Privacy and Data Protection by Design - from policy to engineering

Privacy and data protection constitute core values of individuals and of democratic societies. There have been decades of debate on how those values -and legal obligations- can be embedded into systems, preferably from the very beginning of the design process. One important element in this endeavour are technical mechanisms, known as privacy-enhancing technologies (PETs). Their effectiveness has been demonstrated by researchers and in pilot implementations. However, apart from a few exceptions, e.g., encryption became widely used, PETs have not become a standard and widely used component in system design. Furthermore, for unfolding their full benefit for privacy and data protection, PETs need to be rooted in a data governance strategy to be applied in practice. This report contributes to bridging the gap between the legal framework and the available technological implementation measures by providing an inventory of existing approaches, privacy design strategies, and technical building blocks of various degrees of maturity from research and development. Starting from the privacy principles of the legislation, important elements are presented as a first step towards a design process for privacy-friendly systems and services. The report sketches a method to map legal obligations to design strategies, which allow the system designer to select appropriate techniques for implementing the identified privacy requirements. Furthermore, the report reflects limitations of the approach. It concludes with recommendations on how to overcome and mitigate these limits.

[1]  Manfred Tscheligi,et al.  A Pattern Collection for Privacy Enhancing Technology , 2010 .

[2]  Josep Domingo-Ferrer,et al.  User-private information retrieval based on a peer-to-peer community , 2009, Data Knowl. Eng..

[3]  Andreas Pfitzmann,et al.  Datenschutz-Schutzziele — revisited , 2009, Datenschutz und Datensicherheit - DuD.

[4]  Jordi Herrera-Joancomartí,et al.  Preserving user's privacy in web search engines , 2009, Comput. Commun..

[5]  Naganand Doraswamy,et al.  Ipsec: the new security standard for the internet , 1999 .

[6]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[7]  Martin Rost,et al.  Privacy By Design und die Neuen Schutzziele , 2011, Datenschutz und Datensicherheit - DuD.

[8]  Dear Mr Sotiropoulos ARTICLE 29 Data Protection Working Party , 2013 .

[9]  Josep Domingo-Ferrer,et al.  A Provably Secure Additive and Multiplicative Privacy Homomorphism , 2002, ISC.

[10]  Kai Rannenberg Recent Development in Information Technology Security Evaluation - The Need for Evaluation Criteria for Multilateral Security , 1993, Security and Control of Information Technology in Society.

[11]  O. Roeva,et al.  Information Hiding: Techniques for Steganography and Digital Watermarking , 2000 .

[12]  Jaap-Henk Hoepman,et al.  Privacy Design Strategies (extended abstract) , 2014 .

[13]  Peter Sommerlad,et al.  Pattern-Oriented Software Architecture Volume 1: A System of Patterns , 1996 .

[14]  Michael Carl Tschantz,et al.  Formal Methods for Privacy , 2009, FM.

[15]  Tom Fawcett,et al.  Combining Data Mining and Machine Learning for Effective User Profiling , 1996, KDD.

[16]  Melanie Volkamer,et al.  On the security, privacy and usability of online seals : An overview , 2013 .

[17]  U Moeller,et al.  Mixmaster Protocol Version 2 , 2004 .

[18]  Josep Domingo-Ferrer,et al.  Practical Data-Oriented Microaggregation for Statistical Disclosure Control , 2002, IEEE Trans. Knowl. Data Eng..

[19]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2002, Journal of Cryptology.

[20]  Josep Domingo-Ferrer,et al.  Differential privacy via t-closeness in data publishing , 2013, 2013 Eleventh Annual Conference on Privacy, Security and Trust.

[21]  Vina Lomte,et al.  Nymble: Blocking Misbehaving Users In Anonymizing Networks , 2014 .

[22]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[23]  Chris J. Mitchell,et al.  Addressing privacy issues in CardSpace , 2007, Third International Symposium on Information Assurance and Security.

[24]  Zhe Xia,et al.  PrÊt À Voter: a Voter-Verifiable Voting System , 2009, IEEE Transactions on Information Forensics and Security.

[25]  Dieter Gollmann,et al.  ICT Systems Security and Privacy Protection , 2015, IFIP Advances in Information and Communication Technology.

[26]  Helen Nissenbaum,et al.  Trackmenot: Resisting Surveillance in Web Search , 2015 .

[27]  Paul F. Syverson,et al.  Onion routing , 1999, CACM.

[28]  Riccardo Bettati,et al.  On Flow Correlation Attacks and Countermeasures in Mix Networks , 2004, Privacy Enhancing Technologies.

[29]  E. Gaygısız,et al.  The Organisation for Economic Co-operation and Development (OECD) , 2022 .

[30]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[31]  Tobias Pulls,et al.  How can Cloud Users be Supported in Deciding on, Tracking and Controlling How their Data are Used? , 2013, Privacy and Identity Management.

[32]  George Danezis,et al.  Mixminion: design of a type III anonymous remailer protocol , 2003, 2003 Symposium on Security and Privacy, 2003..

[33]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[34]  Josep Domingo-Ferrer,et al.  A Critique of k-Anonymity and Some of Its Enhancements , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[35]  Frank Stajano,et al.  The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes , 2012, 2012 IEEE Symposium on Security and Privacy.

[36]  Daniel Le Métayer,et al.  Privacy by Design: From Technologies to Architectures - (Position Paper) , 2014, APF.

[37]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[38]  Herbert Burkert,et al.  Some Preliminary Comments on the DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. , 1996 .

[39]  Josep Domingo-Ferrer,et al.  Statistical Disclosure Control , 2012 .

[40]  Seda F. Gürses Can you engineer privacy? , 2014, CACM.

[41]  Daniel Le Métayer,et al.  IT Security Analysis Best Practices and Formal Approaches , 2007, FOSAD.

[42]  Marit Hansen,et al.  Data Protection by Default in Identity-Related Applications , 2013, IDMAN.

[43]  Erik Wästlund,et al.  Towards Usable Privacy Policy Display & Management for PrimeLife , 2012, Inf. Manag. Comput. Secur..

[44]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[45]  Mihir Bellare,et al.  Forward Integrity For Secure Audit Logs , 1997 .

[46]  Josep Domingo-Ferrer A New Privacy Homomorphism and Applications , 1996, Inf. Process. Lett..

[47]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[48]  Hans Hedbom,et al.  A Survey on Transparency Tools for Enhancing Privacy , 2008, FIDIS.

[49]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[50]  Philippe Kruchten,et al.  An Ontology of Architectural Design Decisions in Software-Intensive Systems , 2004 .

[51]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[52]  Vinod Vaikuntanathan,et al.  On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption , 2012, STOC '12.

[53]  Charalampos Papamanthou,et al.  Dynamic searchable symmetric encryption , 2012, IACR Cryptol. ePrint Arch..

[54]  Maarten H. Everts,et al.  Designing Privacy-by-Design , 2012, APF.

[55]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .

[56]  Martin Rost Standardisierte Datenschutzmodellierung , 2012, Datenschutz und Datensicherheit - DuD.

[57]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[58]  Marti A. Hearst,et al.  Why phishing works , 2006, CHI.

[59]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[60]  Bpf Bart Jacobs Select before you Collect , 2005 .

[61]  Nick Mathewson,et al.  Anonymity Loves Company: Usability and the Network Effect , 2006, WEIS.

[62]  Carmela Troncoso,et al.  Traffic Analysis Attacks on a Continuously-Observable Steganographic File System , 2007, Information Hiding.

[63]  Frank Stajano,et al.  The Cocaine Auction Protocol: On the Power of Anonymous Broadcast , 1999, Information Hiding.

[64]  Wouter Joosen,et al.  A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements , 2011, Requirements Engineering.

[65]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[66]  Josep Domingo-Ferrer,et al.  Rational behavior in peer-to-peer profile obfuscation for anonymous keyword search: The multi-hop scenario , 2012, Inf. Sci..

[67]  Marit Hansen,et al.  Marrying Transparency Tools with User-Controlled Identity Management , 2007, FIDIS.

[68]  R. Posner The Federal Trade Commission , 1969 .

[69]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.1 , 2006, RFC.

[70]  Brent Waters,et al.  Building an Encrypted and Searchable Audit Log , 2004, NDSS.

[71]  Lorrie Faith Cranor,et al.  Necessary But Not Sufficient: Standardized Mechanisms for Privacy Notice and Choice , 2012, J. Telecommun. High Technol. Law.

[72]  Mansour Alsaleh,et al.  Enhancing Consumer Privacy in the Liberty Alliance Identity Federation and Web Services Frameworks , 2006, Privacy Enhancing Technologies.

[73]  William Gasarch A Survey on Private Information Retrieval , 2004 .

[74]  A. Acquisti,et al.  Digital privacy : theory, technologies, and practices , 2007 .

[75]  H. P Gassmann,et al.  OECD guidelines governing the protection of privacy and transborder flows of personal data , 1981 .

[76]  Dario Forte Do encrypted disks spell the end of forensics , 2009 .

[77]  Gergely Alpár,et al.  Efficient Selective Disclosure on Smart Cards Using Idemix , 2013, IDMAN.

[78]  Anna Lysyanskaya,et al.  Anonymous credentials light , 2013, IACR Cryptol. ePrint Arch..

[79]  Matthew Smith,et al.  Rethinking SSL development in an appified world , 2013, CCS.

[80]  Peter J. Denning,et al.  The tracker: a threat to statistical database security , 1979, TODS.

[81]  Bart De Decker,et al.  Analysis of Revocation Strategies for Anonymous Idemix Credentials , 2011, Communications and Multimedia Security.

[82]  George Danezis,et al.  Statistical Disclosure Attacks , 2003, SEC.

[83]  Paul Clements,et al.  Software architecture in practice , 1999, SEI series in software engineering.

[84]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[85]  Daniel Le Métayer,et al.  Automated consent through privacy agents: Legal requirements and technical architecture , 2009, Comput. Law Secur. Rev..

[86]  Lorrie Faith Cranor,et al.  Engineering Privacy , 2009, IEEE Transactions on Software Engineering.

[87]  Helen Nissenbaum,et al.  Privacy and contextual integrity: framework and applications , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[88]  A. Cavoukian Operationalizing Privacy by Design: A Guide to Implementing Strong Privacy Practices , 2012 .

[89]  Mihir Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2005, Journal of Cryptology.

[90]  Daniel Le Métayer,et al.  A Formal Privacy Management Framework , 2009, Formal Aspects in Security and Trust.

[91]  Siani Pearson,et al.  An Adaptive Privacy Management System for Data Repositories , 2005, TrustBus.

[92]  Laurent Bussard,et al.  S4P: A Generic Language for Specifying Privacy Preferences and Policies , 2010 .

[93]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[94]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[95]  Peter Saint-Andre,et al.  XMPP : The Definitive Guide , 2009 .

[96]  Florian Kerschbaum,et al.  Privacy-Preserving Computation - (Position Paper) , 2012, APF.

[97]  Alexandre Viejo,et al.  Using social networks to distort users' profiles generated by web search engines , 2010, Comput. Networks.

[98]  Marit Hansen,et al.  Top 10 Mistakes in System Design from a Privacy Perspective and Privacy Protection Goals , 2011, PrimeLife.

[99]  Charles D. Raab,et al.  Laws, PETs and Other Technologies for Privacy Protection , 2001, J. Inf. Law Technol..

[100]  Josep Domingo-Ferrer,et al.  H(k)-private Information Retrieval from Privacy-uncooperative Queryable Databases.">h(k)-private Information Retrieval from Privacy-uncooperative Queryable Databases , 2009, Online Inf. Rev..

[101]  Thomas Probst Generische Schutzmaßnahmen für Datenschutz-Schutzziele , 2012, Datenschutz und Datensicherheit - DuD.

[102]  Antonio Kung PEARs: Privacy Enhancing ARchitectures , 2014, APF.

[103]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2000, Journal of Cryptology.

[104]  Ernest F. Brickell,et al.  On Privacy Homomorphisms (Extended Abstract) , 1987, EUROCRYPT.

[105]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[106]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[107]  Munawar Hafiz,et al.  A pattern language for developing privacy enhancing technologies , 2013, Softw. Pract. Exp..

[108]  Jaap-Henk Hoepman,et al.  The Identity Crisis. Security, Privacy and Usability Issues in Identity Management , 2011, ArXiv.

[109]  Phillip Rogaway,et al.  How to Encipher Messages on a Small Domain , 2009, CRYPTO.

[110]  Bart Jacobs,et al.  Developing Efficient Blinded Attribute Certificates on Smart Cards via Pairings , 2010, CARDIS.

[111]  Josep Domingo-Ferrer,et al.  Ordinal, Continuous and Heterogeneous k-Anonymity Through Microaggregation , 2005, Data Mining and Knowledge Discovery.

[112]  Rudolf Ahlswede,et al.  Founding Cryptography on Oblivious Transfer , 2016 .

[113]  Chris Clifton,et al.  Privacy-preserving k-means clustering over vertically partitioned data , 2003, KDD '03.

[114]  Sebastian Meissner,et al.  Datenschutz-Schutzziele im Recht , 2012, Datenschutz und Datensicherheit - DuD.

[115]  Frank Buschmann,et al.  A system of patterns , 1995 .

[116]  Shouhuai Xu,et al.  A Flexible Framework for Secret Handshakes , 2006, Privacy Enhancing Technologies.

[117]  Blake Ramsdell,et al.  S/MIME Version 3 Message Specification , 1999, RFC.

[118]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[119]  Daniel Le Métayer,et al.  Log Design for Accountability , 2013, 2013 IEEE Security and Privacy Workshops.

[120]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[121]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System , 2004, USENIX Security Symposium.

[122]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: improved definitions and efficient constructions , 2006, CCS '06.

[123]  Siani Pearson,et al.  Context-Aware Privacy Design Pattern Selection , 2010, TrustBus.

[124]  G. R. BLAKLEY Safeguarding cryptographic keys , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[125]  I. Rubinstein Regulating Privacy by Design , 2011 .

[126]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[127]  Pierangela Samarati,et al.  Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression , 1998 .

[128]  Peter Palfrader,et al.  Mixmaster protocol --- version 2 , 2000 .

[129]  Klaus Kursawe,et al.  Implementation of privacy-friendly aggregation for the smart grid , 2013, SEGS '13.

[130]  R. Hes,et al.  Privacy-Enhancing Technologies: The Path to Anonymity , 1998 .

[131]  Kai Rannenberg Multilateral security a concept and examples for balanced security , 2001, NSPW '00.

[132]  M. Angela Sasse,et al.  Privacy is a process, not a PET: a theory for effective privacy practice , 2012, NSPW '12.

[133]  Joseph Gray Jackson,et al.  Privacy and Freedom , 1968 .

[134]  Elisa Bertino,et al.  State-of-the-art in privacy preserving data mining , 2004, SGMD.

[135]  Colin J. Bennett The Accountability Approach to Privacy and Data Protection: Assumptions and Caveats , 2012, Managing Privacy through Accountability.

[136]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[137]  Florian Kerschbaum,et al.  Fault-Tolerant Privacy-Preserving Statistics , 2012, Privacy Enhancing Technologies.

[138]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[139]  Markus Jakobsson,et al.  Making Mix Nets Robust for Electronic Voting by Randomized Partial Checking , 2002, USENIX Security Symposium.

[140]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[141]  Joel R. Reidenberg,et al.  Can User Agents Accurately Represent Privacy Policies , 2002 .

[142]  Craig Gentry,et al.  Fully Homomorphic Encryption over the Integers , 2010, EUROCRYPT.

[143]  Aris Gkoulalas-Divanis,et al.  A Survey of Association Rule Hiding Methods for Privacy , 2008, Privacy-Preserving Data Mining.

[144]  Andreu Riera Jorba Design of implementable solutions for large scale electronic voting schemes , 1999 .

[145]  G. R. Blakley,et al.  Safeguarding cryptographic keys , 1899, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[146]  Nikita Borisov,et al.  Off-the-record communication, or, why not to use PGP , 2004, WPES '04.

[147]  James A. Landay,et al.  Personal privacy through understanding and action: five pitfalls for designers , 2004, Personal and Ubiquitous Computing.

[148]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[149]  Vincent Roca,et al.  Mobilitics: Analyzing Privacy Leaks in Smartphones , 2013, ERCIM News.

[150]  Andreas Pfitzmann Multilateral Security: Enabling Technologies and Their Evaluation , 2006, ETRICS.

[151]  Javier Lopez,et al.  Trust, Privacy, and Security in Digital Business , 2014, Lecture Notes in Computer Science.

[152]  David Wright Making Privacy Impact Assessment More Effective , 2013, Inf. Soc..

[153]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[154]  Gene Tsudik,et al.  Secret Handshakes from CA-Oblivious Encryption , 2004, ASIACRYPT.

[155]  Eric R. Verheul,et al.  Self-Blindable Credential Certificates from the Weil Pairing , 2001, ASIACRYPT.

[156]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[157]  Dorothy E. Denning,et al.  A fast procedure for finding a tracker in a statistical database , 1980, TODS.

[158]  J. Ferrer A new privacy homomorphism and applications , 1996 .

[159]  Angelos D. Keromytis,et al.  Just fast keying: Key agreement in a hostile internet , 2004, TSEC.

[160]  Anna Oganian,et al.  Global Measures of Data Utility for Microdata Masked for Disclosure Limitation , 2009, J. Priv. Confidentiality.

[161]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[162]  Sean W. Smith,et al.  Nymble: Blocking Misbehaving Users in Anonymizing Networks , 2011, IEEE Transactions on Dependable and Secure Computing.

[163]  Alice Bob,et al.  The PGP Trust Model , 2005 .

[164]  Michael Naehrig,et al.  ML Confidential: Machine Learning on Encrypted Data , 2012, ICISC.

[165]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[166]  Bruce Schneier,et al.  Secure audit logs to support computer forensics , 1999, TSEC.

[167]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[168]  M. Hafiz A collection of privacy design patterns , 2006, PLoP '06.

[169]  Daniel J. Barrett,et al.  SSH, The Secure Shell: The Definitive Guide , 2001 .

[170]  Daniel Le Métayer,et al.  Privacy Architectures: Reasoning about Data Minimisation and Integrity , 2014, STM.

[171]  Sarah Spiekermann,et al.  A systematic methodology for privacy impact assessments: a design science approach , 2014, Eur. J. Inf. Syst..

[172]  Michael K. Reiter,et al.  Crowds: anonymity for Web transactions , 1998, TSEC.

[173]  David Wright,et al.  Developing a privacy seal scheme (that works) , 2013 .

[174]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[175]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[176]  Adi Shamir,et al.  The Steganographic File System , 1998, Information Hiding.

[177]  Chris Clifton,et al.  On syntactic anonymity and differential privacy , 2013, 2013 IEEE 29th International Conference on Data Engineering Workshops (ICDEW).

[178]  Simone Fischer Hübner,et al.  HCI Designs for Privacy-Enhancing Identity Management , 2007 .