A new paper, “Privacy Engineering: Proactively Embedding Privacy, by Design,” discusses the idea of ensuring privacy is a part of a system or technology from the beginning. The paper is by Ann Cavoukian, Information and Privacy Commissioner, Ontario, Canada; Stuart Shapiro, MITRE Corporation; and R. Jason Cronk, Enterprivacy Consulting Group. Here’s the introduction:
Information management is a booming profession. The collection, use and disclosure of personally identifiable information (“PII”) by organizations of all types around the world have grown dramatically in the past decade, along with the value of PII and the need to manage it responsibly. The enduring confidence of individuals, businesses, and regulators in organizations’ data handling practices is a function of their ability to express core privacy commitments and requirements, which also promote efficiencies, innovation, and competitive advantages. Privacy is indeed good for business.
In response, we have seen the emergence, rapid rise, and professionalization of the corporate privacy officer tasked with applying Fair Information Practice Principles (FIPPs) and other international privacy standards such as the Privacy by Design Framework. Privacy by Design Foundational Principles serve as an overarching framework for inserting privacy and data protection early, effectively and credibly into information technologies, organizational processes, networked architectures and, indeed, entire systems of governance and oversight. PbD seeks to raise the bar for privacy by promoting enhanced accountability and user trust.
If Privacy by Design provides the “what” to do, then privacy engineering provides the “how” to do it. While the term privacy engineering has been around since at least 2001, only in the past few years has it come into common usage in the privacy professionals’ community. In the last two years positions for privacy engineers have begun to be advertised, and in Fall of 2013, Carnegie Mellon introduced its new program, a one-year Masters of Computer Science – Privacy. As Lorrie Faith Cranor describes the role, “[a] privacy engineer is someone who understands the engineering and the privacy sides and works out strategies that allow people to protect privacy without getting in the way of building cool things.”
This paper is by no means exhaustive. A full treatment of privacy engineering would be voluminous. It begins with an introduction as to what privacy engineering entails, an acknowledgement that privacy is not strictly a technical concept (i.e. requires multidisciplinary considerations), and a look into how a privacy engineer approaches risks and risk analysis. Next, the broad classes of mitigating controls are considered. Finally, we briefly examine trade-offs; not between privacy and functional requirements, but rather against other considerations (costs, performance, etc.), and between the privacy implications of differing systems implementations.