Strategic Privacy by Design Flashcards
List the 7 foundational principles of privacy by design
Principle 1: Proactive, Not Reactive; Preventative, Not Remedial
Principle 2: Privacy as the Default Setting
Principle 3: Privacy Embedded into Design
Principle 4: Full Functionality — Positive Sum, Not Zero Sum
Principle 5: End-to-End Security — Full Life Cycle Protection
Principle 6: Visibility and Transparency — Keep It Open
Principle 7: Respect for User Privacy; Keep It User Centric
Describe principle 1: Proactive, Not Reactive; Preventative, Not Remedial
Privacy must be a forethought in any product, service, system or process - Privacy considerations should help drive the design, not the reverse (the design driving privacy violations)
Describe principle 2: Privacy as the Default Setting
Individuals should not have to resort to self-help to protect their privacy; the default should be privacy preserving
Describe principle 3: Privacy Embedded into Design
Privacy should be so ingrained into the design that the system or process wouldn’t function without the privacy-preserving functionality
Describe principle 4: Full Functionality — Positive Sum, Not Zero Sum
Privacy and other design requirements should not be treated as a trade-off - Designers must develop creative win-win solutions
Describe principle 5: End-to-End Security — Full Life Cycle Protection
From cradle to grave, security of personal information must be considered at every stage of the information life cycle: collecting, processing, storage, distribution and destruction
Describe principle 6: Visibility and Transparency — Keep It Open
The use of personal information should not be obscured or obfuscated, and disclosure about that use must consider the needs and sophistication of the respective audiences
Describe principle 7: Respect for User Privacy; Keep It User Centric
The individual is the principal beneficiary of privacy and the one affected when that privacy is violated; therefore, their needs and risks should be forefront in the minds of designers
