Privacy by Design: A Future-Focused Privacy Approach for Your Organisation
The constantly changing global privacy landscape may seem overwhelming. More jurisdictions are enacting increasingly robust consumer protections, while regulators are flexing their powers of enforcement through eye wateringly large fines – like the recent US$887 million fine given to Amazon under the GDPR, or the US$5 billion penalty paid by Facebook following the FTC enforcement action in 2019.
User-centric privacy approaches, like Privacy by Design, allow businesses to get ahead of the ever-changing legislative requirements. Here’s how:
What is Privacy by Design?
Privacy by Design (PbD) is a privacy approach created by former information and Privacy Commissioner of Ontario Ann Cavoukian, and related to the ‘security by design’ approach favoured by many security practitioners. ‘Privacy by design’ is based on 7 foundational principles (which we’ll dig into below) and serves to guide the implementation and mapping of common privacy principles and fair information practices, into all initiatives involving the use of personal data.
The reason the PbD framework is so well equipped to weather the barrage of changing consumer protections is that it was designed to “[significantly raise] the bar in the area of privacy protection”, setting the highest global standard, while being flexible and adaptable.
The 7 Privacy by Design Principles
1. Proactive not Reactive; Preventative not Remedial.
This principle asks organisations to anticipate and prevent poor privacy outcomes before they become an issue. It asks organisations to go beyond mere compliance, and to commit to creating demonstrably strong privacy practices.
By making designers, project managers, product developers and everyone involved in the activity think about privacy from the start, privacy is built into the process as opposed to being an add-on at the end of the process. Privacy protection becomes an integral part of the design and not a reaction to privacy concerns or a mitigation to remediate privacy risks identified at the end of the process.
2. Privacy as the default setting.
This principle asks organisations to design their privacy programs in such a way that user privacy is intact even if the user takes no action to protect it. We are already seeing a shift to privacy settings being turned on as part of the default configuration rather than a hard-to-find and difficult to operate option. In practical terms, organisations should limit collection to what is strictly necessary, minimise the identifiability and linkability of personal information, and reduce data sharing, wherever possible. And the functionality required to achieve those outcomes should be operating ‘out of the box.’
3. Privacy embedded into the design.
This principle relates to the IT infrastructure and internal practices of your organisation. It suggests that organisations build their networks, operational procedures, and technology planning with privacy in mind.
In practice, it means that privacy milestones need to be incorporated into every point in the design and production process, starting from the original concept. Better outcomes are ensured where privacy is an integral part of the design process rather than addressed as a compliance tick box just prior to release.
4. Full-functionality: positive-sum, not zero-sum.
This principle asks organisations to reframe privacy obligations and best practices to look for opportunities to create ‘win-win’ situations. Rather than seeing the support of privacy as a trade-off against usability, this principle asks users to look at ways to make privacy an additional feature.
A simple example is the creation of user dashboards, with icons and easy to understand explanations, that give users clear and simple options to control the way their personal data is used. Not only does this functionality support users’ ability to exercise their legal rights, it increases trust in the product by handing control back to users in a transparent and fair way.
5. End-to-end security – full lifecycle protection.
This principle requires that organisations opt for robust protections of personal information from the moment it is collected, until it is securely destroyed.
Let’s consider, for example, a mobile app that will collect health information about individuals.
Using privacy by design principles, the design of the mobile app must include consideration of how that health information will be secured during its full life cycle: from collection, storage on the mobile device, transmission to the mobile app owner, and for the entire term that the mobile app owner processes that data, right through to its deletion. Issues to be considered include what happens to the stored data during device updates and how can notice and consent to be secured via a device based mobile app.
6. Visibility and transparency – keep it open.
Visibility and transparency promote accountability, openness, and compliance. It empowers data subjects and other stakeholders to make informed decisions about how their personal data throughout its lifecycle.
Depending on the device used to collect data, transparency can be challenging. There are limits to the amount of information that can be provided on the screen of a smart watch or the face of a small medical device. This is where the privacy by design approach looks for alternative ways to provide maximum clarity around the processing of personal information. Common examples include sending the information via follow up emails or on the packaging.
7. Keep it user-centric.
This principle requests organisations to consider and prioritise the users’ interests in the development of its privacy program. Practical mechanisms like consent requests, easy access to personal information, and control over the collection, use and storage of personal information should be clear and transparent. Importantly, data subjects should be empowered to act in the management of their own data – instead of relying on regulators to enforce existing laws. This allows organisations to gather information and respond to consumer sentiment, and to access all the associated benefits.
Additionally, when designing the product or solution, a clear picture of the end user should be maintained. Relevant considerations might include:
- the average end user’s reading or comprehension level,
- what languages might be appropriate,
- whether information (if disclosed) might lead to discrimination, bias or other harm, and
- the interests of minorities or disabled users.
In designing your products and solutions, it is always good to keep a clear vision of your users and the potential harms that they may suffer, as well as the ways that you can ensure the most privacy-supportive outcomes for them.
Privacy by Design Training & Implementation
Privacy 108 provides specialist guidance and training for organisations looking to develop future-focused privacy programs.
We deliver the Certified Information Privacy Technologist training course, which includes detailed consideration of privacy by design. More information about our CIPT training is available here.
Our team can also help with the following:
- Creating and implementing Privacy by Design processes for your organisation
- Conducting privacy impact assessments
- Reviewing and updating your Privacy by Design policy
- Creating Privacy Checklists and other supporting collateral for your privcy by design program.
Your tailored privacy program will empower your organisation to champion privacy through education, awareness, and accountability. It will be flexible and designed to keep up with the rapidly changing global privacy landscape and consumer sentiment.
Reach out to find out more.