Top 10 Mistakes in System Design from a Privacy Perspective and Privacy Protection Goals

  title={Top 10 Mistakes in System Design from a Privacy Perspective and Privacy Protection Goals},
  author={Marit Hansen},
  • M. Hansen
  • Published in PrimeLife 5 September 2011
  • Computer Science
Privacy requirements are often not well considered in system design. The objective of this paper is to help interested system designers in three ways: First, it is discussed how “privacy” should be understood when designing systems that take into account the protection of individuals’ rights and their private spheres. Here specifically the concept of linkage control as an essence of privacy is introduced. Second, the paper presents a list of ten issues in system design collected during the… 
Understanding the Privacy Goal Intervenability
This paper refine the privacy goal intervenability into a software requirements taxonomy and relate it to a taxonomy of transparency requirements because transparency can be regarded as a prerequisite for intervenability.
A Systematic Mapping Study on Privacy by Design in Software Engineering
The findings suggest that PbD in software engineering is still an immature field and that there is a need for privacyaware approaches for software engineering and their validation in industrial settings.
Reusable Elements for the Systematic Design of Privacy-Friendly Information Systems: A Mapping Study
The most advanced research areas in privacy engineering are described and some of the gaps found are discussed, suggesting areas where researchers and funding institutions can focus their efforts.
Towards a Principled Approach for Engineering Privacy by Design
This work analyzes three privacy requirements engineering methods and derives a set of criteria that aid in identifying data-processing activities that may lead to privacy violations and harms and also aid in specifying appropriate design decisions.
Privacy and Data Protection by Design - from policy to engineering
The report sketches a method to map legal obligations to design strategies, which allow the system designer to select appropriate techniques for implementing the identified privacy requirements, and concludes with recommendations on how to overcome and mitigate these limits.
A Taxonomy of Requirements for the Privacy Goal Transparency
This work provides a taxonomy of transparency requirements derived from legislation and standards that can be used by requirements engineers as basis to systematically identify the relevant transparency requirements leading to a more complete and coherent set of requirements.
Extending ISO/IEC 29110 Basic Profile with Privacy-by-Design Approach: A Case Study in the Health Care Sector
An integration of PbD goals into the ISO/IEC 29110 Basic profile for small software development organizations was presented and the most frequently encountered privacy goals as well as privacy addressing practices from previous methodological proposals were taken into account.
Computer-Aided Identification and Validation of Intervenability Requirements
A tool-supported method to identify intervenability requirements from the functional requirements of a software system and a combined taxonomy of intervenability and transparency requirements gives a detailed view on the privacy goal of interveneability and its relation to transparency.
Operationalizing Privacy by Design: An Indian illustration
Privacy Engineering is proposed as a concrete methodology to operationalize the otherwise vague Privacy by Design and is illustrated through the application through the Account Aggregator Framework and the Aarogya Setu Application.
Privacy by Design in Software Engineering: a Systematic Mapping Study
A Systematic Mapping Study was carried out to identify primary papers that describe the way PbD is considered in software engineering, which principles or goals pursues, and what P bD practices or techniques are used in software development efforts, and identified a deficiency of sound Pbd-related research in the area of software development.


Towards Future-Proof Privacy-Respecting Identity Management Systems
It is not an easy task that may be solved by each identity management system on its own, but policy makers will have to provide support in building common infrastructures or integrating national eID solutions.
Privacy 3.0 := Data Minimization + User Control + Contextual Integrity
It is argued that Privatheit 3.0 should be a combination of (1) Data minimization, (2) User control of personal information disclosure, and (3) Contextual integrity.
Privacy policy and PETs
A more expansive understanding of identification and privacy should inform policy discourse and have implications for the constitution of identity and social life.
PrimeLife Heartbeat H1.3.5: Requirements and concepts for identity management throughout life
This report derives requirements and concepts for identity management throughout life, taking into account lifelong aspects of privacy and identity management which demand for a new consideration of
Collaboration and the knowledge economy : issues, applications, case studies
Collaboration is critical to building the Knowledge Economy, and considerable work is being carried out not just in industry, but also in government and academic research circles to address the often
A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management
Anonymity, unlinkability, linkability, undetectability, unobservability, pseudonymity, identifiability, identity, partial identity, digital identity and identity management are defined.
Privacy By Design und die Neuen Schutzziele
  • M. Rost, Kirsten Bock
  • Political Science, Computer Science
    Datenschutz und Datensicherheit - DuD
  • 2011
„Privacy by Design“ versammelt sieben Grundsätze, die einen modernen proaktiven Datenschutz mit weltweiter Perspektive versprechen, andererseits argumentieren für eine Zusammenführung der Ansaytze zu einem umfassenden Gesamtkonzept.
Useful Void: The Art of Forgetting in the Age of Ubiquitous Computing
This article proposes a simple rule that reinstates the default of forgetting the authors' societies have experienced for millennia, and shows how a combination of law and technology can achieve this shift.
Robust De-anonymization of Large Sparse Datasets
This work applies the de-anonymization methodology to the Netflix Prize dataset, which contains anonymous movie ratings of 500,000 subscribers of Netflix, the world's largest online movie rental service, and demonstrates that an adversary who knows only a little bit about an individual subscriber can easily identify this subscriber's record in the dataset.
Contributions to Standardisation
Standardisation has many goals and facets: Standards lead to lower cost because of a unified higher volume market, and support interoperability that is vitally needed in ICT.