Privacy Technologies and Policy

Existing work on privacy by design mostly focus on technologies rather than methodologies and on components rather than architectures. In this paper, we advocate the idea that privacy by design should also be addressed at the architectural level and be associated with suitable methodologies. Among other benefits, architectural descriptions enable a more systematic exploration of the design space. In addition, because privacy is intrinsically a complex notion that can be in tension with other requirements, we believe that formal methods should play a key role in this area. After presenting our position, we provide some hints on how our approach can turn into practice based on ongoing work on a privacy by design environment.

[1]  Carmela Troncoso,et al.  Engineering Privacy by Design , 2011 .

[2]  Wynne W. Chin The partial least squares approach for structural equation modeling. , 1998 .

[3]  Jos Dumortier,et al.  The Accountability Principle in Data Protection Regulation: Origin, Development and Future Directions , 2011, Managing Privacy through Accountability.

[4]  C. Fornell,et al.  Evaluating structural equation models with unobservable variables and measurement error. , 1981 .

[5]  Claudia Diaz,et al.  Hero or Villain: The Data Controller in Privacy Law and Technologies , 2013 .

[6]  George Danezis,et al.  Privacy-preserving smart metering , 2011, WPES '11.

[7]  Charles D. Raab The Meaning of 'Accountability' in the Information Privacy Context , 2012, Managing Privacy through Accountability.

[8]  Luc Bouganim,et al.  Secure personal data servers , 2010, Proc. VLDB Endow..

[9]  Paul De Hert Accountability and System Responsibility: New Concepts in Data Protection Law and Human Rights Law , 2012, Managing Privacy through Accountability.

[10]  James A. Landay,et al.  Development and evaluation of emerging design patterns for ubiquitous computing , 2004, DIS '04.

[11]  Fred H. Cate,et al.  Data Protection Principles for the 21st Century , 2013 .

[12]  S. Gutwirth,et al.  Privacy, Data Protection and Law Enforcement. Opacity of the Individual and Transparency of Power , 2022, Direito Público.

[13]  Antonio Kung ICT and Privacy: Barriers , 2012, APF.

[14]  Antonio Kung,et al.  Privacy-by-design in ITS applications , 2011, 2011 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks.

[15]  Marko Sarstedt,et al.  PLS-SEM: Indeed a Silver Bullet , 2011 .

[16]  James A. Hendler,et al.  Information accountability , 2008, CACM.

[17]  Carmela Troncoso,et al.  PrETP: Privacy-Preserving Electronic Toll Pricing , 2010, USENIX Security Symposium.

[18]  Anton Meyer,et al.  Theorien und Methoden der Betriebswirtschaft : Handbuch für Wissenschaftler und Studierende , 2009 .

[19]  Andrew Clement,et al.  “I'll be watching you”: Awareness, consent, compliance and accountability in video surveillance , 2013, 2013 IEEE International Symposium on Technology and Society (ISTAS): Social Implications of Wearable Computing and Augmediated Reality in Everyday Life.

[20]  Luc Bouganim,et al.  Restoring the Patient Control over Her Medical History , 2008, 2008 21st IEEE International Symposium on Computer-Based Medical Systems.

[21]  Colin J. Bennett The Accountability Approach to Privacy and Data Protection: Assumptions and Caveats , 2012, Managing Privacy through Accountability.