privacy by design
play

Privacy by Design Deirdre K. Mulligan Privacy by design, why now? - PowerPoint PPT Presentation

Dec 19, 2022 •132 likes •556 views

Privacy by Design Deirdre K. Mulligan Privacy by design, why now? Legal Drivers E- Government Act of 2002 and OMB Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002 Resolution on Privacy by Design, Data Protection

  1. Privacy by Design Deirdre K. Mulligan

  2. Privacy by design, why now? Legal Drivers E- Government Act of 2002 and OMB Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002 Resolution on Privacy by Design, Data Protection and Privacy Commissioners, October, 2010 Consumer Data Privacy: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy, White House, February 2012 Protecting Consumer Privacy in an Era of Rapid Change: Recommendations For Businesses and Policymakers, Federal Trade Commission March 2012 General Data Protection Regulation 2016 2

  3. Privacy by design, why now? Technical Drivers Sensors Big Data Machine Learning AI 3

  4. Privacy by design, why now?Socio-political Drivers Global data flows Data for Good: Education, criminal justice, health Terrorism Snowden Revelations 4

  5. Privacy by design: Early Examples Platform for Privacy Preferences, World Wide Web Consortium 1995-2002 (machine readable notices) Tor, Syverson, Dingledine, Mathewson 2002 Geopriv Requirements, IETF, February 2004 5

  6. More recent efforts to move privacy into practice Engineering: ENISA Privacy and Data Protection by Design-from Policy to Engineering (2015); NIST Privacy Engineering Objectives and Risk Model draft (2014); Microsoft Privacy Guidelines for Developing Software Products and Services (2007) Technical Standards: IETF Privacy Considerations for Internet Protocols (RFC 6973) 2013; W3C ongoing since mid-90s; Oasis Privacy Management Reference Model, Privacy by Design Documentation for Software Engineers Conceptual: Academic work: Solove, Nissenbaum, Mulligan; Draft NIST Interagency Report (NISTIR) 8062, Privacy Risk Management for Information Systems (May 2015). Compliance: Global Network Initiative Principles; Privacy by Design Certification Program: Assessment Control Framework, Deloitte & Ryerson University Education and Certification: CMU Master of Science in Information Technology— Privacy Engineering; IAPP CIP Technologist and CIP Manager 6

  7. Privacy by design: CCC Project Workshop Series proposed in 2014 by diverse team of academic researchers: • Deirdre Mulligan (Chair), UC Berkeley • Annie Anton, Georgia Tech • Ken Bamberger, UC Berkeley • Travis Breaux, Carnegie Mellon • Nathan Good, Good Research • Peter Swire, Georgia Tech • Ira Rubinstein, New York University • Helen Nissenbaum, New York University Additional Members of Organizing Committee: • Fred Schneider, Cornell University • Susan Landau, WPI • Susan Graham, UC Berkeley / CCC 7

  8. Privacy by design: CCC Project State of Research and Practice February, 2015 UC, Berkeley Privacy Enabling Design May, 2015 Georgia Tech Engineering Privacy August, 2015 Carnegie Mellon University Regulation as Catalyst January, 2016 Georgetown University http://cra.org/ccc/visioning/visioning-activities/privacy-by-design 8

  9. Privacy by Design: What is it? Unclear Objective: What does it mean to design for privacy? • Privacy…. • By…. • Design… 9

  10. Privacy by Design: What is it? Unclear Objective: What does it mean to design for privacy? • development method involving the adoption of certain processes—such as human or value-centered design, or PbD (Cavoukian)? • adoption of decisional tools—such as privacy impact assessments? • the use of privacy protective mechanisms—such as TOR and other privacy enhancing technologies? • the achievement of specific privacy objectives—such as reduced collection of personal information? 10

  11. Privacy by design: CCC Project Preview The goal of privacy by design: building systems that inherently protect the privacy of users. This requires that machines, policies and processes advance the relevant concept of privacy for the specific use case. 11

  12. Privacy by design: CCC Project Privacy by design requires organizations to: • Identify the privacy concepts, and risks, relevant to a system; • Design the system to respect those concepts, and to mitigate threats to them; • Assign responsibility for meeting privacy related objectives to system components; and, • Evaluate the efficacy of different system configurations for meeting privacy objectives. 12

  13. Privacy by design: CCC Project Privacy by design requires regulatory approaches that support internal and external environments that motivate and support it. Addressing the privacy by design challenge requires attention to how economics, organizational arrangement, legal, and regulatory environment can support and hinder its adoption. 13

  14. Privacy by design: Disconnects Missing Bridges Concepts Methods Measurements Experts from multiple disciplines Incentives 14

  15. State of Research and Practice 49 Participants: 23 academia; 11 industry; 6 civil society; 9 government (US St/fed) Background Knowledge • Privacy is an “essentially contested” concept • Privacy laws reflect different conceptualizations of privacy • CS research and solutions solving different privacy problems and offering new definitions • Standards setting bodies are doing privacy work • Interdisciplinary work is essential 15

  16. State of Research and Practice : Key Insights 4 • Need for precise definitions of different privacy properties and tools to match definitions to context • Composability challenges • Measurement: metrics for privacy and privacy by design, risks, harms • Uncertainty about optimal organizational arrangements • Interdisciplinary work needs languages, tools, to aid collaboration • Incentives often missing 16

  17. Reports from the Field: Government • Using mathematical tools to protect privacy • Using contextual non-legal limitations to design • Implementing technical standards for the protection of information • Setting controls on use of data through internal standards • Wrestling with open data and privacy commitments • Wrestling with potential for “data for good” research to go bad 17

  18. Reports from the Field: Industry • Implementing cross-functional privacy teams • Engaging in multiple types of research to better understand privacy • Developing educational tools for end users • Agile development process is a double-edge sword • Creating privacy resources within organizations • Developing access and use-based controls for data to protect privacy 18

  19. Conceptual Challenges Regulators: privacy as control or self-determination Technical community: privacy as anonymity (Tor); privacy as control (P3P); privacy as obfuscation (Geopriv) Public: ambiguous concept (all the above + limited access, expectations, security etc.)

  20. Concepts: Law & Philosophy • Right to be let alone • Limited Access to the Self • Secrecy • Control over Personal Information • Zone of Autonomous Decision Making • Intimacy • Personhood • Anti-totalitarianism • Contextual Integrity

  21. Concepts: Computer Science Research • Anonymity • Confidentiality • Requirements derived from privacy laws • Controls • Boundary regulation • Differential privacy …and Information Science etc…..

  22. Privacy: Essentially contested concept concepts the proper use of which inevitably involves endless disputes about their proper uses on the part of their users and these disputes "cannot be settled by appeal to empirical evidence linguistic usage, or the canons of logic alone” (Gallie 1956) 22

  23. Ex. Facebook Emotional Contagion Study

  24. Privacy Concepts: Solution Spaces Decisional Interference --altering presentation to mess with mental state Misrepresentation/Distortion --misrepresenting people to their friends Information loss --extracting information users hadn’t disclosed Violation of expectations --informed consent for research Protecting “information state” of brain --limited access to the self; personhood

  25. Is that the right privacy? What do individuals mean when they talk about privacy ? • What do they want it to protect? • From whom are they seeking protection? • What harms do they want it to prevent? • What actions/designs lead people to feel violated? And... How do the answers to these questions relate to • theory? • regulatory definitions and aims? How can they be translated into design and practice? Solutions must be aimed at the right privacy. Joint w/ Colin Koopman, Univ. Oregon, Philosophy Dept.

  26. Privacy-enabling design 49 Participants: 27 academic;18 industry (several design firms); 4 government (18F) Privacy WITHOUT Design 26

  27. Privacy WITH Design? Where are the designers? What are they doing? Why haven’t they been part of the public conversation? What could their role be in the future? How do we make it happen?

  28. Privacy-enabling design: Background Knowledge • Designers largely absent from conversation • Regulators focused on design • Privacy varies by context • Organizations focused on trust, privacy as component 28

  29. Privacy-enabling design: Key Insights • Lack of adequate heuristics • Privacy varies within context because it is relational • Technical design and business models that conflict with users’ mental models create privacy challenges • Users trust themselves to protect their privacy • Economic incentives are missing 29

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy Commissioner of Ontario https://www.ipc.on.ca/images/resources/7foundationalprinciples.pdf Privacy by Design Let's have it! Article 25 European

1.32k views • 118 slides
Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor October 29, 2013 y & c S a e v c i u r P r i t e y l b L a a s

245 views • 20 slides
Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor November 11, 2014 y & c S a e v c i u r P r i t e y l b L a a s

555 views • 21 slides
Privacy and Security by Design: Regulatory Compliance Will Not be Enough to Preserve our Privacy

Privacy and Security by Design: Regulatory Compliance Will Not be Enough to Preserve our Privacy

Privacy and Security by Design: Regulatory Compliance Will Not be Enough to Preserve our Privacy Ann Cavoukian, Ph.D. Distinguished Expert-in-Residence Privacy by Design Centre of Excellence Ryerson University Ryerson CSR Institute / PPOCIR

3.12k views • 64 slides
Privacy by Design Principles of Privacy-Aware Ubiquitous Systems Marc Langheinrich Privacy by

Privacy by Design Principles of Privacy-Aware Ubiquitous Systems Marc Langheinrich Privacy by

Privacy by Design Principles of Privacy-Aware Ubiquitous Systems Marc Langheinrich Privacy by Design ETH Zurich, Switzerland www.inf.ethz.ch/~langhein Ubicomp 2001, Atlanta Contents Ubicomp 2001, Atlanta ! Privacy primer Does privacy

680 views • 22 slides
Privacy engineering, privacy by design, and privacy governance Engineering & Public Policy

Privacy engineering, privacy by design, and privacy governance Engineering & Public Policy

CyLab Privacy engineering, privacy by design, and privacy governance Engineering & Public Policy Lorrie Faith Cranor November 17, 2015 y & c S a e v c i u r P r i t e y l b L a a s b U o 8-533 / 8-733 /

539 views • 22 slides
Privacy by Design A technical perspective Carmela Troncoso Gradiant The usual privacy

Privacy by Design A technical perspective Carmela Troncoso Gradiant The usual privacy

PR eparing I ndustry to P rivacy-by-design by supporting its A pplication in RE search Privacy by Design A technical perspective Carmela Troncoso Gradiant The usual privacy scenario Protect personal data from third parties Data

359 views • 9 slides
From Privacy Protection to Interface Design: Implementing Information Privacy in Human-Computer

From Privacy Protection to Interface Design: Implementing Information Privacy in Human-Computer

From Privacy Protection to Interface Design: Implementing Information Privacy in Human-Computer Interactions Andrew S. Patrick Steve Kenny Independent Consultant National Research Council of Canada stephen_mh_kenny@yahoo.com

407 views • 22 slides
Engineering Privacy By Design Seda Grses COSIC, ESAT K.U. Leuven Belgium 1 Outline -

Engineering Privacy By Design Seda Grses COSIC, ESAT K.U. Leuven Belgium 1 Outline -

Engineering Privacy By Design Seda Grses COSIC, ESAT K.U. Leuven Belgium 1 Outline - Introduction and Approach - Privacy Requirements Definition Problem - Privacy Requirements Analysis Problem - Policy and Compliance - Privacy By Design -

1.48k views • 63 slides
The Vital Need for Privacy and Security by Design Ann Cavoukian, Ph.D. Executive Director

The Vital Need for Privacy and Security by Design Ann Cavoukian, Ph.D. Executive Director

The Vital Need for Privacy and Security by Design Ann Cavoukian, Ph.D. Executive Director Global Privacy & Security by Design Centre Technion Summer School on Cyber Security Haifa, Israel September 9, 2020 Lets Dispel The Myths

929 views • 55 slides
Privacy Engineering Objectives and Risk Model Objective-Based Design for Improving Privacy in

Privacy Engineering Objectives and Risk Model Objective-Based Design for Improving Privacy in

Privacy Engineering Objectives and Risk Model Objective-Based Design for Improving Privacy in Information Systems 1 NIST research has a broad impact shutterstock.com shutterstocom G. Hooijer/ D. Stork/ Facilitates trade and fair Improves

405 views • 18 slides
Privacy Enhancing T echnologies Carmela Troncoso, Gradiant PRIPARE Workshop on Privacy by Design

Privacy Enhancing T echnologies Carmela Troncoso, Gradiant PRIPARE Workshop on Privacy by Design

T rialog, Atos, T rilateral, Inria , AUP, Gradiant, UPM, UUlm, Fraunhofer SIT, WIT , KU Leuve Privacy Enhancing T echnologies Carmela Troncoso, Gradiant PRIPARE Workshop on Privacy by Design Ulm 9 th -10 th March 2015 11/03/2015 Privacy

668 views • 48 slides
Lightning Introductions PRIVACY ENABLING DESIGN May 7-8, 2015 Brian Anderson / IBM Where does

Lightning Introductions PRIVACY ENABLING DESIGN May 7-8, 2015 Brian Anderson / IBM Where does

Lightning Introductions PRIVACY ENABLING DESIGN May 7-8, 2015 Brian Anderson / IBM Where does privacy end and security begin? What are the responsibilities of an organization to protect their assets while balancing the privacy of those who

980 views • 52 slides
Do Not Beg: Moving Beyond Do Not Track with Privacy By Design Mike Perry W3C DNT Nov 28, 2012

Do Not Beg: Moving Beyond Do Not Track with Privacy By Design Mike Perry W3C DNT Nov 28, 2012

Do Not Beg: Moving Beyond Do Not Track with Privacy By Design Mike Perry W3C DNT Nov 28, 2012 Do Not Track as Privacy By Design The meat of the initial IETF DNT Draft: A server acting in a third-party capacity MUST NOT track a user or

293 views • 10 slides
Discussion of Privacy as a Tool for Robust Mechanism Design

Discussion of Privacy as a Tool for Robust Mechanism Design

Discussion of Privacy as a Tool for Robust Mechanism Design in Large Markets Leeat Yariv General Theme Interpret differenAal privacy as a

275 views • 25 slides
Privacy and data protection by design cross-over of multiple disciplines Marit Hansen

Privacy and data protection by design cross-over of multiple disciplines Marit Hansen

Privacy and data protection by design cross-over of multiple disciplines Marit Hansen Privacy and Information Commissioner Schleswig-Holstein, Germany marit.hansen@datenschutzzentrum.de Annual Privacy Forum 2015 Luxembourg, 7 October,

551 views • 29 slides
The FDIC ! ! An independent federal agency ! ! Major responsibilities: " ! Insuring deposits

The FDIC ! ! An independent federal agency ! ! Major responsibilities: " ! Insuring deposits

!"#$"%&' Money Smart Teacher Training Module, Part 1 The FDIC ! ! An independent federal agency ! ! Major responsibilities: " ! Insuring deposits " ! Bank supervision " ! Failed bank resolution ! ! Economic Inclusion

750 views • 33 slides
Solar Consumer Protection Workshop May 17, 2018 www.cesa.org Sustainable Solar Education

Solar Consumer Protection Workshop May 17, 2018 www.cesa.org Sustainable Solar Education

Solar Consumer Protection Workshop May 17, 2018 www.cesa.org Sustainable Solar Education Project A project to provide information to state and municipal officials on strategies to ensure distributed solar Remains consumer friendly

452 views • 14 slides
Secondary Education: Measuring Secondary Uses of 2FA Phone Numbers Min Hee Kim , Christina Yeung,

Secondary Education: Measuring Secondary Uses of 2FA Phone Numbers Min Hee Kim , Christina Yeung,

Secondary Education: Measuring Secondary Uses of 2FA Phone Numbers Min Hee Kim , Christina Yeung, Daniel Salsburg, Joseph A. Calandrino Office of Technology Research and Investigation Federal Trade Commission The views expressed are not

342 views • 10 slides
The FTCs Study of Patent Assertion Entities Patents in Telecoms November 6, 2015 Daniel

The FTCs Study of Patent Assertion Entities Patents in Telecoms November 6, 2015 Daniel

06/11/15 The FTCs Study of Patent Assertion Entities Patents in Telecoms November 6, 2015 Daniel Hosken Bureau of Economics U.S. Federal Trade Commission The views expressed in this presentation are those of the presenter and are

465 views • 3 slides
AWS Identity and Access Management (IAM) made easy with Terraform Kala Maturi, Technology

AWS Identity and Access Management (IAM) made easy with Terraform Kala Maturi, Technology

AWS Identity and Access Management (IAM) made easy with Terraform Kala Maturi, Technology Services Yoon Lee, Technology Services Topics AWS Authentication AWS Authorization About Roles & Policies Best practices Terraform

1.92k views • 33 slides
Trust Federation enabling an interoperable David Groep EUGridPMA global trust fabric also

Trust Federation enabling an interoperable David Groep EUGridPMA global trust fabric also

The International Grid Trust Federation enabling an interoperable David Groep EUGridPMA global trust fabric also supported by EGI.eu EGI-InSPIRE RI-261323, and BiG Grid, the Dutch eScience Grid The Need for a Global Trust Fabric More than

676 views • 21 slides
XRootD Monitoring Report A.Beche D.Giordano Outlines Talk 1: XRootD Monitoring Dashboard

XRootD Monitoring Report A.Beche D.Giordano Outlines Talk 1: XRootD Monitoring Dashboard

XRootD Monitoring Report A.Beche D.Giordano Outlines Talk 1: XRootD Monitoring Dashboard Context Dataflow and deployment model Database: storage & aggregation User interface & use cases Open issues & future

539 views • 37 slides
INCF Cyberinfrastructure - storage layer - Raphael Ritz INCF Secretariat, Stockholm, Sweden

INCF Cyberinfrastructure - storage layer - Raphael Ritz INCF Secretariat, Stockholm, Sweden

INCF Cyberinfrastructure - storage layer - Raphael Ritz INCF Secretariat, Stockholm, Sweden Code Jam V, Edinburgh, UK, March 16, 2012 Joint work with Sean Hill (INCF, Stockholm) Ruggero Cucchiani (INCF, Stockholm) Stephen Larson

719 views • 16 slides

More recommend