One More Thing

Privacy be Design

Privacy by design is not a new principle but it is receiving new emphasis as the world continues to turn its attention to digital privacy and how to protect information. “Privacy by design calls for privacy to be taken into account throughout the whole engineering process.”

The idea of designing privacy into the technological processes is focused on providing users with security at every turn. The Guiding principles are

  1. Proactive not Reactive; Preventative not Remedial
  2. Privacy as the Default
  3. Privacy Embedded into Design
  4. Full Functionality — Postive-Sum, not Zero-Sum
  5. End-to-End Security — Lifecycle Protection
  6. Visibility and Transparency
  7. Respect for User Privacy

These seven guiding principals provide us with an understanding on how privacy by design provides a change to the status quo of data protection. Instead of building ways to mine for data into software privacy by design makes protecting the privacy of users the most crucial aspect of developing services. While privacy by design is not enforced by lay in the United States it is receiving legal considerations by the European Union where developing technology and collecting data are processes that legally must follow the privacy by design framework. “New European privacy rules, formally known as the General Data Protection Regulation (GDPR), call on companies to explicitly incorporate measures to keep this data safe — by default.”

The wide overarching legislation not only regulates privacy within the EU business outside the EU that process EU data. “if you develop for European customers, you must comply with EU data protection and privacy standards for those individuals, even if you yourself are not located within Europe.”

While the United States have not take steps to ensure privacy protection by law through supporting Privacy by Design the principals have been supported in North America. “In Canada, the recent Report of the Standing Committee on Access to Information, Privacy and Ethics recommended that PbD become an explicit part of Canadian privacy law, stating that it “believes that [PbD] is an effective way to protect the privacy and reputation of Canadians.”‘ With widespread acceptance of these principals in the first world where does this leave the United States? Currently the United states has not taken steps to match Canada, and the European Unions commitment to protecting privacy. However businesses in the United states are still subject to EU regulation if they are providing services to Citizens the the EU. “If you are a business owner in the US, what does this mean for you? If you target individuals in the EU, or even monitor their activity, you should take the PbD mandate seriously.Even if you don’t, you should start to make user privacy a priority in order to prepare for a time when stronger privacy laws are enacted in the U.S. and in jurisdictions where you do business.”

So where does this leave us as educators in the United States who are looking at which technologies we should emplacement in our classrooms? With the expectation that the United States will eventually follow suit and require stricter laws around the development of technology and collection of data we as educators should work to stay on the leading edge. We need to research programs and aps before we implement them in our classrooms to endure they were developed with Privacy by Design Principles in mind and ensure that our students understand what is necessary in order to protect their privacy.

Leave a comment

Your email address will not be published. Required fields are marked *