Privacy by Design Flashcards
1
Q
Criticism of PbD
A
- Zero-sum approach. Balancing act of competing business and privacy requirements.
- Overreliance on notice and consent which depends on consumer understanding of company notices and policies and leads to lack of informed choice.
- Does not account for privacy as a competitive differentiator.
2
Q
Alleged Benefits of PbD
A
- Improved customer confidence, trust, and loyalty.
- Process efficiencies and risk reduction from handling only the PI that is necessary to the business process.
- Cost savings as a result of privacy up front rather than bolting it on after the fact.
3
Q
Principles of PbD
A
- Proactive not Reactive, Preventive not Remedial
- Privacy as the default setting
- Privacy embedded into Design
- Full functionality- Positive-Sum, not Zero-Sum
- End-to-End Security- Full lifecycle protections
- Visibility and Transparency- Keep it open
- Respect for User Privacy- Keep it user-centric
4
Q
Privacy Program
A
- Data Inventory
- Data Classification
- Periodic data reassessments
5
Q
Effective Classification System
A
- Scope appropriate systems and access controls
- Prepare for audits
- Respond to discovery requests without providing more information than necessary