PDF hosted at the Radboud Repository of the Radboud University Nijmegen

In this paper we define the notion of a privacy design strategy. These strategies help IT architects to support privacy by design early in the software development life cycle, during concept development and analysis. Using current data protection legislation as point of departure we derive the following eight privacy design strategies: minimise, hide, separate, aggregate, inform, control, enforce, and demonstrate. The strategies also provide a useful classification of privacy design patterns and the underlying privacy enhancing technologies. We therefore believe that these privacy design strategies are not only useful when designing privacy friendly systems, but also helpful when evaluating the privacy impact of existing IT systems.

[1]  Bpf Bart Jacobs Select before you Collect , 2005 .

[2]  William J. Kirsch,et al.  The protection of privacy and transborder flows of personal data: the work of the Council of Europe, the Organization for Economic Co-operation and Development and the European Economic Community , 1982, Legal Issues of Economic Integration.

[3]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[4]  Jaap-Henk Hoepman,et al.  In Things We Trust? Towards Trustability in the Internet of Things - (Extended Abstract) , 2011, AmI Workshops.

[5]  Hector Garcia-Molina,et al.  Disinformation techniques for entity resolution , 2013, CIKM.

[6]  Helen Nissenbaum,et al.  Trackmenot: Resisting Surveillance in Web Search , 2015 .

[7]  Ian Goldberg,et al.  Privacy-Enhancing Technologies for the Internet, II: Five Years Later , 2002, Privacy Enhancing Technologies.

[8]  Siani Pearson,et al.  An Adaptive Privacy Management System for Data Repositories , 2005, TrustBus.

[9]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[10]  Frank Buschmann,et al.  A system of patterns , 1995 .

[11]  Siani Pearson,et al.  Context-Aware Privacy Design Pattern Selection , 2010, TrustBus.

[12]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[13]  Manfred Tscheligi,et al.  A Pattern Collection for Privacy Enhancing Technology , 2010 .

[14]  Siani Pearson,et al.  A Decision Support System for Design for Privacy , 2010, PrimeLife.

[15]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[16]  M. Hafiz A collection of privacy design patterns , 2006, PLoP '06.

[17]  Peter Sommerlad,et al.  Pattern-Oriented Software Architecture Volume 1: A System of Patterns , 1996 .

[18]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[19]  Herbert Burkert,et al.  Some Preliminary Comments on the DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. , 1996 .

[20]  Carmela Troncoso,et al.  Engineering Privacy by Design , 2011 .

[21]  Secretariat Iso,et al.  ISO/IEC JTC 1/SC 27 Information technology - Security techniques Secretariat: DIN, Germany , 2008 .

[22]  Peter Sommerlad,et al.  Pattern-Oriented Software Architecture: A System of Patterns: John Wiley & Sons , 1987 .

[23]  A. Pfitzmann,et al.  A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management , 2010 .

[24]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[25]  Lorrie Faith Cranor,et al.  Engineering Privacy , 2009, IEEE Transactions on Software Engineering.

[26]  Maarten H. Everts,et al.  Designing Privacy-by-Design , 2012, APF.

[27]  Joseph Gray Jackson,et al.  Privacy and Freedom , 1968 .

[28]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[29]  Peter Sommerlad,et al.  Pattern-Oriented Software Architecture , 1996 .

[30]  Munawar Hafiz,et al.  A pattern language for developing privacy enhancing technologies , 2013, Softw. Pract. Exp..

[31]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[32]  Philippe Kruchten,et al.  An Ontology of Architectural Design Decisions in Software-Intensive Systems , 2004 .

[33]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[34]  J. Borges,et al.  A TAXONOMY OF PRIVACY , 2006 .

[35]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.