Consultation, cooperation, and collaboration- the "3 C"s, is a good point to start designing for user privacy.
The second decade of this century saw a major boom in ecommerce and the rise of online marketplaces. The timing is right to be proactive about designing privacy into technologies, business processes and networked infrastructures.
The easiest way to preserve trust is to incorporate privacy as the default without diminishing functionality. Subsequently, innovation will flourish.
By the principle of Purpose limitation, the controller must collect the data for specified, explicit and legitimate purposes, and not further reuse them for other purposes. The use of technical measures such as hashing to prevent data from being reused for another purpose may be an effective way to safeguard this principle.
The principle of Transparency requires that the data controller provide data subjects with the right to the erasure of their data (right to be forgotten), to object to processing, and to be protected against automated decision-making. Measures that can be taken include providing clear and easily accessible information so that the data provided by the user are analysed not only at the word level but also in broader contexts.
In practice, this information is usually provided in a Privacy Policy. The Policy should be designed in a concise, transparent, intelligible and easily accessible form, using clear and plain language. The Policy should be easily accessible and visible. A link can be added to the website's footer so that it is always one click away.
Anticipate, identify and prevent privacy-invasive events before they occur.
Design systems such that maximum user privacy is protected by default and require users’ explicit action for any deviation from maximum privacy.
Embed privacy settings into the design and architecture of information
technology systems and business practices instead of implementing
them after the fact as an add-on.
According to this principle, privacy should ideally have no detrimental effect on the functionality or security of the system as it is possible to have both.
Privacy and security must be guaranteed from the conception phase and through the entire lifecycle of the data.
Assure stakeholders that privacy standards are open, transparent and subject to independent verification.
The user must play a central and active role in the processing. Protect the interests of users by offering strong privacy defaults, appropriate notice, and empowering user-friendly options.
Implementing Privacy by Design ultimately gives you an edge over your competition, not just because it improves design but also because it retains customer trust in the business. With greater impetus directed at safe and ethical data use, not complying with such practices can prove costly both legally and reputation-wise.
In this day and age, it is virtually impossible to tell where one computer ends and another begins. By implementing fair information practices, specifically simplified choice and transparency, we can increase trust in the data collectors, and create confidence in the market. Here are 7 principles of Data Protection by Design.
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
