Privacy by Design: A Matter of Choice

  • Daniel Le Métayer


Privacy by design is often praised by lawyers as an essential step towards better privacy protection: in a world where privacy is more and more jeopardized by new information and communication technologies (ICT), the growing view is that part of the remedy should come from the technologies themselves. On the technological front, privacy enhancing technologies (PETs) have been an active research topic in computer science during the last decades and a variety of techniques have been proposed (including anonymizers, identity management systems, privacy proxies, encryption mechanisms, filters, etc.). One must admit however that the take-up of most of these techniques by consumers is still rather limited. The goal of this chapter is to review this gap between a toolset of available technologies and the still unrealized promises of privacy by design.


Personal Data Digital Right Management Virtuous Cycle Data Protection Directive Identity Management System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



This work has been partially funded by ANR (Agence Nationale de la Recherche) under the grant ANR-07-SESU-005 (project FLUOR).


  1. Agrawal, R., J. Kiernan, R. Srikant, and Y. Xu. 2002. Hippocratic databases. In Proceedings of the 28th international conference on very large data bases (VLDB 2002), eds. P.A. Bernstein, Y.E. Ioannidis, R. Ramakrishnan, and D. Papadias, 143–154. Hong Kong: VLDB Endowment.Google Scholar
  2. Anciaux, N., M. Benzine, L. Bouganim, K. Jacquemin, P. Pucheral, and S. Yin. 2008. Restoring the patient control over her medical history. In Proceedings of the 21st IEEE international symposium on computer-based medical systems, eds. N. Anciaux, M. Benzine, L. Bouganim, K. Jacquemin, P. Pucheral, and S. Yin, 132–137. Washington, DC: IEEE Computer Society.Google Scholar
  3. Bock, K. 2008. An approach to strengthen user confidence through privacy certification. Datenschutz and Datensicherheit—DuD 32 (9): 610–614.CrossRefGoogle Scholar
  4. Bygrave, L.A. 2002. Privacy-enhancing technologies: Caught between a rock and the hard place. Privacy Law and Policy Reporter 9: 135–137.Google Scholar
  5. Cavoukian, A. 2008. Privacy and radical pragmatism: Change the paradigm. White Paper. Information and Privacy Commissioner of Ontario, Canada.Google Scholar
  6. CC. 2006. The common criteria for information technologies security evaluation, CC V3.1, Part 1: Introduction and general model. CCMB-2006-09-001.Google Scholar
  7. Deswarte, Y., C. Aguilar Melchor. 2006. Current and future privacy enhancing technologies for the internet. Annales des télécommunications 61 (3–4): 399–417.Google Scholar
  8. Directive 95/46/EC. 1995. Directive 95/46/EC of the European Parliament and of the Council of the 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal L281(23/11/1995): 31–50.Google Scholar
  9. Dommering, E., and L. Asscher, eds. 2006. Coding regulation: Essays on the normative role of information technology. The Hague: T.M.C. Asser Press.Google Scholar
  10. European Commission. 2003. First report on the implementation of the Data Protection Directive 95/46/EC. COM (2003) 265, May 2003.Google Scholar
  11. Goldberg, I. 2003. Privacy-enhancing technologies for the Internet, II: Five years later. In Proceedings of the workshop on privacy enhancing technologies. Lecture Notes in Computer Science (LNCS), vol. 2482. Heidelberg: Springer.Google Scholar
  12. Grossklags, J., and A. Acquisti. 2009. When 25 cents is too much: An experiment on willingness-to-sell and willingness-to-protect personal information. Working paper.Google Scholar
  13. Gürses, S. 2009. Circumscribing PETs. In Proceedings of the conference on privacy and data protection, (CPDP 2009). Heidelberg: Springer.Google Scholar
  14. Hildebrandt, M., and S. Gutwirth. eds. 2008. Profiling the European citizen. Dordrecht: Springer.CrossRefGoogle Scholar
  15. ISTPA. 2002. Privacy framework, version 1.1. International Security, Trust and Privacy Alliance.Google Scholar
  16. Jacobs, B. 2009. Architecture is politics: Security and privacy issues in transport and beyond. In Proceedings of the conference on privacy and data protection, (CPDP 2009). Heidelberg: Springer.Google Scholar
  17. De Jonge, W., and B. Jacobs. 2008. Privacy-friendly electronic traffic pricing via commits. In Proceedings of the workshop of Formal Aspects of Securiy and Trust (FAST 2008). Lecture Notes in Computer Science (LNCS), vol. 5491. Heidelberg: Springer.Google Scholar
  18. Kalloniatis, C., E. Kavakli, and S. Gritzalis. 2008. Addressing privacy requirements in system design: The PriS method. Requirements Engineering 13 (3): 241–255.CrossRefGoogle Scholar
  19. Karat, J., C. Karat, C. Brodie, and J. Feng. 2005. Designing natural language and structured entry methods for privacy policy authoring. In Proceedings of the 10th IFIP TC13 international conference of human-computer interaction. Berlin: Springer.Google Scholar
  20. Kosta, E., J. Zibuschka, T. Scherner, and J. Dumortier. 2008. Legal considerations on privacy-enhancing location based services using PRIME technology. Computer Law and Security Report 24: 139–146.CrossRefGoogle Scholar
  21. Langheinrich, M. 2001. Privacy by design: Principles of privacy aware ubiquitous systems. In Proceedings of the Ubicomp conference, 273–291. Lecture Notes in Computer Science (LNCS), vol. 2201. London: Springer.Google Scholar
  22. Le Métayer, D. 2009. A formal privacy management framework. Proceedings of the workshop of formal aspects of securiy and trust (FAST 2008), 162–176. Lecture Notes in Computer Science (LNCS), vol. 5491. Berlin: Springer.Google Scholar
  23. Lessig, L. 1999. Code and other laws in cyberspace. New York: Basic Books.Google Scholar
  24. OECD. 1980. OECD guidelines on the protection of privacy and transborder flows of personal data. Organization for Economic Co-operation and Development.Google Scholar
  25. Poullet, Y. 2006. The Directive 95/46/EC: Ten years after. Computer Law and Security Report 22 (3): 206–217.CrossRefGoogle Scholar
  26. Poullet, Y. 2009. About the e-Privacy directive, towards a third generation of data protection legislations. In Proceedings of the conference on privacy and data protection, (CPDP 2009). Heidelberg: Springer.Google Scholar
  27. Rezgui, A., A. Bouguettaya, and M.Y. Eltoweissy. 2003. Privacy on the web: Facts, challenges, and solutions. IEEE Security and Privacy 1 (6): 40–49.CrossRefGoogle Scholar
  28. Rouvroy, A. 2008. Privacy, data protection, and the unprecedented challenges of ambient intelligence. Studies in Law, Ethics and Technology 2 (1): 1–51.Google Scholar
  29. Rouvroy, A., and Y. Poullet. 2009. The right to informational self-determination and the value of self-development. Reassessing the importance of privacy for democracy. In Proceedings of the conference reinventing data protection. Dordrecht: Springer.Google Scholar
  30. Tynan, D. 2007. The privacy market has many sellers, but few buyers. Scholar
  31. WP29. 2006. Article 29 Data Protection Working Party, 1611/06/EN, WP 126, Opinion 8/2006 on the review of the regulatory framework for Electronic Communications and Services, with focus on the e-Privacy Directive. Adopted on 26 September.Google Scholar
  32. WP29. 2009. Article 29 Data Protection Working Party, 00350/09/EN, WP 159, Opinion 1/2009 on the proposals amending Directive 2002/58/EC on privacy and electronic communications (e-Privacy Directive). Adopted on 10 February.Google Scholar

Copyright information

© Springer Science+Business Media B.V. 2010

Authors and Affiliations

  1. 1.Grenoble Rhône-Alpes Research CenterINRIA (Institut National de Recherche en Informatique et Automatique)MontbonnotFrance

Personalised recommendations