Towards a Principled Approach for Engineering Privacy by Design

  title={Towards a Principled Approach for Engineering Privacy by Design},
  author={Majed Alshammari and Andrew C. Simpson},
  booktitle={Annual Privacy Forum},
Privacy by Design has emerged as a proactive approach for embedding privacy into the early stages of the design of information and communication technologies, but it is no ‘silver bullet’. Challenges involved in engineering Privacy by Design include a lack of holistic and systematic methodologies that address the complexity and variability of privacy issues and support the translation of its principles into engineering activities. A consequence is that its principles are given at a high level… 

Privacy Architectural Strategies: An Approach for Achieving Various Levels of Privacy Protection

This work presents an engineering approach to Privacy by Design that uses the concept of architectural strategies to support the adoption of PETs in the early stages of the design process to achieve various levels of privacy protection.

Rethinking the Proposition of Privacy Engineering

The assumptions that underpin privacy engineering are examined, linking them to shortcomings and open questions, and possible research avenues that may give rise to alternative frameworks are explored.

A Systematic Mapping Study on Privacy by Design in Software Engineering

The findings suggest that PbD in software engineering is still an immature field and that there is a need for privacyaware approaches for software engineering and their validation in industrial settings.

Privacy Engineering Methodologies: A survey

  • Y. Al-Slais
  • Computer Science
    2020 International Conference on Innovation and Intelligence for Informatics, Computing and Technologies (3ICT)
  • 2020
A survey of academic publications discussing the current privacy engineering methodologies finds a significant increase in publications after the official implementation of GDPR and proposes a taxonomy based on the theoretical backgrounds and origin of methodology (security-based or privacy-friendly).

Extending ISO/IEC 29110 Basic Profile with Privacy-by-Design Approach: A Case Study in the Health Care Sector

An integration of PbD goals into the ISO/IEC 29110 Basic profile for small software development organizations was presented and the most frequently encountered privacy goals as well as privacy addressing practices from previous methodological proposals were taken into account.

A Privacy-Aware V-Model for Software Development

This paper proposes the new W-model as a privacy-aware extension of the V-model frequently used in software engineering, and introduces a cost function that assists privacy engineers in selecting the most suitable countermeasure.

SPARTA: Security & Privacy Architecture Through Risk-Driven Threat Assessment

The presented SPARTA prototype facilitates the consideration of security and privacy by providing support for capturing and continuously assessing the impact ofSecurity and privacy design decisions on the elicited threats, the progress towards securing the system can be assessed and alternatives can be compared, taking into account past and present design decisions.

Poster: Knowledge-Enriched Security and Privacy Threat Modeling

This work facilitates the simultaneous consideration of these dimensions by integrating support for threat modeling, risk analysis, and design decisions, thereby prioritizing threats based on their estimated risk and providing decision support in the mitigation, acceptance, or transferral of risk for the system under design.

Privacy framework for context-aware robot development

A privacy framework as a feasible approach to consider security and privacy issues as a basis is provided and employed privacy methodologies are showcased in a use case of a robot as an interaction partner contrasting two different use case scenarios to encourage the importance of context awareness.

Knowledge-enriched security and privacy threat modeling

This work facilitates the simultaneous consideration of these dimensions by integrating support for threat modeling, risk analysis, and design decisions, thereby prioritizing threats based on their estimated risk and providing decision support in the mitigation, acceptance, or transferral of risk for the system under design.



Engineering Privacy by Design

This paper argues that engineering systems according to the privacy by design principles requires the development of generalizable methodologies that build upon the principle of data minimization, and presents a summary of two case studies in which privacy is achieved by minimizing different types of data.

Engineering Privacy

The paper uses a three-layer model of user privacy concerns to relate them to system operations and examine their effects on user behavior, and develops guidelines for building privacy-friendly systems.

PRIPARE: Integrating Privacy Best Practices into a Privacy Engineering Methodology

This paper reviews existing best practices in the analysis and design stages of the system development lifecycle, introduces a systematic methodology for privacy engineering that merges and integrates them, leveraging their best features whilst addressing their weak points, and describes its alignment with current standardization efforts.

Privacy Design Strategies

These strategies help IT architects to support privacy by design early in the software development life cycle, during concept development and analysis and provide a useful classification of privacy design patterns and the underlying privacy enhancing technologies.

Top 10 Mistakes in System Design from a Privacy Perspective and Privacy Protection Goals

The concept of linkage control as an essence of privacy is introduced and three complementing privacy protection goals – unlinkability, transparency and intervenability – are proposed.

A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements

This paper presents a comprehensive framework to model privacy threats in software-based systems and provides an extensive catalog of privacy-specific threat tree patterns that can be used to detail the threat analysis outlined above.

A Critical Analysis of Privacy Design Strategies

This paper helps bridge the gap between data protection requirements set out in law, and system development practice, and suggests an additional level of abstraction between strategies and privacy patterns: 'tactics'.

The Privacy Engineers Manifesto: Getting from Policy to Code to QA to Value

The team of experts offers thoughts about the information revolution that has only just begun, and how the authors can live in a world of sensors and trillions of data points without losing their ethics or value(s)...and even have a little fun.

Privacy by Design and the New Protection Goals

The “New Protection Goals” claim no less than to turn data protection into a modern, proactive and operational tool by introducing six elementary protection goals which are related to each other and which are meant to be applicable universally.

Using Privacy Process Patterns for Incorporating Privacy Requirements into the System Design Process

Privacy process patterns facilitate the identification of the system architecture that best supports the privacy-related business processes, thus providing a holistic approach from business goals to `privacy-compliant' IT systems.