PrivacyLens gives users fine grained control of what information is sent from an identity provider to a service provider. It derives from, and augments the capabilities of uApprove. It is installed by embedding it into an existing installation of the Shibboleth Identity Provider.

To better communicate to users what attributes will be shared by the identity provider with a service provider, PrivacyLens presents users with human-readable information without jargon. PrivacyLens shows the user only the information is necessary to understand the interaction, but provides additional detail if requested by the user. PrivacyLens allows users to select what attributes will be shared on a per-attribute basis, except for attributes that are required for the functionality of the service. PrivacyLens also gives users more control by providing an interface to audit previous visits and define which attributes will be sent to service providers on subsequent visits.

"Shibboleth is an open-source project that provides Single Sign-On capabilities and allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner." (Source: shibboleth.net)

"Shibboleth is a 'single-sign in', or logging-in system for computer networks and the Internet. It allows people to sign in, using just one 'identity', to various systems run by 'federations' of different organizations or institutions. The federations are often universities or public service organizations." (Source: Wikipedia)

uApprove allows users to view which kind of information is send from the identify provider to the service provider and it allows the user to view the information that is about to be sent to the Service Provider, and either continue or choose to browse elsewhere.

PrivacyLens provides added granularity to the uApprove approach. The user can decide which information is sent and which is not. A user could for example decide to send his name, but not his address. That gives the user the possibility to fine tune the information flow.