Privacy Engineering: What is Privacy Engineering? Why is it important?

Privacy Enigineering

Table of Contents


The host of the morning show Good Day Philadelphia, Karen Hepp, is suing Facebook, Reddit and several other websites for salacious content after her image, taken by a surveillance camera at a convenience store in New York, was misused in advertisements displayed on these sites.

In her plaint filed in early September 2019, she stated that her images have been used for “prurient and illicit purposes” that have caused “serious, permanent and irreparable harm.”

In this case, yes, her right to privacy has been violated. This type of violation of the sacred right to privacy is present everywhere. In this technology-driven life, how do we deal with privacy going forward?

Already we have legislation such as the General Data Protection Regulation, which aims to protect the rights of EU citizens. Most nations are drafting laws that are very similar in scope to the GDPR.

But privacy covers a gamut of domains from law to computer science to cybersecurity. How do we ensure privacy when it is, at the most fundamental level, a matter of policy?

The answer is by adopting suitable techniques to develop tools that de-identify and anonymize data. The implementation of these techniques via the design of software systems is the task of privacy engineering.

Privacy engineering is an emerging field of study, and its exact meaning and scope are still evolving. Privacy engineering brings tools, techniques, metrics, and taxonomy to implement ‘Privacy by Design’. By building privacy protections at the core design, privacy engineering aims to reduce privacy risks and to protect privacy at scale.

The most widely accepted definition is from the US-based National Institute of Standards and Technology (NIST), which has defined privacy engineering as “a specialty discipline of systems engineering focused on achieving freedom from conditions that can create problems for individuals with unacceptable consequences that arise from the system as it processes PII.”

(NIST, US Chamber of Commerce: https://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8062.pdf)


Importance of Privacy Engineering

To bring Privacy by Design to the fore –

Privacy by Design, or PbD, is an approach whereby privacy is implemented into the design of new systems.

While big data often assume that it is normal to share data and facilitate prediction, it is actually quite the opposite in reality.

Embedded privacy, as proposed by Dr. Ann Cavoukian, the former Information and Privacy Commissioner of Ontario in 1995, advocates for privacy to be one of the foremost goals of the engineering process.

In the drive to hit the market before the competition, the basic right to privacy is often overlooked by designers.

Privacy engineering is meant to be a process that bonds innovation with PbD. By default, every IT system must provide the highest degree of privacy to personal data.

In simple words, a user should not have to tick boxes to gain privacy. S/he should only have to tick them to divulge what s/he wants to divulge, with maximum privacy being the default state.

To provide protection of personally identifiable information (PII) –

In a not-so-distant past, the only place where your personal information could be found was a telephone directory. You could request that your number be delisted.

What kind of information is readily available about anyone from a dozen organizations now?

PII includes (not an exhaustive list) –

  • Name
  • Gender
  • Address
  • Birthdate
  • Phone number
  • Vehicle description and number
  • Occupation
  • Place of business
  • Geographic location and movement
  • Email address

PII even includes biometric data such as fingerprint and iris scan.

It might surprise many that a quite ubiquitous activity such as likes on Facebook is a reasonably accurate predictor of age, gender, ethnic group, religion, marital status, sexual orientation, and political views.

Whose task is it to protect this sensitive PII? Over half of consumers believe that it is the task of the organization.

However, what constitutes privacy varies by a large degree from one country to another, and it is not clear if companies are legally responsible for the security of the data they collect.

In such a legal atmosphere, privacy engineering can ensure that the collection, storage, management, and usage of personal data is done as ethically as possible.

To ensure that privacy is a policy –

It is the task of privacy engineering to bake privacy into the systems which it creates. Privacy engineering takes the lofty goal of secure management of data and translates it into an actionable sequence of events and metrics.

Businesses want more data to drive better insights and extract value. Privacy engineers have the hard task of enforcing certain policies that will limit data collection, analysis, and sharing.

These decisions require complex analysis and metrics to debate the trade-off objectively. However, because privacy metrics and policies are not well-defined and are subject to ambiguity, privacy engineers have to be creative in driving adoption of the bigger theme.

To ensure the evolution of privacy –

About a decade ago, before Google Maps existed, phones didn’t need GPS and no one worried about whether applications were tracking their movement.

Geolocation-based services, such as rideshare services like Uber and Lyft, are now part of the new normal. Very soon, geolocation-based marketing will also craft targeted advertisements. In fact, a rudimentary form of this, known as iBeacon from Apple, is already in use in the US.

What happens if one store in a shopping mall identifies a past customer and sends an alert to every other store about her past shopping practices? Is the information that this buyer has purchased five different types of perfume in the past month considered personal data? What if they share this information along with a few other identifiers, such as age, gender or race? Collectively, this could be personally identifiable information.

Strange though it may sound, it is the task of privacy engineering to take such decisions and amend them in consultation with lawyers, marketing professionals, and product managers from time to time.

To ensure everybody understands the importance of privacy –

The issue of privacy is by no means always understood across an entire organization.

For example, an ordinary employee with quite limited access can quickly learn the name and address of a shopper. What s/he may not realize is that this is a secret that the customer has shared with the business. It is not meant to be divulged even by accident.

It is the task of those actively involved in privacy engineering to reach out through seminars and workshops and inform those who do not know about these issues.

Privacy engineering is thus also an agent for advocacy.

The three objectives of privacy engineering are predictability, manageability, and dissociability.

The discipline is still gaining traction, and the development of this field will have an immense impact on big data analysis.

There is a lack of cohesive structure for privacy engineering as of yet, but rapid strides are being made to bridge the divide between legal aspects and the design of systems.


Things You’ll Learn While Studying for a Degree in Privacy Engineering   

Privacy engineering is quickly becoming one of the most attractive fields for prospective software developers. You’ve probably had to worry about your privacy in recent times. As people gain awareness of privacy violations in the internet age, tech companies are also turning their focus on this subject. These companies are recruiting the best minds in the field to ensure they don’t overstep the fine line between gathering information to provide the best service, and violating the privacy of users.    

Privacy engineering is a relatively new discipline. Until now, privacy engineers were usually computer scientists or software engineers who focus primarily on privacy when creating products and services. However, most of the top universities in the world are now offering privacy engineering as a course. Here are a few things future privacy engineers have to learn to earn their degree in the discipline.   

Coding and Software Development   

The term privacy engineer has the word “engineer” in it. Therefore, it is only natural that budding professionals learn software development. Coding and software development may not feature in the curriculum of all schools that teach privacy engineering. Some institutions may expect people who are interested in this course to have already acquired this skill. Nonetheless, coding and software development is essential and is worth mentioning in this article.    

Privacy engineers need to learn coding and software development so they can play a leading role in developing the best products and services. Privacy engineering professionals must not just see things from the perspective of the end-user, but also have insider knowledge of how the product or service works. This method is the only way they’d be able to make insightful contributions to both the user interface and the functionality of the product or service.    

Privacy and Data Administration  

Another critical subject that privacy engineers learn is privacy and data administration. This course defines privacy according to all the laws and relevant regulations. Different states and countries may have varying definitions of privacy, so that this course may be generic. Students are also likely to examine landmark case studies to understand how the courts define privacy.    

Privacy and data administration is at the heart of privacy engineering. Professionals in this field must have an in-depth understanding of all the applicable laws to operate in the industry without any legal troubles. Therefore, students will learn about what the law says about data handling, usage, storage and sharing, intellectual property, tracking, targeted advertising, and much more.    

At the end of this course, students must be able to identify which activities amount to a violation of user privacy. With this knowledge, privacy engineers can provide vital advice to companies and be able to draft privacy policies for products and services.   

Design Privacy   

Design privacy primarily refers to the integrity of a product or service in terms of how it relates to user privacy. This course will mainly focus on usability rules and best practices. Students will learn about how users interact with products or services, and ways that their privacy and security may be compromised. As part of this course, students may likely study common interface issues and how they affect privacy.    

The goal of design privacy is to ensure that privacy engineers can develop the ability to look at any product or service from the user’s point of view. By doing this, they will be able to identify and work on the potential issues that may compromise the privacy of users or affect the usability of the product. For example, let’s assume there is an app for making payments online. One of the fatal usability flaws would be a hidden backdoor that allows third-parties to access user data. At the same time, privacy provisions for such an app must not affect its ease of use.    

User experience is a field of its own, but it is also a part of privacy engineering. Some argue that design privacy is not an integral part of privacy engineering. However, this couldn’t be further from the truth because these two fields overlap. The task of the privacy engineer is to identify and correct any kinks in a product or service that may affect user privacy and security – whether these issues have to do with the user interface, coding, or data administration.   

Measuring Privacy   

As privacy engineering students, they will learn how to measure privacy.  There are some critical issues with the idea of measuring privacy. As indicated above, different states and countries have varying regulations for privacy. But more importantly, who sets the industry yardstick for assessing product or service.    

In the Privacy Engineer’s Manifesto, Johnathan Fox et al. provide a tentative quality assurance checklist for privacy engineers. The standards for measuring privacy may vary from one professional to another. However, they will center on regulatory compliance, usability, and data integrity, to name a few. Privacy engineering is a relatively new field of study. Therefore, the standard for measuring privacy will doubtless continue to grow over the years. After all, the challenges to user privacy and security are continually changing as the industry evolves.    

Conclusion   

This list is by no means a complete list of the things that privacy engineers learn to get a degree. Instead, we sought to pick a few of the most critical aspects of this discipline. From the above points, it is clear that privacy engineering is a multi-disciplinary field. Often, privacy engineers are required to work with other professionals like lawyers, marketers, developers, and more.   

The privacy engineer must ensure that the quest to meet a company’s goals does not overshadow the importance of respecting and protecting users’ privacy. The privacy engineer must work systematically to align both objectives.   

As privacy engineering continues to grow as a discipline, the scope of what prospective students learn is also bound to expand.   


Top Privacy Engineering Jobs


Privacy Engineering Framework

WHY IS PRIVACY ENGINEERING IMPORTANT? 

The need for protection of data is becoming increasingly crucial after several data leaks. The potential impact of a data breach on a company could be catastrophic. A data breach can mean financial loss, identity fraud, and even physical harm for the data subject. The implications can be that companies are forced to pay fines under GDPR and CCPA, make pay-outs for lawsuits or settlements, or even pay ransoms for hijacked data. 

PRIVACY FRAMEWORK: 

A Privacy Framework is introduced to be widely usable by organizations of all sizes, which help in managing compliance obligations and risks. It is essential to agree to a framework to document requirements and review their relative importance. The Privacy Framework can be applied throughout the system development life cycle (SDLC) phases. 

Importance of Privacy Framework 

The below points highlight the importance of privacy framework: 

  • Understanding the Risk

Understanding the risk will help in providing clear guidance on the risks and potential impact of breaches. Technological and physical security assessments play an important role in risk assessment and should cover both external and internal users. 

  • Generic Framework: 

The Privacy Framework should be usable by any organization or entity regardless of its role in the data. 

  • Efficient Monitoring of the Progress

The framework provides an efficient monitoring system with methods for monitoring measuring, analyzing the results. This helps us to audit at regular intervals to ensure effective implementation of the framework. 

COMPONENTS OF PRIVACY FRAMEWORK: 

Privacy Framework is composed of three parts: The Core, Profiles, and Implementation Tiers. 

CORE 

The Core is a set of privacy protection activities which is to be implemented across various organization. There are five functions:  

  • Identify: Develop an organizational understanding to manage privacy risk which involves risk assessment. 
  • Govern: Implement an organizational governance structure which involves identifying legal/regulatory requirements, and understanding organizational risk tolerance. 
  • Control: Implement appropriate activities to enable organizations manage data and privacy risks. 
  • Communicate: Implement appropriate activities to communicate within organization, to have a reliable understanding about how data are processed. 
  • Protect: Implementing appropriate data processing safeguards. 

The above functions aid an organization in managing privacy risk by understanding and managing data processing, enabling risk management decisions, and improving by learning from previous activities. They are also used to manage privacy risks arising from data processing and to manage privacy risks associated with privacy breaches. 

PROFILE 

A Profile represents the organization’s current privacy activities which help to manage privacy risks. Profiles can be used to identify opportunities for improving privacy within an organization by self-assessment and communication. When developing a Profile, an organization may select the Privacy Framework’s Functions, Categories, and Subcategories according to its specific needs. Profiles can be used to describe the current state or the desired target state of specific privacy activities. Profiles forms the basis of an organization’s plan for reducing privacy risk in a cost-effective, prioritized manner. Profiles also can aid in communicating risk within and between organizations by helping organizations understand and compare the current or desired state of privacy outcomes. 

IMPLEMENTATION TIERS 

Implementation provides a point of reference on how an organization views privacy risk, whether it has sufficient processes and resources in place to manage the risk. With addition of GDPR and CCPA it is essential to be compulsorily complaint to protect consumers. An organization can use the Implementation Tiers to communicate with stakeholders on whether it has sufficient resource and processes in place to achieve its Target Profile.