Designing Privacy-by-Design

  • Jeroen van Rest
  • Daniel Boonstra
  • Maarten Everts
  • Martin van Rijn
  • Ron van Paassen
Conference paper

DOI: 10.1007/978-3-642-54069-1_4

Volume 8319 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
van Rest J., Boonstra D., Everts M., van Rijn M., van Paassen R. (2014) Designing Privacy-by-Design. In: Preneel B., Ikonomou D. (eds) Privacy Technologies and Policy. APF 2012. Lecture Notes in Computer Science, vol 8319. Springer, Berlin, Heidelberg

Abstract

The proposal for a new privacy regulation d.d. January 25th 2012 introduces sanctions of up to 2% of the annual turnover of enterprises. This elevates the importance of mitigation of privacy risks. This paper makes Privacy by Design more concrete, and positions it as the mechanism to mitigate these privacy risks.

In this vision paper, we describe how design patterns may be used to make the principle of Privacy by Design specific for relevant application domains. We identify a number of privacy design patterns as examples and we argue that the art is in finding the right level of abstraction to describe a privacy design pattern: the level where the data holder, data subject and privacy risks are described.

We give an extended definition of Privacy by Design and, taking Solove’s model for privacy invasions as structuring principle, we describe a tool and method to use that tool to generate trust in systems by citizens.

Keywords

privacy privacy design pattern privacy-by-design system engineering trust tooling 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Jeroen van Rest
    • 1
  • Daniel Boonstra
    • 1
  • Maarten Everts
    • 1
  • Martin van Rijn
    • 1
  • Ron van Paassen
    • 1
  1. 1.TNODelft / The HagueThe Netherlands