The importance of ‘privacy’ has immeasurable ramifications for users of today’s digital age. As tech innovation leads us into 2018, and as we wait in anticipation of self-driven cars, autonomous planes, or intelligent bots using AI and machine learning, the Internet has also awakened to the significance and the criticality of safeguarding personal data, in other words protecting users’ privacy online. For instance, in 2017 there were 1,202 breaches in the 11 months alone, according to a report from the Identity Theft Resource Center. That’s up by 10 percent from the 1,093 breaches recorded during the entirety of 2016. It’s becoming more important for UX consultants and Product Designers to be aware of the ‘Privacy by Design’ (PbD) principles as an essential part of their UCD strategy which is entirely the aim of this article.
These alarming figures of online privacy breaches should drive our collective conscience at influencing authorities to enforce stricter regulations in developing digital data protection standards and making the entire system and practice of data collection safer and transparent, at the same time educating citizens on the practices of safe collection and storage of personally identifiable information and endowing user privacy its due importance because the next data breach could just be an accident that’s waiting to happen. In that regards, measures have been adopted by the European Union (EU) which promulgated a law seeking to protect the collection and export of personally identifiable data thereby giving individuals complete control over data privacy. It’s called the General Data Protection Regulation or GDPR which will be enforced by countries across the EU beginning 25 May 2018 although we need to look closely at the foundational principles of PbD.
Before going any further into this topic, it’s imperative to understand the definition of Sensitive Personal Data.
[perfectpullquote align=”right” bordertop=”false” cite=”” link=”” color=”” class=”” size=””]Sensitive Personal Data is…
Any private data which is identifiable with or relates to the individual such as names, birthdays, addresses, racial or ethnic origin, political, religious or philosophical beliefs, physical or mental health data, sexual orientation or sexual lifestyle, details of criminal offences, and even genetic information.[/perfectpullquote]
The EU’s GDPR
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation through which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also seeks to address the export of personal data outside the EU, with the overarching aim of handing over the control of the personal data back to the citizens and residents of EU besides simplifying regulations for international business. The processing of any data collected is also subject to legally binding clauses and explicit consent from the individual is necessary in order to move forward. Thus far any organization which collected personal data in the EU abides by the Data Protection Directive (DPD) that’s in place since 1995. In short, if it’s personal data of an EU citizen in the EU then it’s protected by the DPD.
In the case of the GDPR, the regulations apply to ‘controllers’ and ‘processors’ which are handling the personal data of European citizens. A ‘controller’ decides how and why personal data is processed, while a ‘processor’ conducts the actual processing of the data. Summarily, organizations could face very strict fines in cases of non-compliance with GDPR. Now, the most critical pieces of legislation in the GDPR is that it defines ‘Privacy by Design’ along with ‘Privacy by Default’ through article 25, which in essence concludes, that companies who handle and process data will now be obliged to consider data privacy during the design phases of all projects throughout the lifecycle of the relevant data process. A prime example would be visiting a webpage or using any IoT device or mobile app where the citizens’ ability to communicate with the servers while leaking personally identifiable information could be achieved without the knowledge of the individual.
Principles of Privacy by Design
Privacy by Design is not just about data protection but designing of systems in a way so that data doesn’t need protection. It’s based on the root principle of enabling services without the data control transferring from the citizen to the system, wherein the citizen becomes identifiable or recognizable. It’s imperative to comprehend the relationship of ‘privacy’ with ‘design’ from the view of the citizens providing such data, the implementation of which also relies a lot on the application, technologies, as well as the approaches.
While at Microsoft, computer scientist Kim Cameron made the initial breakthrough in drafting the principles of ‘privacy by design’ with his 7 ‘Laws of Identity’, they were subsequently rephrased into a framework as the “The 7 Foundational Principles” by the former Information and Privacy Commissioner for the Canadian province of Ontario, Dr Ann Cavoukian:
[perfectpullquote align=”right” bordertop=”false” cite=”” link=”” color=”” class=”” size=””]Proactive not reactive; Preventative not Remedial –
PbD is meant to anticipate and prevent invasive events on the user’s privacy before they occur. It does not offer remedies for resolving privacy infractions once they have occurred, rather its aim is to prevent them.[/perfectpullquote]
[perfectpullquote align=”right” bordertop=”false” cite=”” link=”” color=”” class=”” size=””]Privacy as the default setting –
PbD seeks to deliver the maximum level of privacy by ensuring that personal data is automatically protected in any given system or business practice. It is built into the system by default and no action is required by any individual to protect their privacy.[/perfectpullquote]
[perfectpullquote align=”right” bordertop=”false” cite=”” link=”” color=”” class=”” size=””]Privacy Embedded into design –
PbD is embedded into the design and architecture of IT systems and business practices, which makes it an essential component of the core functionality being delivered. Privacy is integral to systems and does not diminish the functionality of the process.[/perfectpullquote]
[perfectpullquote align=”right” bordertop=”false” cite=”” link=”” color=”” class=”” size=””]Full functionality – Positive-Sum, not Zero-Sum –
PbD seeks to accommodate all legitimate interests and objectives in a positive-sum manner, not through a dated, zero-sum approach, where unnecessary trade-offs are made. Privacy by Design demonstrates that it is possible to have privacy and security together.[/perfectpullquote]
[perfectpullquote align=”right” bordertop=”false” cite=”” link=”” color=”” class=”” size=””]End-to-end security – Full Lifecycle Protection –
Prior to gathering the first bits of information, PbD is embedded into the system and later extends securely throughout the entire lifecycle of the data involved. Strong security measures from start to finish ensuring that data is securely retained or destroyed at the end of the process, in a time-bound fashion.[/perfectpullquote]
[perfectpullquote align=”right” bordertop=”false” cite=”” link=”” color=”” class=”” size=””]Visibility and Transparency – Keep it Open –
PbD seeks to assure every stakeholder that whatever the business practice or technology involved, it is, in fact, operating according to the stated promises and objectives, subject to independent verification. The components and operations remain visible and transparent to users and providers alike.[/perfectpullquote]
[perfectpullquote align=”right” bordertop=”false” cite=”” link=”” color=”” class=”” size=””]Respect for user privacy – Keep it User-Centric –
PbD keeps it ‘user-centric’ by requiring architects and operators to keep the interests of individuals at the forefront by offering measures such as strong privacy defaults, appropriate notice, and empowering user-friendly options.[/perfectpullquote]
The principles of PbD extend to 3 encompassing applications which include IT systems, accountable business practices, and physical design and network infrastructure, ensuring that any personal data which is sensitive in nature such as medical records and financial information must be strictly handled with vigour. In short, the objectives of PbD principles is to ensure privacy and enabling personal control over one’s information.
Privacy Legislation in Canada
Canada has two federal privacy laws, the Privacy Act, and the Personal Information Protection and Electronic Documents Act (or PIPEDA), the former covers personal information handling practices of federal government departments and agencies, while PIPEDA lays the groundwork on how the private-sector organizations could collect, use or disclose personal information in the course of commercial activities across Canada. There are other provincial privacy laws such as Alberta’s ‘Personal Information Protection Act’, British Columbia’s ‘Personal Information Protection Act’, and Quebec’s ‘An Act Respecting the Protection of Personal Information in the Private Sector’. Apart from the federal laws, the Canadian provinces of Ontario, New Brunswick, and Newfoundland and Labrador have passed individual privacy legislation that applies to sensitive personal data such as health information with respect to safeguarding sensitive health information, some also apply to protecting employee information. The website of the Office of the Privacy Commissioner of Canada carries comprehensive information on all the respective privacy laws.
While researching on the topic, I came across a certification program offered by the Privacy by Design Centre for Excellence at the Ryerson University and is based on the 7 Foundational Principles of PbD created by Dr Ann Cavoukian.
In Conclusion
Reiterating my earlier views, that Privacy by Design is not about data protection but designing so data doesn’t need protection. In other words, it proactively seeks to embed privacy into the design specifications of IT systems, networked infrastructure, and business practices. The advent of digital transformation and the social networking ecosystem in the era of a globalised market economy has resulted in the increased flow of information sharing and storing of personal data, some of which is extremely sensitive in nature. Clients, and indeed the users, have to be reassured of the security of any tools that undertake such a transaction, storage, and processing of personal data which might put an individual’s identity at risk. The principles of Privacy by Design ensure that the vulnerabilities and loopholes of such systems and business practices are proactively identified and duly settled to secure sensitive data and that the ensuing policy of privacy enhancement could be certified against a global standard and documented for future reference by stakeholders. This would not only boost a brand’s trust and image in the market but also hike customer confidence for the product thus giving them a considerable competitive advantage. An organization which undertakes the business of digital products and services would immensely benefit by adopting a methodology of PbD laws influencing a culture of respect for users’ privacy while balancing innovation with design and technology.
References:
