Privacy by Design
The idea of “Privacy by Design” was first introduced in 1990’s by Ann Cavoukian the Information and Privacy Commissioner of Ontario from 1997 to 2014.
GDPR also has adopted it.
This is taking first principles approach.
Foundational Principles
The approach is based on seven foundational principles [http://www.ourcommons.ca/DocumentViewer/en/42-1/ETHI/report-12/page-36#5] :
- Proactive, not Reactive; Preventative not Remedial: The goal of privacy by design is to take preventative action by implementing measures to reduce the risk of privacy infractions.[198]
- Privacy as the Default Setting: The default setting for all products and services should be to protect personal information so that an individual’s privacy is automatically protected without any action being required by the individual.[199]
- Privacy Embedded into Design: The protection of personal information should be an integral part of information systems and business practices; it should not be an add?on.[200]
- Full Functionality – Positive-Sum, not Zero-Sum: Privacy by design should be considered a benefit; there should be no trade?offs with other features to achieve this goal.[201]
- End-to-End Security – Full Lifecycle Protection: The protection of personal information must extend throughout the system’s entire lifecycle.[202]
- Visibility and Transparency – Keep it Open: Transparency is important to ensure that systems and practices are truly able to protect user privacy; independent verification must always be possible.[203]
- Respect for User Privacy – Keep it User-Centric: Above all, privacy by design entails putting individuals’ interests first.[204]
Personal Data Types
- IP Address
- Email addresS
- Address
- Date of birth
- Religion
- Gender
- Personal lifestyle/affiliations
- Genetic
• Race
• Ethnicity
• Health information
• Etc.
Implementing “Privacy by Design”
The best way to implement “Privacy by Design” is to embed privacy requirements into your project delivery methodology. There are five phases of project delivery:
- Initiation
- Planning
- Execution
- Monitoring and Control
- Closure
Initiation Phase
- Identify soft and hard requirements
- Identify teams to engage
Planning Phase
- Purpose of data collection
- Which data elements need to be captured?
- Data classification
- Data retention
- Privacy Impact Assessment
- Ensure a Configuration Management Database is updated to ensure inventory is accurate
Execution Phase
- The inclusion of Data classification and Data retention into your data model
- How is consent being collected, it should be explicit
- Private data should be stored encrypted in transit and at rest
- Data subjects must be able to request following actions on their data, update, delete, move( ability to export data in a readable format)
- Data integrity is maintained all times
- Strict authentication & authorization controls are implemented
- In development code analysis is done to ensure code is secure
- Before system goes live, ensure penetration testing of the application is completed and any issues remediated.