information privacy Concepts Privacy by design Privacy engineering

INFORMATION PRIVACY

  • Concepts

    • Privacy by Design

    • Privacy Engineering

Privacy in Information

  • Definitions

    • Privacy is commonly discussed in various contexts: philosophical, political, and legal.

    • Two core aspects of privacy:

      • Right to be left alone

      • Control over information released about oneself

Key Characteristics of Privacy

  • Right to be Left Alone

    • Free from observation or disturbance by others

  • Control Over Information

    • Ability to manage collection, storage, and disclosure of personal data

Privacy Defined

  • Privacy is an individual's right concerning their personal information, affecting collection, storage, and disclosure, including data gatherers and sharing parties.

  • Reference: ITU-T Recommendation X.800

Information Privacy in Context

  • Privacy implies restricting access to personal data to unauthorized parties.

  • Involves:

    • Collection

    • Management

    • Protection

    • Proper use of personal information

  • Source: U.S. National Research Council

Personally Identifiable Information (PII)

  • Focuses on PII over surveillance methods.

  • PII: Data used to identify/tracking individuals.

  • Examples of PII (NIST 2008):

    • Name variations and identifiers

    • Personal identification numbers (e.g., SSN, passport)

    • Address details (street and email)

    • Telephone numbers (mobile, business, personal)

Additional PII Characteristics

  • Asset information (e.g., IP, MAC addresses)

  • Personal characteristics (e.g., photographs, biometric data)

  • Property identifiers (e.g., vehicle registration)

  • Linked information (e.g., birthdate, religion, employment details)

Privacy by Design (PbD) and Engineering

  • PbD Principles:

    • Embed Privacy into Design

    • User-focused, proactive prevention of breaches

    • Privacy as default setting

    • Regulatory compliance and risk management

Privacy Engineering Framework

  • Integrates privacy throughout the system development lifecycle, aligning security measures with privacy objectives

  • Steps in Privacy by Design:

    • Determine requirements and develop policy

    • Assess risks

    • Select security and privacy controls

    • Monitor and audit for compliance

    • Test and evaluate privacy measures

Foundational Principles of Privacy by Design

  • Proactive, not Reactive

  • Privacy Embedded into Design

  • Privacy as Default

  • Positive-Sum Functionality

  • End-to-End Security

  • Respect for User Privacy

Privacy by Design Characteristics

Proactive, Not Reactive

  • Design anticipates privacy issues preemptively.

Privacy as the Default

  • Organizations should only process necessary data, ensuring passive protection for PII.

Privacy Embedded into Design

  • Core functions, not add-ons after system completion.

Positive-Sum Functionality

  • Aims to avoid trade-offs between functionality and privacy.

End-to-End Security

  • Ensures protection throughout data life cycle without gaps.

Respect for User Privacy

Key Aspects

  • Consent: Empower users to manage their PII.

  • Accuracy: Maintain up-to-date PII records.

  • Access: Allow individuals to review their data and correct inaccuracies.

Privacy Management and Policy Development

  • Identification of relevant regulations and standards

  • Development of a privacy plan and policy

  • Coordination among stakeholders and privacy integration

Privacy Risk Assessment

  • Objective: Determine budgets for privacy controls protecting personal information.

Assessment Elements

  • Privacy-related Asset: Anything requiring protection, primarily PII.

  • Privacy Vulnerability: Flaws exploitable by threats, compromising privacy policy.

  • Privacy Technical Controls: Measures to enforce privacy policies and protect PII.

Privacy Risk Assessment Steps

  1. Assess Impact: Identify potential harm from privacy violations.

  2. Evaluate Likelihood: Assess probability of privacy incidents.

  3. Determine Risk Level: Combine impact and likelihood for an overall privacy risk estimate.

Privacy and Security Control Selection

  • Utilize measures specific to privacy alongside security controls for PII safety.

  • Resources:

    • NIST SP 800-53 for risk management controls

    • ISO 29151 for best privacy practices

Security Controls

  • Designed to maintain PII confidentiality, integrity, and availability.

  • Implemented through various methods (e.g., access control).

Privacy Program and Integration Plan

  • Ensures privacy is embedded from the beginning of system development.

  • Includes key roles, privacy milestones, and control integration.

  • Outputs: Privacy integration schematic, service lists, and risk identifications.