Privacy by Engineering

Privacy by Engineering

  • Definition: Privacy engineering encompasses the implementation, deployment, ongoing operation, and management of privacy features within systems.

  • Goals:

    • Incorporate functionality and management practices to satisfy privacy requirements.

    • Prevent compromise of Personally Identifiable Information (PII).

    • Mitigate the impact of breach of personal data.

Components of Privacy Engineering

Overview

  • Privacy engineering is distinct from privacy by design (PbD) and encompasses privacy activities throughout the system development life cycle.

Key Components

  1. Risks Identified: Recognize and articulate potential privacy risks.

  2. Controls Implemented: Establish controls to mitigate identified risks.

  3. System's Compliance: Ensure the system meets all requirements related to privacy.

  4. Privacy-specific Components:

    • Compliance with laws, regulations, standards, and best practices.

    • Selection of appropriate controls and technologies.

  5. Privacy Impact Assessment (PIA): Analyze how information is handled to ensure compliance with privacy laws and assess risks.

Risk Management and Assessment

  • Risk Management: A structured process for valuing assets, selecting and assessing security controls, authorizing systems, and continuous monitoring. This includes:

    • Assessing Risk: Based on threats, vulnerabilities, and existing controls.

    • Identifying Controls: Determine controls to reduce risks and prioritize their implementation.

    • Resource Allocation: Allocate roles and responsibilities for implementing these controls.

    • Monitoring Effectiveness: Evaluate the effectiveness of risk treatment.

Security Risk Assessment

  • Definition: Security risk is the chance of a loss due to threats exploiting vulnerabilities.

  • Process: It involves identifying valuable system resources, threats, potential losses, and assessing the likelihood of threats succeeding.

Privacy Requirements

  • Definition: These are system requirements related to privacy protection, defining capabilities, behaviors, and compliance alignments.

Privacy Impact Assessment

  • Purpose: To ensure information handling practices comply with privacy laws, assess risks, and implement protective measures.

Privacy Engineering and Security Objectives

  • Alignment: Privacy engineering aligns with security objectives focusing on confidentiality, integrity, and availability to implement privacy policies effectively.

Major Stages of Privacy Engineering

Privacy Implementation

  • Involves configuring system privacy features, integrating privacy controls, and testing them for proper functionality.

System Integration

  • Occurs during the deployment of systems and involves enabling and integrating privacy controls, resulting in a verified documentation of operational privacy controls.

Privacy Testing and Evaluation

  • Certification: Assessment of privacy controls to ensure functionality.

  • Accreditation: Authorization for system operation acknowledging associated risks.

  • Testing Methods:

    • Functional Testing: Tests advertised privacy mechanisms under operational conditions.

    • Penetration Testing: Mimic real-world attacks to identify risks.

    • User Testing: Real-world testing by end users to validate functionality.

Privacy Auditing and Incident Response

  • Auditing: Involves examining records for compliance and recommending changes.

  • Incident Response: Mitigation strategies for security breaches and adherence to security policies.

Privacy and Security

  • Both concepts are intertwined. Increasing collection of personal data raises concerns, necessitating effective privacy management extending beyond mere security measures.

Areas of Overlap Between Security and Privacy

  • While related, they are distinct. Privacy can have concerns arising even from authorized processing, whereas security focuses on protecting data from unauthorized access. Key objectives apply to both disciplines.

Distinct Differences

  1. Security Focus: Protecting systems, data, assets, ensuring availability.

  2. Privacy Focus: Managing and controlling PII, ensuring accountability, integrity, and responsible usage.

Trade-offs Between Privacy and Utility

  • Privacy and utility conflict in data usefulness versus data protection. Increased privacy measures may reduce data utility; strategies like privacy by design aim to balance both.

Usable Privacy

  • Definition: Refers to how well privacy features function for users. Essential aspects include:

    • Efficiency: Resources and time taken by users to achieve goals.

    • Satisfaction: User comfort and positivity towards privacy features.

Users of Privacy Services and Functions

  1. End Users: Individuals managing their PII.

  2. IT Administrators: Configure privacy settings.

  3. System Developers: Design privacy-friendly systems.

Conclusion

  • Usability and utility are critical in privacy engineering. Usability focuses on ease of use, while utility emphasizes functionality, both must be integrated into the design and operation of systems containing PII.