Privacy by Design

• UNDER CONSTRUCTION*

Privacy by Design (PbD) is the practice of protecting privacy by means of processes, communication and technical measures as part of the software engineering design.

7 Fundamental principles in Privacy by Design

1. Proactive not reactive; Preventative not remedial
2. Privacy as the default setting
3. Privacy embedded into design
4. Full functionality – positive-sum, not zero-sum
5. End-to-end security – full lifecycle protection
6. Visibility and transparency – keep it open
7. Respect for user privacy – keep it user-centric

See also : [Principles of Privacy by Design] These are rather high level, principles. Let's try to make them concrete :

1. Proactive not reactive; Preventative not remedial. For instance, anonymization of test data
2. Privacy as the default setting. People using processes and frameworks protect privacy by default, no additional actions should be needed. As a counter example : Windows 10 has privacy settings that consumers have to enable, the settings violate privacy by default.
3. Privacy embedded into design. TBD
4. Full functionality – positive-sum, not zero-sum. TBD
5. End-to-end security – full lifecycle protection. TBD
6. Visibility and transparency – keep it open. TBD
7. Respect for user privacy – keep it user-centric. TBD

PET = Privacy Enhancing Technologies

PIA = Privacy Impact Assessment

PII = Personal Identifiable Information

Typical Privacy Anti-patterns

1. Late aggregation : sub-optimal use of data by only using derived data
2. Ask too much : using more data than is really used
3. Keep too long : privacy sensitive data can only be held for the timespan the owner has given permission for.
4. Scatter data : storing privacy sensitive data on several places makes it harder to keep data up to date, and clean when needed
5. Trust all colleagues : inside a company, compartimentalization might also be needed to protect privacy.

External Links

https://privacypatterns.org https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=pbd-se