Although privacy may not have been a major topic a few years ago, it is one the most important concepts in Information security. Personal and professional information are all over the Internet thanks to the explosion of social media and mobile apps. The primary goal of privacy by design is to make privacy an integral part of every networked technology and system, organizational policy, design process and planning operations, right from the design stage, for any organization.
Can the concept of privacy be far behind, with most security concepts being adopted at the design stage? Privacy by design’s seven foundational principles wrap privacy into every protocol, policy, and device, making privacy protection strong and robust.
A proactive approach, not a reactive one
The first principle of privacy by design states that privacy should be proactive and not reactive. This proactive approach prevents privacy risks from happening. This proactive approach, for example, ensures that data breaches do not occur.
The first principle of PbD doesn’t offer any remedial measures in the event that privacy breaches occur. This ensures privacy practices are well-thought out and designed to minimize risks. This means that:
The higher authorities are committed to the proactive privacy approach.
All parties and users agree to respect privacy.
Poor privacy designs can be anticipated and rectified before the proactive PbD approach is initiated
Privacy as the default setting
Data is being called the new oil. It is keeping the Internet and many multinational companies running. The Internet runs on many innocent users’ data. Privacy and security settings are often at their lowest levels, and must be adjusted accordingly.
The second principle of PbD is that Privacy should be set at the maximum level possible in a default setting. This ensures that personal data of individuals is protected and that privacy settings are maintained to the highest level.
Privacy by default’ is in accordance with Fair Information Practices (FIPs) which include:
The purpose of data collection and storage should be explained to the user
Only collect data if it is absolutely necessary.
The collection of personal identifying information should be limited to a minimum
Personal information should not be used for purposes other than those stated. It should be kept for the specified period of time only and then destroyed.
If the purpose of using personal information is unclear, default privacy settings will be applied
Design must include privacy.
The third principle of PbD is that privacy must be integrated into every technology, architecture, or operation of a system. Privacy should not be left to the last minute and should be considered in every phase of the system’s design. Fair information practices are recommended.
It should also be integrated in the design phase of the system following the various frameworks and standards in a holistic, creative and integrative manner. External reviews and audits should be performed.
Privacy risk assessments should also be done. These should include a list of privacy risks and measures taken to mitigate them.
Privacy should be a positive-sum and not zero-sum approach to privacy
The fourth principle of PbD is that privacy must be considered when designing a system. This is also known as the “positive sum” approach, which is exactly the opposite of the “zero sum” approach.
Positive-sum approaches embrace all legitimate non-privacy goals.