A privilege rule only defines a name. It doesn't convey any capabilities to any user until you associate it with an object (flow, flow action, report definition, etc.) and an access role.
On the Access Manager's Privileges tab you can create, review, and modify privileges for users with different roles to access specific objects of a case and data types.
The source for the list of privileges is the data page D_PrivilegeList. By default the data page uses a report definition to return the list of privileges in the current application.