Privacy by Design incorporates privacy from the planning stage rather than tacking it on at the end.
What is privacy, REALLY?
What is 'Privacy by Design'?
A number of recent initiatives in Australia have included Privacy by Design as part of more comprehensive strategies to respect privacy. These include the health identifier being issued for all Australians.
Since then, Privacy by Design has come up again in the debate about Facebook and privacy, with regulators asking questions and a court case in Canada. It was the subject of a short segment on the Channel 7 Morning show earlier in July which you can see (after a short ad) at "
Facebook privacy policy poked".
The jury might be out, but in my view Privacy by Design is not an oxymoron. It does take a clear mind and persistence to achieve, with rewards for all, including the financial bottom line. But we have more to do!
Malcolm Crompton is Managing Director of Information Integrity Solutions (IIS), a globally connected company that works with public sector and private sector organisations to help them build customer trust through respect for the customer and their personal information. He was also foundation President of the International Association of Privacy Professionals, Australia New Zealand, www.iappANZ.org.
Printer-friendly version
Comments
Privacy by Design
A great presentation. I particularly appreciate your "what is" and "what is not privacy", as it shows that all four comments on privacy presented by these four gentlemen on your first slide are beside the point.
Nevertheless, how good the thinking is on the principles and the excellent examples that demonstrate how it can be done, I feel that the real issue is the ref to Peter Hustinx's remark: "we need to operationalise the concept". Indeed we now need to work on methods and tools that are generic enough to be usable, incl. tools for system designers and software developers. Such efforts using security patterns were done in the SERENITY project led by SAP. Maybe similar things can be done for privacy.
Jacques Bus
Jacques - many thanks for the
Jacques - many thanks for the observations and the kind remarks.
Peter Hustinx is absolutely right. That plus ensuring that there are sufficient incentives to seek out and then deply the operationalisation.
I would be interested to know more about the SERENITY project: I am sure that we are exposed to the risk of re-inventing the wheel if we don't look at how similar problems have been addressed in other scenarios.
Interestingly, it could possibly be the 'next step' that the initiatives by Ann Cavoukian at www.privacybydesign.ca/ could usefully address.
Malcolm
Designing software with privacy in mind
Although, unfortunatley, I didn't see the presentation, I am totally in agreement with the concept of using privacy as a variable when designing technology.
Privacy is a human right and not an afterthought.
If software designers do not take privacy into account when designing a product, then retro fitting it at a later date (say for example when legislation catches up and dictates that it be included) will be costly both in development and customer satisfaction terms, so software designers and architects should be made more aware of this initiative.
Susan Morrow
Head of R&D Avoco Secure