Designing privacy-by-design

Jeroen van Rest; Daniel Boonstra; Maarten Everts; Martin van Rijn; Ron van Paassen

doi:10.1007/978-3-642-54069-1_4

Designing privacy-by-design

Jeroen van Rest, Daniel Boonstra, Maarten Everts, Martin van Rijn, Ron van Paassen

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

36 Citations (Scopus)

Abstract

The proposal for a new privacy regulation d.d. January 25^th 2012 introduces sanctions of up to 2% of the annual turnover of enterprises. This elevates the importance of mitigation of privacy risks. This paper makes Privacy by Design more concrete, and positions it as the mechanism to mitigate these privacy risks. In this vision paper, we describe how design patterns may be used to make the principle of Privacy by Design specific for relevant application domains. We identify a number of privacy design patterns as examples and we argue that the art is in finding the right level of abstraction to describe a privacy design pattern: the level where the data holder, data subject and privacy risks are described. We give an extended definition of Privacy by Design and, taking Solove’s model for privacy invasions as structuring principle, we describe a tool and method to use that tool to generate trust in systems by citizens.

Original language	English
Title of host publication	Privacy Technologies and Policy
Subtitle of host publication	First Annual Privacy Forum, APF 2012, Limassol, Cyprus, October 10-11, 2012, Revised Selected Papers
Editors	Bart Preneel, Demosthenes Ikonomou
Place of Publication	Berlin, Heidelberg
Publisher	Springer
Pages	55-72
Number of pages	18
ISBN (Electronic)	978-3-642-54069-1
ISBN (Print)	978-3-642-54068-4
DOIs	https://doi.org/10.1007/978-3-642-54069-1_4
Publication status	Published - 2014
Externally published	Yes
Event	1st Annual Privacy Forum, APF 2012: Closing the loop from research to policy - Limassol, Cyprus Duration: 10 Oct 2012 → 11 Oct 2012 Conference number: 1

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	8319
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	1st Annual Privacy Forum, APF 2012
Abbreviated title	APF 2012
Country/Territory	Cyprus
City	Limassol
Period	10/10/12 → 11/10/12

Keywords

Privacy
Privacy design pattern
Privacy-by-design
System engineering
Tooling
Trust
n/a OA procedure

Access to Document

10.1007/978-3-642-54069-1_4

Cite this

van Rest, J., Boonstra, D., Everts, M., van Rijn, M., & van Paassen, R. (2014). Designing privacy-by-design. In B. Preneel, & D. Ikonomou (Eds.), Privacy Technologies and Policy: First Annual Privacy Forum, APF 2012, Limassol, Cyprus, October 10-11, 2012, Revised Selected Papers (pp. 55-72). (Lecture Notes in Computer Science; Vol. 8319). Springer. https://doi.org/10.1007/978-3-642-54069-1_4

@inproceedings{d2d172be05044302a3cc80080addb813,

title = "Designing privacy-by-design",

abstract = "The proposal for a new privacy regulation d.d. January 25th 2012 introduces sanctions of up to 2% of the annual turnover of enterprises. This elevates the importance of mitigation of privacy risks. This paper makes Privacy by Design more concrete, and positions it as the mechanism to mitigate these privacy risks. In this vision paper, we describe how design patterns may be used to make the principle of Privacy by Design specific for relevant application domains. We identify a number of privacy design patterns as examples and we argue that the art is in finding the right level of abstraction to describe a privacy design pattern: the level where the data holder, data subject and privacy risks are described. We give an extended definition of Privacy by Design and, taking Solove{\textquoteright}s model for privacy invasions as structuring principle, we describe a tool and method to use that tool to generate trust in systems by citizens.",

keywords = "Privacy, Privacy design pattern, Privacy-by-design, System engineering, Tooling, Trust, n/a OA procedure",

author = "{van Rest}, Jeroen and Daniel Boonstra and Maarten Everts and {van Rijn}, Martin and {van Paassen}, Ron",

note = "Publisher Copyright: {\textcopyright} Springer-Verlag Berlin Heidelberg 2014.; 1st Annual Privacy Forum, APF 2012 : Closing the loop from research to policy, APF 2012 ; Conference date: 10-10-2012 Through 11-10-2012",

year = "2014",

doi = "10.1007/978-3-642-54069-1_4",

language = "English",

isbn = "978-3-642-54068-4",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "55--72",

editor = "Bart Preneel and Demosthenes Ikonomou",

booktitle = "Privacy Technologies and Policy",

address = "Germany",

}

van Rest, J, Boonstra, D, Everts, M, van Rijn, M & van Paassen, R 2014, Designing privacy-by-design. in B Preneel & D Ikonomou (eds), Privacy Technologies and Policy: First Annual Privacy Forum, APF 2012, Limassol, Cyprus, October 10-11, 2012, Revised Selected Papers. Lecture Notes in Computer Science, vol. 8319, Springer, Berlin, Heidelberg, pp. 55-72, 1st Annual Privacy Forum, APF 2012, Limassol, Cyprus, 10/10/12. https://doi.org/10.1007/978-3-642-54069-1_4

Designing privacy-by-design. / van Rest, Jeroen; Boonstra, Daniel; Everts, Maarten et al.
Privacy Technologies and Policy: First Annual Privacy Forum, APF 2012, Limassol, Cyprus, October 10-11, 2012, Revised Selected Papers. ed. / Bart Preneel; Demosthenes Ikonomou. Berlin, Heidelberg: Springer, 2014. p. 55-72 (Lecture Notes in Computer Science; Vol. 8319).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Designing privacy-by-design

AU - van Rest, Jeroen

AU - Boonstra, Daniel

AU - Everts, Maarten

AU - van Rijn, Martin

AU - van Paassen, Ron

N1 - Conference code: 1

PY - 2014

Y1 - 2014

N2 - The proposal for a new privacy regulation d.d. January 25th 2012 introduces sanctions of up to 2% of the annual turnover of enterprises. This elevates the importance of mitigation of privacy risks. This paper makes Privacy by Design more concrete, and positions it as the mechanism to mitigate these privacy risks. In this vision paper, we describe how design patterns may be used to make the principle of Privacy by Design specific for relevant application domains. We identify a number of privacy design patterns as examples and we argue that the art is in finding the right level of abstraction to describe a privacy design pattern: the level where the data holder, data subject and privacy risks are described. We give an extended definition of Privacy by Design and, taking Solove’s model for privacy invasions as structuring principle, we describe a tool and method to use that tool to generate trust in systems by citizens.

AB - The proposal for a new privacy regulation d.d. January 25th 2012 introduces sanctions of up to 2% of the annual turnover of enterprises. This elevates the importance of mitigation of privacy risks. This paper makes Privacy by Design more concrete, and positions it as the mechanism to mitigate these privacy risks. In this vision paper, we describe how design patterns may be used to make the principle of Privacy by Design specific for relevant application domains. We identify a number of privacy design patterns as examples and we argue that the art is in finding the right level of abstraction to describe a privacy design pattern: the level where the data holder, data subject and privacy risks are described. We give an extended definition of Privacy by Design and, taking Solove’s model for privacy invasions as structuring principle, we describe a tool and method to use that tool to generate trust in systems by citizens.

KW - Privacy

KW - Privacy design pattern

KW - Privacy-by-design

KW - System engineering

KW - Tooling

KW - Trust

KW - n/a OA procedure

UR - http://www.scopus.com/inward/record.url?scp=84927645307&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-54069-1_4

DO - 10.1007/978-3-642-54069-1_4

M3 - Conference contribution

AN - SCOPUS:84927645307

SN - 978-3-642-54068-4

T3 - Lecture Notes in Computer Science

SP - 55

EP - 72

BT - Privacy Technologies and Policy

A2 - Preneel, Bart

A2 - Ikonomou, Demosthenes

PB - Springer

CY - Berlin, Heidelberg

T2 - 1st Annual Privacy Forum, APF 2012

Y2 - 10 October 2012 through 11 October 2012

ER -

van Rest J, Boonstra D, Everts M, van Rijn M, van Paassen R. Designing privacy-by-design. In Preneel B, Ikonomou D, editors, Privacy Technologies and Policy: First Annual Privacy Forum, APF 2012, Limassol, Cyprus, October 10-11, 2012, Revised Selected Papers. Berlin, Heidelberg: Springer. 2014. p. 55-72. (Lecture Notes in Computer Science). doi: 10.1007/978-3-642-54069-1_4

Designing privacy-by-design

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this