Privacy by Design and the EU DP Framework

In the last weeks I participated in various session at CPDP 2011 in Brussels and in a Workshop on online privacy in Dagstuhl. One recurring subject was the issue on Privacy by Design in the context of the thinking on the revision of the European Data Protection Framework.

“Privacy by design” was first developed by Ann Cavoukian (see for example  as a broad conceptual framework based on seven “foundational principles” of fair information practices (FIPPs) in information technologies, processes and systems.  These principles are given in above reference and can be summarised by the following key phrases:

  • Data Minimization
  • Individual Participation
  • Security
  • Accountability
  • Pro-activity and prevention
  • Embed in design of systems/products
  • Full functionality and application of FIPPs

Thinking about these discussions a bit further I came to the conclusion that applying these principles can be done through three approaches:

  1. a-priori specifying requirements for the Software life cycle and system design methodology (the technology approach)
  2. through ex-post evaluation based on the outcomes rather than the process (the consumer protection approach)
  3. mandating state-of-the-art technology use (the provider liability approach).

All three of these have problems.

 The first one is too technology dependent and will likely create regulation that will quickly be bypassed by new technology. Although it can certainly be useful that design and development platforms include toolkits that help the technologists to design and develop with privacy in mind, this will be sector and culture dependent.

The second requires the formulation or definition of what exactly has to be protected. There are nevertheless good examples of consumer protection in Europe. This can be based on consent in certain situations, but also in outlawing certain practices completely.

The third approach is being used in many engineering disciplines. If the product (house, bridge, or ICT system) is not build according to state-of-the-art technology and best practices as judged by experts in the discipline, then the builder is liable for the harm done if the product is dysfunctional. The concept of “harm done” is again something that can not be universally defined, but should be judged in context.

It is clear that all three approaches will be needed in proper balance. However, only the last two seem to have a chance at the regulatory level. Nevertheless, if the focus is on consumer protection and liability of providers, then the system and service providers will be forced to develop a technology approach that is satisfactory.

I look forward to the discussions and the eventual outcome on this rather thorny but highly relevant problem.


About digitrusteu
Independent consultant in the area of Trust and ICT. Secretary General of Digital Enlightenment Forum VZW, Belgium Formerly Head of Unit at the European Commission, ICT Progamme, Trust and Security

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: