate to the foundational principle requiring transparency about authority. They can be parts of a broader privacy policy but do not contribute as fundamentally to the principles of accountability and transparency as identifying the authority does.