Support for embedding privacy into systems from the outset – the essence of Privacy by Design (PbD) – is increasingly well-established, and PbD is now being applied by leading organizations developing cutting-edge applications.
Significant projects in nascent areas such as the Smart Grid, Biometric Facial Recognition, precise IP geolocation, and a variety of mobile applications are demonstrating innovative applications of the principles of Privacy by Design, paving a way forward for others.
There is no longer any question that tackling privacy issues upfront, and embedding privacy protections directly into new systems, processes, and architectures, is optimal from both a privacy and a business perspective. Indeed, most businesses are no longer asking “why should we do this?” but rather “how do we do it?” This is great news for PbD.
The reality, however, is that it is not always possible to embed privacy directly from the outset. Most organizations are operating in the context of existing, relatively mature IT systems and businesses practices, which they evolve over time as business or other needs dictate. Replacing such legacy systems, particularly if they generally continue to meet the organization’s primary business needs, is often not on the agenda. So how can organizations that want to improve their commitment to privacy proceed?
The 7 Foundational Principles of Privacy by Design represent the gold standard in the protection of personal information. As such, they are as relevant to established legacy systems as they are to nascent ones. Clearly, since legacy systems are already in existence, the principles cannot be embedded from the outset. They can, however, be applied to existing systems – information technologies, business practices, physical design, and infrastructure – through Privacy by ReDesign (PbRD) – an extension of PbD.
As business systems evolve, windows of opportunity open, making it possible to implement or improve privacy protection in existing aspects of the system, or to make choices about new system components that support responsible information management practices and render privacy the default condition. Just as PbD challenges organizations to think creatively about how all system objectives – including privacy – can be met from the outset, PbRD challenges them to identify and act on opportunities to improve privacy practices going forward based on where they are today.
This process is captured in the 3 R’s of Privacy by ReDesign: Rethink, Redesign, and Revive.
Rethinking invites organizations to look at their risk mitigation strategies, legacy systems, and processes – including information technologies, business practices, physical design, and infrastructure – and consider modified or alternative approaches that are more privacy protective. This may include revisiting assumptions about how much personal information is necessary for the system to operate effectively, and how long it needs to be kept in identifiable form.
Redesigning provides an opportunity to enable or implement improvements in how the system functions from a privacy perspective, while also ensuring that it continues to achieve key business requirements in a doubly-enabling, positive-sum, win/win relationship.
Reviving the system in a new, privacy-protective way is the goal!
Rethinking, Redesigning, and Reviving systems and their components may involve measures that range from the simple to the complex, and can include policy, operational, technology, or management changes. Changes such as revisiting database permissions, for example, or enabling access logging features, can make a profound difference in the extent to which personal information is accessed and used within an organization, improving both privacy and security. Similarly, a review of data retention policies can result in secure destruction of records that no longer serve a business purpose, reducing the burden of care.
Recently, my office and the Arizona State University’s Privacy by Design Research Lab announced plans to promote research in this area and drive the development of practical tools that support meaningful implementation of privacy in legacy systems, including those that leverage existing management processes by extending them to include privacy considerations. We invite industry leaders and experts to participate in the development of tools and resources such as Privacy Impact Assessments, Risk Management Frameworks, IT Security tools, maturity models, Project Management instruments, best practices, and success stories.
While full implementation of the principles of Privacy by Design, ideally at the outset, is the end state for which we strive, perfection must not stand in the way of progress.
I expect to see a lot of activity in this area over the coming months. Check www.privacybydesign.ca for regular updates.