A Critical Analysis of Privacy Design Strategies

The upcoming General Data Protection Regulation is quickly becoming of great concern to organizations which process personal data of European citizens. It is however nontrivial to translate these legal requirements into privacy friendly designs. One recently proposed approach to make 'privacy by design' more practical is privacy design strategies. This paper improves the strategy definitions and suggests an additional level of abstraction between strategies and privacy patterns: 'tactics'. We have identified a collection of such tactics based on an extensive literature review, in particular a catalogue of surveyed privacy patterns. We explore the relationships between the concepts we introduce and similar concepts used in software engineering. This paper helps bridge the gap between data protection requirements set out in law, and system development practice.

[1]  H. P Gassmann,et al.  OECD guidelines governing the protection of privacy and transborder flows of personal data , 1981 .

[2]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[3]  Jaap-Henk Hoepman,et al.  PDF hosted at the Radboud Repository of the Radboud University Nijmegen , 2022 .

[4]  Munawar Hafiz,et al.  A pattern language for developing privacy enhancing technologies , 2013, Softw. Pract. Exp..

[5]  Ninghui Li,et al.  End-User Privacy in Human–Computer Interaction , 2009 .

[6]  A. Cavoukian Operationalizing Privacy by Design: A Guide to Implementing Strong Privacy Practices , 2012 .

[7]  Norberto Nuno Gomes de Andrade Oblivion: The Right to Be Different from Oneself - Reproposing the Right to Be Forgotten , 2012 .

[8]  Jason I. Hong,et al.  End-User Privacy in Human-Computer Interaction , 2007, Found. Trends Hum. Comput. Interact..

[9]  A. Pfitzmann,et al.  A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management , 2010 .

[10]  Daniel J. Solove Understanding Privacy (Chapter One) , 2008 .

[11]  Siani Pearson,et al.  Context-Aware Privacy Design Pattern Selection , 2010, TrustBus.

[12]  Paul Clements,et al.  Software architecture in practice , 1999, SEI series in software engineering.

[13]  James A. Landay,et al.  Development and evaluation of emerging design patterns for ubiquitous computing , 2004, DIS '04.

[14]  Eugene H. Spafford,et al.  A distributed requirements management framework for legal compliance and accountability , 2009, Comput. Secur..

[15]  David C. Kung,et al.  Information Systems Engineering: An Introduction , 1993 .

[16]  Manfred Tscheligi,et al.  A Pattern Collection for Privacy Enhancing Technology , 2010 .

[17]  Fabio Massacci,et al.  How to capture, model, and verify the knowledge of legal, security, and privacy experts: a pattern-based approach , 2007, ICAIL.

[18]  Alexander Pretschner,et al.  Towards a policy enforcement infrastructure for distributed usage control , 2012, SACMAT '12.

[19]  Tom Rodden,et al.  Playing the Legal Card: Using Ideation Cards to Raise Data Protection Issues within the Design Process , 2015, CHI.

[20]  J. Dumortier Directive 98/48/EC of the European Parliament and of the Council , 2006 .

[21]  Bart De Decker,et al.  Linking Privacy Solutions to Developer Goals , 2009, 2009 International Conference on Availability, Reliability and Security.

[22]  M. Berthold,et al.  International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems , 1998 .

[23]  Mor Naaman,et al.  Over-exposed?: privacy patterns and considerations in online and mobile photo sharing , 2007, CHI.

[24]  C. Bier,et al.  Common privacy patterns in video surveillance and smart energy , 2012, 2012 7th International Conference on Computing and Convergence Technology (ICCCT).

[25]  Tomaz Klobucar,et al.  Towards Organizational Privacy Patterns , 2008, Second International Conference on the Digital Society.

[26]  Harun Baraki,et al.  Towards Interdisciplinary Design Patterns for Ubiquitous Computing Applications Technical Report , 2014 .

[27]  Marc Hamilton,et al.  Software Development: Building Reliable Systems , 1999 .

[28]  Felix Bachmann,et al.  Deriving Architectural Tactics: A Step Toward Methodical Architectural Design , 2003 .

[29]  Vitaly Shmatikov,et al.  Myths and fallacies of "Personally Identifiable Information" , 2010, Commun. ACM.