Abstract
In this paper we define the notion of a privacy design strategy. These strategies help IT architects to support privacy by design early in the software development life cycle, during concept development and analysis. Using current data protection legislation as point of departure we derive the following eight privacy design strategies: minimise, hide, separate, aggregate, inform, control, enforce, and demonstrate. The strategies also provide a useful classification of privacy design patterns and the underlying privacy enhancing technologies. We therefore believe that these privacy design strategies are not only useful when designing privacy friendly systems, but also helpful when evaluating the privacy impact of existing IT systems.
This research is supported by the research program Sentinels ( www.sentinels.nl ) as project ’Revocable Privacy’ (10532). Sentinels is being financed by Technology Foundation STW, the Netherlands Organization for Scientific Research (NWO), and the Dutch Ministry of Economic Affairs. This research was (partially) conducted within the Privacy and Identity Lab (PI.lab, www.pilab.nl ).
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Borking, J.: Der identity-protector. Datenschutz und Datensicherheit 20(11), 654–658 (1996)
Brands, S.: Rethinking Public Key Infrastructures and Digital Certificates; Building in Privacy, 1st edn. MIT Press (2000) ISBN 0-262-02491-8
Buschmann, F., Meunier, R., Rohnert, H., Sommerlad, P.: Pattern-Oriented Software Architecture, A System of Patterns, vol. 1. John Wiley & Sons (1996)
Camenisch, J.L., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)
A. Cavoukian.: Privacy by design – the 7 foundational principles. Technical report, Information and Privacy Commissioner of Ontario (January 2011) (revised version)
Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–88 (1981)
Chaum, D., Fiat, A., Naor, M.: Untraceable electronic cash. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 319–327. Springer, Heidelberg (1990)
Communication COM (2007)228 from the Commission to the European Parliament and the Council. On Promoting Data Protection by Privacy Enhancing Technologies (PETs) (Not published in the OJC) (2007)
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995. On the protection of individuals with regard to the processing of personal data and on the free movement of such data. OJ CL 281, 0031–0050 (1995)
Proposal for a Regulation of the European Parliament and of the Council. On the protection of individuals with regard to the processing of personal data and on the free movement of such data. OJ C 102, 24 (2012)
Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns: Elements of Reusable Object-Oriented Software. Addison-Wesley (1994)
Graf, C., Wolkerstorfer, P., Geven, A., Tscheligi, M.: A pattern collection for privacy enhancing technology. In: The 2nd Int. Conf. on Pervasive Patterns and Applications (PATTERNS 2010), Lisbon, Portugal, November 21–26 (2010)
Grses, S., Troncoso, C., Diaz, C.: Engineering privacy by design. In: Conference on Computers, Privacy & Data Protection, CPDP 2011 (2011)
Hafiz, M.: A collection of privacy design patterns. In: Proceedings of the 2006 Conference on Pattern languages of Programs, PLoP 2006 pp. 7:1–7:13. ACM, New York (2006)
Hafiz, M.: A pattern language for developing privacy enhancing technologies. In: Softw. Pract. Exper. (2011), doi:10.1002/spe.1131.
J.-H. Hoepman.: Privacy design strategies, eprint arXiv:1210.6621 (October 2012), A preliminary version was presented at the Amsterdam Privacy Conference (APC 2012) and the Privacy Law Scholars Conference (PLSC 2013)
ISO/IEC 29100. Information technology – Security techniques – Privacy framework. Technical report, ISO JTC 1/SC 27
Jacobs, B.: Select before you collect. Ars Aequi 54, 1006–1009 (2005)
Kruchten, P.: An ontology of architectural design decisions. In: Bosch., J. (ed.) Proc. of the 2nd Groningen Workshop on Software Variability Management, Groningen, The Netherlands (2004)
Casassa Mont, M., Pearson, S.: An adaptive privacy management system for data repositories. In: Katsikas, S., López, J., Pernul, G. (eds.) TrustBus 2005. LNCS, vol. 3592, pp. 236–245. Springer, Heidelberg (2005)
Organisation of Economic Co-Operation and Development. OECD guidelines on the protection of privacy and transborder flows of personal data (1980)
Pearson, S., Benameur, A.: Decision support for design for privacy: A system focused on privacy by policy. In: PrimeLife/IFIP Summer School 2010: Privacy and Identity Management for Life, Helsingborg, Sweden (August 2010) (to appear)
Pearson, S., Shen, Y.: Context-aware privacy design pattern selection. In: Katsikas, S., Lopez, J., Soriano, M. (eds.) TrustBus 2010. LNCS, vol. 6264, pp. 69–80. Springer, Heidelberg (2010)
A. Pfitzmann, M. Hansen.: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management – a consolidated proposal for terminology (version v0.34 August 10, 2010), http://dud.inf.tu-dresden.de/Anon_Terminology.shtml
Solove, D.J.: A taxonomy of privacy. University of Pennsylvania Law Review 154(3), 477–564 (2006)
Spiekermann, S., Cranor, L.F.: Engineering privacy. IEEE Trans. Software Eng. 35(1), 67–82 (2009)
Sweeney, L.: k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 10(5), 557–570 (2002)
US Federal Trade Commission. Privacy online: Fair information practices in the electronic marketplace, a report to congress (2000)
van Blarkom, G.W., Borking, J.J., Verhaar, P.: PET. In: van Blarkom, G.W., Borking, J.J., Olk, J.G.E. (eds.) Handbook of Privacy and Privacy-Enhancing Technologies - The Case of Intelligent Software Agnets, ch. 3, pp. 33–54. College Bescherming Persoonsgegevens, The Hague (2003)
van Rest, J., Boonstra, D., Everts, M., van Rijn, M., van Paassen, R.: Designing privacy-by-design. Presented at the Annual Privacy Forum 2012, Limmasol, Cyprus (2012)
Westin, A.: Privacy and Freedom. Atheneum, New York (1976)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 IFIP International Federation for Information Processing
About this paper
Cite this paper
Hoepman, JH. (2014). Privacy Design Strategies. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds) ICT Systems Security and Privacy Protection. SEC 2014. IFIP Advances in Information and Communication Technology, vol 428. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-55415-5_38
Download citation
DOI: https://doi.org/10.1007/978-3-642-55415-5_38
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-55414-8
Online ISBN: 978-3-642-55415-5
eBook Packages: Computer ScienceComputer Science (R0)