[Log In] []

Exploring the science and magic of Identity and Access Management
Friday, February 23, 2024

Privacy by Design – Principles or Requirements?

Information Security, Privacy
Author: Mark Dixon
Friday, March 29, 2013
7:58 pm


After reading the white paper, “Privacy and Security by Design, A Convergence of Paradigms,” this week, I pinged a couple of associates on Twitter to see what they thought about Privacy by Design.  Steve Wilson replied to the effect that “We need more than principles.  We need implementable requirements.”

When I met with  Ann Cavoukian yesterday, I asked her about that viewpoint.  She agreed that we need to step beyond principles to requirements to implementation.  She gave me a copy of a paper published last December by the PdB team, entitled, “ Operationalizing Privacy by Design: A Guide to Implementing Strong Privacy Practices.”  This paper doesn’t provide all the answers, but begins to explore how privacy is being implemented in 9 application area:

  1. CCTV/Surveillance Cameras in Mass Transit Systems
  2. Biometrics Used in Casinos and Gaming Facilities
  3. Smart Meters and the Smart Grid
  4. Mobile Devices & Communications
  5. Near Field Communications (NFC)
  6. RFIDs and Sensor Technologies
  7. Redesigning IP Geolocation Data
  8. Remote Home Health Care
  9. Big Data and Data Analytics

Interestingly enough, when Marc Chanliau shared with me a his unpublished report from which came the security content for the “Privacy and Security by Design” paper, it was gratifying to see the title he had selected for that larger report: “Requirements for Enterprise Security.”

There is much to do, but progress is being made.

Comments Off on Privacy by Design – Principles or Requirements? . Permalink . Trackback URL
WordPress Tags: ,

Comments are closed.

Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.