Privacy engineering is often associated with terms such as:
— privacy-by-design and privacy-by-default, coined by Ann Cavoukian in the early nineties; or
— data protection by design and data protection by default, used in the European regulation published in April 2016.
In recent years, a number of concepts, principles and approaches have been proposed for privacy engineering. In a paper on privacy engineering, Spiekermann and Cranor contrast privacy-by-architecture from privacy-by-policy. The former focuses on data minimization, anonymization and client-side data processing and storage while the latter focuses on enforcing policies in data processing. In a paper on engineering privacy-by-design, Gürses, Troncoso, and Diaz state that data minimization should be the foundational principle for engineering privacy-respecting systems. In a paper on privacy-by-design in intelligent transport systems, Kung, Freytag and Kargl define three principles, minimization, enforcement and transparency. In a paper on protection goals for privacy engineering, Hansen, Jensen, and Rost identify three goals: unlinkability, transparency and intervenability. In two papers on privacy design strategies, Hoepman identifies four data oriented strategies (minimize, separate, abstract, hide), as well as four process oriented strategies (inform, control, enforce, demonstrate).
Consumer protection: privacy by design for consumer goods and servicesSeptember 25, 2021
PRIVACY BY DESIGN AND USER INTERFACES: EMERGING DESIGN CRITERIA – KEEP IT USER-CENTRICSeptember 24, 2021