Privacy engineering
Privacy engineering is an emerging discipline within, at least, the software or information systems domain which aims to provide tools and techniques such that the engineered systems provide acceptable levels of privacy. An acceptable level of privacy is defined in terms of compliance against the functional and non-functional requirements set out through a privacy policy.
Definition and scope[edit]
The definition of privacy engineering given by NIST is:[1]
focuses on providing guidance that can be used to decrease privacy risks, and enable organizations to make purposeful decisions about resource allocation and effective implementation of controls in information systems.
While privacy has been developing as a legal domain, privacy engineering has only really come to the fore in recent years as the necessity of implementing said privacy laws in information systems has become a definite requirement to the deployment of such information systems. For example, IPEN[2] outlines their position in this respect as:
One reason for the lack of attention to privacy issues in development is the lack of appropriate tools and best practices. Developers have to deliver quickly in order to minimize time to market and effort, and often will re-use existing components, despite their privacy flaws. There are, unfortunately, few building blocks for privacy friendly applications and services, and security can often be weak as well.
Privacy engineering[3] involves aspects such as process management, security, ontology and software engineering. The actual application[4] of these derives from necessary legal compliances, privacy policies and `manifestos' such as Privacy-by-Design.
Towards the more implementation levels, privacy engineering employs privacy enhancing technologies to enable anonymisation and de-identification of data. It however should be noted that privacy engineering requires suitable security engineering practices to be deployed, and that some privacy aspects can be implemented using security techniques. It should be noted that a privacy impact assessment is just a tool within this context and its use does not imply that privacy engineering is being practiced.
Core practices[edit]
As this particular field is still in its infancy and somewhat dominated by the legal aspects, the following list just outlines the primary areas which feed into privacy engineering:
- Privacy impact assessment
- Data flow modelling
- Requirements engineering
- Risk assessment
- Privacy management and processes[5][6]
Despite the development of the above areas, courses already exist[7][8] for the training of privacy engineering.
Aspects of information[edit]
As an area privacy engineering is particular concerned with the processing of information over the following aspects or ontologies and their relations[9] to their implementation in software:
- Information Type Ontologies (as opposed to PII or machine types)
- Data Processing Ontologies
- Semantics of information and data sets (see also noise and anonymisation)
- Provenance[10] of information, including the notion of data subject
- Usage of information
- Purpose of information, viz: primary vs secondary collection
- Notions of controller and processor[11]
- The notions of authority and identity (ostensibly of the source(s) of data)
Further to this how the above then affect the security classification, risk classification and thus the levels of protection and flow within a system can then the metricised or calculated.
See also[edit]
References[edit]
- ^ "Privacy Engineering at NIST". NIST. Retrieved 3 May 2015.
- ^ Internet Privacy Engineering Network. "Background and purpose". Retrieved 9 May 2015.
- ^ Oliver, Ian (July 2014). Privacy Engineering: A Dataflow and Ontological Approach (1st ed.). CreateSpace. ISBN 978-1497569713. Retrieved 3 May 2015.
- ^ Gürses, Seda; Troncoso, Carmela; Diaz, Claudia (2011). Engineering Privacy by Design (PDF). International Conference on Privacy and Data Protection (CPDP) Book. Retrieved 11 May 2015.
- ^ Dennedy, Fox, Finneran. The Privacy Engineer's Manifesto (1st ed.). APress. ISBN 978-1-4302-6355-5.
- ^ MITRE Corp. "Privacy Engineering Framework". Retrieved 4 May 2015.
- ^ "MSIT-Privacy Engineering". Carnegie Mellon University.
- ^ Oliver, Ian. "Introduction to Privacy and Privacy Engineering". EIT Summer School, University of Brighton. Retrieved 9 May 2015.
- ^ Standford Encyclopedia of Philosophy. "Semantic Conceptions of Information". Retrieved 9 May 2015.
- ^ Paul Groth, Luc Moreau. "An Overview of the PROV Family of Documents". W3C. Retrieved 10 May 2015.
- ^ Article 29 Data Protection Working Party (16 February 2010). "Opinion 1/2010 on the concepts of "controller" and "processor"". 00264/10/EN WP 169.
