DATA-CLASSIFICATION — 4-Tier Data Classification (Rule 23)¶
Status: live · Version: 1.0.0 · Camada: 8
Purpose¶
Every data element handled by the system is classified into one of 4 tiers. The tier determines who can access, how it's stored, how long it's kept, and how it's logged.
The 4 tiers¶
Tier 0 — Public¶
Examples: marketing copy, public PRD excerpts, README, open-source code. - No access controls - May be cached anywhere - Logged with no PII risk - Retention: indefinite
Tier 1 — Internal¶
Examples: internal docs, project plans, code in private repos, agent prompts. - Authenticated access only - May be cached inside DPA boundary - Logged with capsule/agent context - Retention: until project retirement + 1 year
Tier 2 — Confidential¶
Examples: customer business data (non-PII), API keys (rotation managed), commercial terms. - Authenticated + authorized access (need-to-know) - Encrypted at rest + in transit - Logged with elevated audit (Rule 24) - Retention: per contract; typically 1–7 years
Tier 3 — Restricted¶
Examples: PII (name, email, ID), payment data, health data, secrets, biometrics. - Authenticated + authorized + audited access - Encrypted at rest (per regulation) + TLS in transit - Every access emits audit event (Rule 24) - Retention: minimum per regulation; tagged for deletion - NEVER in LLM context unless DPA-covered AND lawful basis declared
Tagging¶
Every artifact has a data_classification field (default: Tier 1). Capsules carry the highest tier they touch.
artifact:
data_classification: 2 # Tier 2 = Confidential
classification_basis: 'contains customer pricing'
classified_by: data-engineer-specialist
classified_at: '2026-05-23T10:00:00Z'
Rules per tier¶
| Operation | Tier 0 | Tier 1 | Tier 2 | Tier 3 |
|---|---|---|---|---|
| Read | any agent | authenticated | role-based | role-based + logged |
| Write | controlled | controlled | encrypted | encrypted + audit + dual-control |
| LLM context | yes | yes | only sanitized | NO (refs only) |
| Marketplace skill | yes | yes (no Tier-2 in input) | NO | NO |
| Cross-region | yes | yes | residency check | residency check |
| Logged in plain | yes | yes | hashed | hashed |
Reclassification¶
Down-classification (Tier 3 → Tier 2): only via approved sanitization step (e.g., pseudonymization). Logged as a data-flow event.
Up-classification: instant, any agent may up-classify on discovery of sensitive content.
Failure modes¶
| Mode | Action |
|---|---|
| Tier-3 leaks to Tier-1 location | INCIDENT SEV1; DATA-BREACH-RESPONSE |
| Misclassification | corrective FIX + audit log review |
| Agent processes Tier-3 without permission | HALT; INCIDENT |
Cross-references¶
- PRIVACY-CONSTITUTION (sibling, C8) — Principle 5 reinforces tiering
- AGENT-PERMISSIONS (sibling) — per-tier access rules per agent
- AUDIT-LOG (sibling) — what's logged per tier
- DATA-RETENTION (sibling) — retention per tier
- PII-HANDLING (sibling) — Tier 3 specific procedures