Privacy by design
Privacy by Design is an approach to systems engineering which takes privacy into account throughout the whole engineering process. The concept is an example of value sensitive design, i.e., to take human values into account in a well-defined manner throughout the whole process and may have been derived from this. The concept originates in a joint report on “Privacy-enhancing technologies” by a joint team of the Information and Privacy Commissioner of Ontario, Canada, the Dutch Data Protection Authority and the Netherlands Organisation for Applied Scientific Research in 1995.
- Proactive not reactive; Preventative not remedial
- Privacy as the default setting
- Privacy embedded into design
- Full functionality – positive-sum, not zero-sum
- End-to-end security – full lifecycle protection
- Visibility and transparency – keep it open
- Respect for user privacy – keep it user-centric
The seven foundational principles of Privacy by Design have been translated into over 30 languages. Germany released a statute (§ 3 IV TDDG) already in July 1997. In October 2010, regulators from around the world gathered at the annual assembly of International Data Protection and Privacy Commissioners in Jerusalem, Israel, and unanimously passed a resolution recognizing Privacy by Design as an essential component of fundamental privacy protection.
This was followed by the U.S. Federal Trade Commission’s recognition of Privacy by Design in 2012 as one of its three recommended practices for protecting online privacy in its report entitled, Protecting Consumer Privacy in an Era of Rapid Change – a major validation of its significance.
Data protection by Design has been incorporated into the European Commission plans to unify data protection within the European Union with a single law – the General Data Protection Regulation. However, since the latest proposal does not define or give references for definitions of either data protection by design or privacy by design, it is not clear what is meant by the concepts. There are some initiatives that try to address this issue like the OWASP Top 10 Privacy Risks Project for web applications that gives hints on how to implement privacy by design in practice.
Privacy by Design has been critiqued as "vague" and leaving "many open questions about their application when engineering systems." It has also been pointed out that Privacy by Design is similar to voluntary compliance schemes in industries impacting the environment, and thus lacks the teeth necessary to be effective, and may differ per company. In addition, the evolutionary approach currently taken to the development of the concept will come at the cost of privacy infringements because evolution implies also letting unfit phenotypes (privacy invading products) live until they are proven unfit. Some critics have pointed out that certain business models are built around customer surveillance and data manipulation and therefore voluntary compliance is unlikely.
Another criticism is that current definitions of privacy by design do not address the methodological aspect of system engineering, such as using decent system engineering methods, e.g., which cover the complete system and data life cycle. The concept also does not focus on the role of the actual data holder, but on that of the system designer. This role is not known in privacy law, so the concept of Privacy by Design is not based in law. This in turn undermines the trust by data subjects, data holders and policy makers.
Since the concept is part of active research and policy development, biases may occur in the definitions used. An example is the tendency of North American legislation to let business themselves work out what this concept should mean (evolutionary approach) while EU tends to take a more regulatory approach, although this has not yet instantiated in this case.
Much of the Privacy by Design research is directly related to one of nine key application areas:
- CCTV/surveillance cameras in mass transit systems
- Biometrics used in casinos and gaming facilities
- Smart meters and the smart grid
- Mobile devices & communications
- Near field communications (NFC)
- RFIDs and sensor technologies
- Redesigning IP geolocation data
- Remote Home Health Care
- Big data and data analytics
- Hes, R. "Privacy Enhancing Technologies: the path to anonymity".
- Hustinx, Peter. "Privacy by design: delivering the promises.".
- Cavoukian, Ann. "7 Foundational Principles" (PDF).
- Cavoukian, Ann. "PbD in 33 Languages".
- "Resolution on Privacy by Design" (PDF). 32nd International Conference of Data Protection and Privacy Commissioners (October 2010).
- "Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Business and Policy-makers." (PDF). FTC Report (March 2012).
- "REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation)". European Commissioner (January 2012).
- van Rest, Jeroen. "Designing Privacy by Design".
- "Engineering Privacy by Design" (PDF). Seda Gurses, Carmela Troncoso, and Claudia Diaz.
- "Privacy by Design: A Counterfactual Analysis of Google and Facebook Privacy Incidents". Ira Rubinstein and Nathan Good.
- Cavoukian, Ann. "Privacy and Video Surveillance in Mass Transit Systems: A Special Investigation Report." (PDF).
- Cavoukian, Ann. "Guidelines for the Use of Video Surveillance Cameras in Public Places" (PDF).
- "Privacy-Protective Facial Recognition: Biometric Encryption Proof of Concept." (PDF). Ann Cavoukian, and Tom Marinelli.
- "Biometric Encryption: A Positive-Sum Technology that Achieves Strong Authentication, Security AND Privacy" (PDF). Ann Cavoukian, and Alex Stoivanov.
- "Applying Privacy by Design Best Practices to SDG&E's Smart Pricing Program". Ann Cavoukian and Caroline Winn.
- "Privacy by Design: Achieving the Gold Standard in Data Protection for the Smart Grid" (PDF). Office of the Information and Privacy Commissioner of Ontario, Canada, Hydro One, and Toronto Hydro Corporation.
- "Building Privacy into Ontario's Smart Meter Data Management System: A Control Framework" (PDF). Office of the Information and Privacy Commissioner Ontario, Canada, and Independent Electricity System Operator.
- "The Roadmap for Privacy by Design in Mobile Communications: A Practical Tool for Developers, Service Providers, and Users" (PDF). Ann Cavoukian, and Marilyn Prosch.
- Cavoukian, Ann. "Mobile Near Field Communications (NFC) "Tap 'n Go" – Keep it Secure and Private" (PDF).
- Cavoukian, Ann. "Adding an On/Off Device to Activate the RFID in Enhanced Driver's Licences: Pioneering a Made-in-Ontario Transformative Technology that Delivers Both Privacy and Security" (PDF).
- "RFID and Privacy: Guidance for Health-Care Providers" (PDF). Office of the Information & Privacy Commissioner of Ontario, Canada, and Hewlett-Packard.
- Cavoukian, Ann. "Privacy Guidelines for RFID Information Systems (RFID Privacy Guidelines)" (PDF).
- "Redesigning IP Geolocation: Privacy by Design and Online Targeted Advertising" (PDF). Ann Cavoukian and Bering Media.
- "Sensors and In-Home Collection of Health Data: A Privacy by Design Approach" (PDF). Ann Cavoukian, Alex Mihailidis, and Jennifer Boger.
- "Remote Home Health Care Technologies: How to Ensure Privacy? Build It In: Privacy by Design" (PDF). Ann Cavoukian, David A. Hoffman, and Scott Killen.
- "Innovative Wireless Home Care Services: Protecting Privacy and Personal Health Information" (PDF). Office of the Information & Privacy Commissioner of Ontario, Canada, Research In Motion, Healthanywhere Inc. and MedShare.
- "Privacy by Design in the Age of Big Data" (PDF). Ann Cavoukian and Jeff Jonas.