How to embed privacy into your software design proces

1. Privacy by Design
of
Privacy by Re-engineering?
Are your applications GDPR compliant?
Andre Cardinaal
Business Consultant @GDPR Coach
andre.cardinaal@gdprcoach.nl

2. Agenda
• Context - Why Privacy by Design(PbD) is imminent
• Principles involved
• Approaches to implement
• Fit it into System Design
• Methods of Madness
• GDPR & Privacy by Design
• Concept test - Scorecard

3. Why Privacy by Design
• Prevention is better than cure!
• Robust processes are key to sound business
• Avoid legislative and statutory scrutiny
• Avoid financial losses and penalties due to breaches
• Increase brand equity by enhanced customer trust

4. Principles of Privacy by Design
• Proactive not reactive — preventative not remedial
• Lead with privacy as the default setting
• Embed privacy into design
• Retain full functionality (positive-sum, not zero-sum)
• Ensure end-to-end security
• Maintain visibility and transparency—keep it open
• Respect user privacy—keep it user-centric

5. Approaches to implement PbD
• Add Privacy requirements to system requirements
for planning, costing, sprinting and quality outcomes
• Data flow mappings as input to Architecture
• PbD scorecard to be part of Definition of Done(DoD)
• Compliance to privacy requirements, like security requirements,
to be mandatory for production release

6. Foundational phases for PbD
ANALYSYS DESIGN DEVELOP
Technique
• De-identification
• Obfuscation
• Anonymization
• Encryption /
Decryption
Concept
• Data Mapping
• PIA
Approach
• Minimal Data
• Limit to purpose
• Limit retention
• By / From
retention

7. PbD from scratch
Data Mapping
• Understand Information Flow
• Comprehend Information Flow
• Segregate Data items
• Data items
• Formats
• Transfer Methods
• Location: From / To
• Accountability
• Access
PIA
• Gather Info & Generate Flow
• Size and Scope
• Consult with Stakeholders
• Check flow against principles
• Risk Management
• Identify Risks
• Identify Mitigation approach

8. System Design
Requirements
Analysis
Design
Development
Deployment
Maintenance/
Operation

9. System Design
Requirements
Analysis
Design
Development
Deployment
Maintenance/
Operation
User interviews, PIA, Cross-border,
Business/User/Law/Compliance needs
Privacy Laws, Customer rights, Business
needs, Crossborder/Cloud aspects
Workflow, Data flow maps, Approvals,
Data Security, Obfuscation,
Anonymization, Encryption/Decryption,
User/Role/Screen/Field/Operation level
access
Scorecard, Checklists, DoD,
UAT, Privacy reviews
Cross Border, Local privacy
laws, Cloud,
Scorecards, Maturity models,
Privacy certifications,
Assessments,Internal Reviews

10. Developer’s role - Privacy by Design
• Comprehend and define legal perimeter of operations
• Collaborate with communication & consent
• Use proper common sense and ethics for system design
• Data lifecycle - security, quality and archival
• Ensure Positive-Sum not Zero-Sum
• Framework in place: Policies, Standards, Guidelines
• Practice privacy: Product Owners, Architects, Developers
• Privacy by Design - NFR, SDLC, Checklists, Dataflow maps
• Continuous evaluation and Compliance

11. Methods of Madness
• Cookies notification alone isnt enough!
• Being safe & secure isnt being privacy enabled!
• Handling privacy isnt a task, it’s a process to fulfilled at several stages
in increments, in iteration.
• Law is law, don’t draw your conclusions, consult experts
• Migrate to Privacy by design by default

12. GDPR & Privacy by Design
• Philosophy
• Privacy by Design, by default
• Demonstrate privacy efforts during design, development
• Para [1] 7 [2] of Art 25 clearly advocates Privacy by design and Privacy
by default in spirit and letter.
• Para [3] of Art 25 makes demonstration of efforts for compliance to
para [1]&[2] as mandatory.

13. Final Checklist
• Dataflow maps
• Privacy Impact Assessment reports
• Customer rights Vs Business Needs
• Privacy Laws, applicable provisions, guidelines
• Non functional requirements
• Scorecards
• Maturity Model, spider charts

14. Questions?