Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Privacy by Design

101 views

Published on

The concept of Privacy by Design was created to ensure that the protection of the user's private life is integrated from conception in new technological and commercial applications.

For each new application, product, or service using personal data, companies as well as all data processing entities must provide their users or clients with the highest possible level of data protection.

Published in: Data & Analytics
  • Be the first to comment

  • Be the first to like this

Privacy by Design

  1. 1. NEWPRODUCT / APP / SERVICE by Designed by by Sources : European data protection supervisor - edps.europa.eu/data-protection_fr National Commission for Data Protection - cnpd.public.lu • Entreprise 2020 - www.entreprise2020.fr/une-ethique-du-numerique/ The State of Ethics in Design & Ethical Design Thinking Workshop, Maheen SOHAIL - bitly.com/ethicsbydesign FOLLOW US ON TWITTER respecting private life from conception Privacy by design Companies are at risk if they fail to respect the GDPR* The 7 founding principles of Privacy by Design Intervention cycle An action grid to prevent risk theft of business data loss of market shares damages to the brand image REPUTATION Privacy embedded into design: it should be integral to the system, without diminishing functionality Visibility and transparency for all users Respect for user privacy: the system should be optimized for users and all of their needs Privacy as the default to ensure personal data are automatically protected: individuals don't have to take action to be protected Proactive not reactive, preventative not remedial measures Full functionality: trade-offs shouldn’t be made to accommodate either privacy or functionalityEnd-to-end security during the whole time data is retained Data protection Encryption, tokenization, centralised access to data, etc. Let people get hold of the right information, at the right time, for the right reasons Identification and access Security operations Vulnerability analysis, security information and event management, correction of incidents legal proceedings It records all treatment activities: types of personal data, time limit on data delation, whether the data is being transfered to other nations. Book keeping Only authorized person can access the data. Limited data access Collect as little data as possible and make sure retained personal data are secure. Limited data collection Processing is limited to the ends for which the data has initialy been collected. Limited processing Lead an assessment ahead of dealing with personal data that could put the involved indiciduals at risk. Impact assessment Make sure that confidentiality,disponibility, and systemresiliency are continuouslyavailable. Continuous assessment To go further: Being Ethical by Design Beyond conception, digital ethics are also linked to uses, which implies giving some thought to laws and self-regulation. That can be correlated to many thematics: big data and personal data protection, transparency towards clients, infobesity, limits between private and professional life, the digital gap, traceability, predictive algorithms, and free will... Being ethical by design demands to anticipate uses and the ways in which new tools will change them. * The General Data Protection Regulation N. 2016/679 is a regulation in European Union law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA) since 25 May 2018. See our infographics on the subject.GDPR loss of clients' trust Training & awareness Understanding the meaning of these obligations and expeditiously execute them After Peter Morville's "User Experience Honeycomb" The concept of Privacy by Design was created to ensure that the protection of the user's private life is integrated from conception in new technological and commercial applications. For each new application, product, or service using personal data, companies as well as all data processing entities must provide their users or clients with the highest possible level of data protection.

×