A Critical Analysis of Privacy Design Strategies

Colesky, Michael; Hoepman, Jaap-Henk; Hillen, Christiaan

doi:10.1109/spw.2016.23

Cited by 109 publications

(92 citation statements)

References 19 publications

(43 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In contrast with previous work on privacy by design, "privacy design strategies" or privacy engineering [26], [7], [24,25], [38], we do not propose a new design framework or process here, but a methodology to select an architecture among a range of options and to justify this choice with respect to a privacy risk analysis. Our work is therefore complementary to the above proposals and contributes to establish links between privacy risk analysis and privacy by design.…”

Section: Choice Of Architecturementioning

confidence: 99%

A Refinement Approach for the Reuse of Privacy Risk Analysis Results

Métayer

2017

Privacy Technologies and Policy

View full text Add to dashboard Cite

Section: Choice Of Architecturementioning

confidence: 99%

A Refinement Approach for the Reuse of Privacy Risk Analysis Results

Métayer

2017

Privacy Technologies and Policy

View full text Add to dashboard Cite

“…A privacy design strategy "specifies a distinct architectural goal in privacy by design to achieve a certain level of privacy protection" [5]. Privacy design strategies are a technique for achieving privacy by design first noted by Hoepman [4].…”

Section: Strategies and Tacticsmentioning

confidence: 99%

“…They previously translated the original data protection principles into design goals more accessible to software engineers. These strategies have been extended to make them more relevant in the GDPR context, and provide a direct path from concept to design implementation [5]. This is achieved through privacy patterns, common solutions to recurring design problems in privacy by design.…”

Section: Strategies and Tacticsmentioning

confidence: 99%

“…They are shown in TABLE I. SEPARATE for instance can be approached through both processing in isolation, and in distributing the data, both logically and physically [5]. The ongoing collection of privacy patterns which the strategies and tactics connect to are found in [11].…”

Section: Strategies and Tacticsmentioning

confidence: 99%

“…'Strategies' use the GDPR to formulate software design goals, and then suggest 'privacy patterns' (recurring solutions to common design problems in privacy) for implementation [5]. These were initially designed to assist in adhering to the EU Data Protection Directive [4].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Privacy Shielding by Design — A Strategies Case for Near-Compliance

Colesky

Ghanavati

2016

2016 IEEE 24th International Requirements Engineering Conference Workshops (REW)

Self Cite

View full text Add to dashboard Cite

Abstract-Changes to the EU-US agreements on transatlantic data transmission are accepted. With the updates leading to an adequacy decision for the Privacy Shield, the European Commission further advances US adherence to the General Data Protection Regulation. The regulation comes with increasing territorial scope for the processing of personal data of persons in the EU, and includes the risk of substantial fines. Soon, a Privacy Shield self-certification will be necessary for US organizations which process EU data. Compliance with these requirements may be assisted by privacy by design. In particular, a recent approach to this uses privacy design strategies. Our paper takes this approach and applies it to the Privacy Shield and its suggested changes. It then explores a case study within scope of the Privacy Shield to demonstrate how to apply privacy by design using strategies.

show abstract

Bibliography

2021

Privacy, Regulations, and Cybersecurity

View full text Add to dashboard Cite

In preparing for this book, the sequel to Cybersecurity Program Development for Business: The Essential Planning Guide (Wiley 2018), I have consulted with, attended, read, and visited thousands of primary sources, be they in the form of books, seminars, workshops, classes, conferences, vendors, or cybersecurity professionals of every specialty that you can imagine (and some that you cannot!). It is-clearly-impossible to list all the material that I consulted and influenced my thinking, and I therefore apologize in advance for any omissions from the following bibliography.The bibliography is first organized topically, followed by selected bibliography from Cybersecurity Program Development for Business: The Essential Planning Guide, whose material has been used extensively throughout the cybersecurity part of this book.

show abstract

A Critical Analysis of Privacy Design Strategies

Cited by 109 publications

References 19 publications

A Refinement Approach for the Reuse of Privacy Risk Analysis Results

A Refinement Approach for the Reuse of Privacy Risk Analysis Results

Privacy Shielding by Design — A Strategies Case for Near-Compliance

Bibliography

Contact Info

Product

Resources

About