Emerging technologies: Part 1: Embedding privacy by design

Visit BSI's Experts Corner: Home for insights from BSI’s practice directors and industry experts on digital trust, environmental, health, safety, security, and sustainability.

August 31, 2023 - “Privacy by design and default” is an inherent part of safeguarding and using data in ways that protect and enhance the privacy of individuals. The concept involves integrating privacy considerations into the early design, development, and implementation stages of system architecture, such that privacy is an intrinsic component and not a bolt-on. This helps to ensure that the collection, handling, and use of personal data (including potentially and sensitive data) is conducted in a privacy-conscious manner from the outset.

Adopting this concept, organizations can build products and systems that prioritize privacy and data protection as integral enabling components, leading to cost savings, project efficiencies, and consumer goodwill. The main elements of privacy by design and default can be summarized as follows.

Proactivity, not reactivity

Traditionally, organizations would not have implemented privacy-protection tools from the outset, meaning that these tools were being factored in (if at all) only after architectures had been designed and project decisions made. Regulatory requirements, such as the General Data Protection Regulation (GDPR) in the EU or the UK Data Protection Act, mean that data-protection compliance and privacy measures should not be treated as an add-on. The traditional reactive approach has led to security vulnerabilities, potential legal issues, and increased project costs and slippages due to significant changes to already-established architectures, solution designs, system implementations, and business processes.

On the flip side, proactively implementing privacy by design can lead to cost savings, greater user trust, and fewer data breaches. For instance, consider a new mobile application: the development team has scope to incorporate measures such as consent pop-ups or conspicuous privacy notices prior to initiating any data collection or processing actions.

Privacy as the default

Start with “privacy preserving” as the default setting for users. For example, a social media platform can set user profiles to private by default, and these profiles will not be published or uniquely identifiable to the wider internet. Media platforms have been known to not do that from the outset to promulgate user use and accessibility, but this has led to an increased risk of compromised user data without users even knowing. Allowing users to choose to make their information public if they wish, rather than having them automatically public, is a core privacy-by-design principle.

Full functionality

Full functionality means that the system performs all intended functions without any significant drawbacks or restrictions, even with privacy-enhancing and privacy-protecting measures fully implemented. This applies to all privacy-protecting measures within the supply chain and within system design and to all user-oriented decisions.

For instance, in the context of product returns, full functionality involves efficiently safeguarding sensitive information held by third-party couriers. Achieving full functionality would ideally result in a system that is as usable, if not more usable, than before, minimizing required user input and providing clear communications about the necessary data and its purpose to achieve a successful return.

End-to-end security

Keeping things safe and secure is a fundamental element of privacy by design. As an example, messaging applications and email services now typically implement end-to-end encryption. This serves to protect user messages from unauthorized access while ensuring the seamless communication and ease of use for both senders and recipients. This is a win-win for privacy and indeed user experience but must be balanced with other considerations, such as national security and eDiscovery.

Visibility and transparency

Ensuring that clear and understandable information is provided to users about how their data is collected, used, and shared is paramount. Take an e-commerce website: pop-ups are there to explain what personal information is collected and how cookies and personal data might be used, and when you import it, it may be used for order processing or shared with third parties for logistics or return fulfilments.

Minimizing what you collect, informing your customers by adopting a transparency-first approach, and giving them control where possible mean that you are putting the user first. People naturally feel empowered when given the opportunity to influence outcomes, and this includes having information about the use of and control over their own personal data. This in turn will lead to a positive customer experience and enhanced organizational trust.

For more on this topic, watch Emerging technologies: Privacy-by-design transforming supply chain management with BSI practice leads Conor Hogan and Tony Pelli. Read Avoiding digital chaos: Part 2: The threats and opportunities of new technology by Conor Hogan to learn more on emerging technologies. For further insights on other digital trust, privacy, information security, and environmental, health, and safety topics that should be at the top of your organization's list, visit BSI's Experts Corner.