Abstract
The research presented in this paper discusses the challenges and limitations of privacy by design as an effective tool for protecting users’ privacy. The EU data protection legislation requires all products, services, or systems that process personal data to be designed following a “privacy by design”. However, we contend that privacy by design does not have solid foundations to sustain privacy outside of its legal definitions, and it may only work as a legal compliance tool. Provided that the legal approach is not effective in protecting and enhancing users’ and citizens’ privacy, it is necessary to build a designerly understanding of privacy. The paper suggests a definition of privacy for design based on a universally acceptable ethical framework to create a common understanding of privacy for design and designers. Based on the notion of privacy for design, the paper supports creating a new design discipline to enhance users’ and citizens’ privacy: design for privacy.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The text of the Convention is available at https://www.un.org/en/universal-declaration-human-rights/index.html.
- 2.
The text of Convention 108+ is available at https://rm.coe.int/convention-108-convention-for-the-protection-of-individuals-with-regar/16808b36f1.
- 3.
Directive 95/46/EC of the European Parliament and the Council of 24 October 1995 on the protection of individuals concerning the processing of personal data and the free movement of such data, OJ L281, 23/11/1995, p. 31–50.
- 4.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ L119, 04/05/2016, p. 1–88.
- 5.
LGPD - Lei Geral de Proteção de Dados Pessoais (General Personal Data Protection Law), Law 13.709 of 14 August 2018, in force since 18 September 2020, O.J. (DOU) 15/08/2018.
- 6.
California Consumer Privacy Act of 2018 [1798.100 – 1798.199.100].
- 7.
Article 6(1): “Processing shall be lawful only if and to the extent that at least one of the following:
(a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
(b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
(c) processing is necessary for compliance with a legal obligation to which the controller is subject;
(d) processing is necessary in order to protect the vital interests of the data subject or of another natural person;
(e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
Point (f) of the first subparagraph shall not apply to processing carried out by public authorities in the performance of their tasks”.
- 8.
Free translation from Ovid’s Metamorphoses: “I know and approve the best, but I follow the worst”.
References
Waldman AE (2018) Privacy as trust: information privacy for an information age. Cambridge University Press, Cambridge; New York
Zuboff S (2019) The age of surveillance capitalism: the fight for a human future at the new frontier of power. PublicAffairs, New York
Foster JB, McChesney RW (2014) Surveillance capitalism: monopoly-finance capital, the military-industrial complex, and the digital age. Mon Rev 66:1
Véliz C (2020) Privacy is power: reclaiming democracy in the digital age. BANTAM Press (2020)
Pivato S (2013) I comunisti mangiano i bambini: storia di una leggenda. Società editrice il Mulino, Bologna
Bauman Z (2000) Liquid modernity. Polity Press; Blackwell, Cambridge; Malden
Cohen J (2006) Cyberspace as/and space. Columbia Law Rev 107:210
Floridi L (2011) The informational nature of personal identity. Minds Mach 21:549–566. https://doi.org/10.1007/s11023-011-9259-6
Couldry N, Mejias UA (2020) The costs of connection: how data is colonizing human life and appropriating it for capitalism
Pasquale F (2015) The black box society: the secret algorithms that control money and information. Harvard University Press, Cambridge; London
Cavoukian A (2012) Privacy by design [leading edge]. IEEE Technol Soc Mag 31:18–19. https://doi.org/10.1109/MTS.2012.2225459
Cavoukian A, Taylor S, Abrams ME (2010) Privacy by design: essential for organizational accountability and strong business practices. Identity Inf Soc 3:405–413. https://doi.org/10.1007/s12394-010-0053-z
van Lieshout M, Kool L, van Schoonhoven B, de Jonge M (2011) Privacy by design: an alternative to existing practice in safeguarding privacy. Info 13:55–68. https://doi.org/10.1108/14636691111174261
van Rest J, Boonstra D, Everts M, van Rijn M, van Paassen R (2014) Designing privacy-by-design. In: Preneel B, Ikonomou D (eds) Privacy technologies and policy. Springer, Heidelberg, pp 55–72. https://doi.org/10.1007/978-3-642-54069-1_4
Solove DJ (2006) The digital person: technology and privacy in the information age. New York University Press, Fredericksburg
Bowles C (2018) Future ethics. NowNext Press, London
Taleb NN (2018) Skin in the game: hidden asymmetries in daily life. Random House, New York
Geradin D, Katsifis D, Karanikioti T (2020) GDPR myopia: how a well-intended regulation ended up favoring Google in ad tech. SSRN Electron J. https://doi.org/10.2139/ssrn.3598130
Cross N (2006) Designerly ways of knowing. Springer, London
Papanek V (2019) Design for the real world. Thames & Hudson, LO
Monteiro M (2019) Ruined by design: how designers destroyed the world, and what we can do to fix it
Dunne A, Raby F (2013) Speculative everything: design, fiction, and social dreaming. The MIT Press, Cambridge; London
Warren S, Brandeis L (1890) The right to privacy. Harv Law Rev 4:193–220
Floridi L (2014) The 4th revolution: how the infosphere is reshaping human reality. Oxford University Press, New York; Oxford
Moore AD (2008) Defining privacy. Social Science Research Network, Rochester
Trepte S, Reinecke L (eds) (2011) Privacy online: perspectives on privacy and self-disclosure in the social web. Springer, Heidelberg; New York
van den Hoven J, Blaauw M, Pieters W, Warnier M (2020) Privacy and information technology. In: Zalta EN (ed) The Stanford Encyclopedia of philosophy. Metaphysics Research Lab, Stanford University
Westin AF (1967) Privacy and freedom. Scribner, New York
Solove DJ (2009) Understanding privacy. Harvard University Press, Cambridge; London
Downton P (2005) Design research. RMIT University Press, Melbourne
Buchanan R (2001) Design and the new rhetoric: productive arts in the philosophy of culture. Philos Rhetor 34:183–206. https://doi.org/10.1353/par.2001.0012
Verbeek P-P (2006) Materializing morality. Sci Technol Hum Values 31:361–380. https://doi.org/10.1177/0162243905285847
Archer LB (1984) Systematic method for designers. In: Cross N (ed) Developments in design methodology. Wiley, Chichester, pp 68–82
Buchanan R (2005) Design ethics. In: Mitcham C (ed) Encyclopedia of science, technology, and ethics. Thomson Gale, Farmington, Hills, pp 504–510
Haggart B (2019) The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power. Zuboff S (2018) J Digit Media Policy 10:229–243. https://doi.org/10.1386/jdmp.10.2.229_5
Privacy Enhancing Technologies (2016) Evolution and State of the Art A Community Approach to PETs Maturity Assessment. ENISA
Kshetri N (2017) Blockchain’s roles in strengthening cybersecurity and protecting privacy. Telecommun Policy 41:1027–1038. https://doi.org/10.1016/j.telpol.2017.09.003
Drăgnoiu Panait A, Olimid R, Stefanescu A (2020) Identity management on blockchain - privacy and security aspects. Proc Romanian Acad Ser Math Phys Tech Sci Inf Sci 21:45–52
Acknowledgements
This study was supported by UNIDCOM under a Grant by the Fundação para a Ciência e Tecnologia (FCT) no. UIDB/DES/00711/2020 attributed to UNIDCOM/IADE—Universidade Europeia, Lisbon, Portugal.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Parrilli, D.M., Hernández-Ramírez, R. (2021). Empowering Digital Users Through Design for Privacy. In: Martins, N., Brandão, D., Moreira da Silva, F. (eds) Perspectives on Design and Digital Communication II. Springer Series in Design and Innovation , vol 14. Springer, Cham. https://doi.org/10.1007/978-3-030-75867-7_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-75867-7_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-75866-0
Online ISBN: 978-3-030-75867-7
eBook Packages: EngineeringEngineering (R0)