Privacy By Design Should Be the New Normal
What is personal data really used for?
LinkedIn, Facebook, Instagram, or Twitter –– One scroll is met with countless advertisements for data-based products and services. In fact, digital marketing experts estimate that the average person is exposed to 4,000 to 10,000 ads per day, carefully curated according to their online activity, geographic location, and demographic information. This isn’t necessarily a bad thing, as innovative and personalized solutions can save users time and money, improve health and wellbeing, and generally ease burdens of life at the click of a button. Personal data is used in industries other than advertising as well –– healthcare, finance, insurance, and transportation companies all use vital consumer data to improve patient outcomes, revolutionize product offerings, and optimize cumbersome operations. But with growing concerns about how personal data is collected, stored, and used, how can enterprises utilize and collaborate with insight-rich information without compromising the privacy of individual consumers? The answer: Privacy by Design.
“81% of the public say that the potential risks they face because of data collection by companies outweigh the benefits.”
In this article, we’ll explore the Privacy by Design framework as a foundation for protecting individual privacy while unlocking the true intellectual value of sensitive data. No, this isn’t an oxymoron –– by implementing this framework and using privacy-enhancing technologies in your organization’s product or service development, you’ll be able to preserve privacy, reduce risk and liability, and increase consumer trust in a data-driven world. How is that for a new normal?
What is “Privacy by Design?”
Privacy by design is “data protection through technology design.” In the context of systems engineering, Privacy by Design requires that privacy is accounted for throughout the entire engineering process –– allowing for individuals and organizations to selectively share or refrain from sharing information about themselves or others. Originally developed as a framework in 1995 by Ann Cavoukian, the Dutch Data Protection Authority, the Netherlands Organization for Applied Scientific Research, and a team of the Information Privacy Commissioner of Ontario. It was then adopted by The International Assembly of Privacy Commissioners and Data Protection Authorities in 2010.
Initially critiqued as vague and inapplicable for real-world solutions, Privacy by Design has proven valuable in both legal systems and practical computer science applications. The European Union’s General Data Protection Regulation (GDPR) of 2018 incorporates the Privacy by Design framework, including principles such as “data protection by design” and “data protection by default.” The United States, Australia, Singapore, and additional countries have also adopted various elements of Privacy by Design in legislation protecting consumer and citizen data privacy.
In the private sector, Privacy by Design strongly influences the development of new and innovative privacy-enhancing technologies (PETs). Privacy-enhancing technologies are known by the umbrella term “privacy-enhancing computation,” and include methods such as differential privacy, federated learning, homomorphic encryption, and more. These technologies allow internet users, product consumers, healthcare patients, and others to protect the privacy of their personally identifiable information (PII) when handled by outside organizations, services, and applications.
“Privacy by Design” Principles
Privacy by Design encourages the proactive embedding of privacy into IT systems, network infrastructure, and business operations. The seven foundational principles of Privacy by Design include:
1. Proactive not Reactive; Preventative not Remedial
This principle anticipates and prevents privacy breaches before they happen, rather than after. By identifying and correcting for privacy gaps in a product, system, or service, organizations can prevent reactive and remedial actions in the event of a privacy breach.
2. Privacy as the Default Setting
With this principle in mind, individuals should retain privacy without needing to request the right from an IT system or business. No action should be required on the part of the individual, and instead, it should be built into a system by default.
3. Privacy Embedded into Design
This principle requires that privacy is an essential component of any system or service’s core functionality. Instead of tacking on privacy as an afterthought, systems engineers and developers should treat privacy as integral to a product or system.
4. Full Functionality –– Positive-Sum, not Zero-Sum
The Full Functionality principle suggests that false dichotomies between security and privacy should not exist –– and that in fact, it is possible to have both. Products, services, and systems designed under this principle should be private, secure, and functional.
5. End-to-End Security –– Full Lifecycle Protection
Under this principle, strong security measures should be treated as essential to privacy from start to finish. When privacy is implemented into the system prior to any collection of information, all data is securely retained, and all data is securely destroyed at the end of a process, then providers and users benefit from end-to-end lifecycle management.
6. Visibility and Transparency –– Keep it Open
This principle encourages users, providers, and system/product designers to “trust, but verify.” To create trust, providers and businesses should openly state promises and objectives with data, subject to independent verification. Users should be able to easily access and verify this information.
7. Respect for User Privacy –– Keep it User-Centric
A user-centric approach requires the consideration of the individual’s interest when using a product or service that incorporates or handles data. This includes measures such as privacy defaults, appropriate and comprehensive notice, and user-friendly design.
What are the benefits of “Privacy by Design?”
When Privacy by Design is incorporated into systems by default, entire corporations and their consumers can see substantial benefits. Additionally, IT, risk management, and cybersecurity organizations can secure:
- Regulatory and legal compliance with laws such as GDPR, CCPA, and HIPAA
- Reputational and financial security
- Proactive posture to legislative and cybersecurity changes
- Cost-effective risk management
By implementing technical safeguards at each step of a system or product design process, organizations can benefit from technological advancements and insights-driven data without compromising individual privacy rights or security. Legal compliance through a combination of the Privacy by Design framework and innovative privacy-enhancing technologies can reduce risk, liabilities, and cost burdens in the event of a breach. Organizations will also be well-postured in the event of legislative changes, reducing resource-intensive product or system restructuring the moment a new privacy bill passes. It’s a win-win on all fronts, so long as privacy is treated as a proactive measure in each design process.
What challenges do organizations face in implementing “Privacy by Design?”
Personal data is at the heart of many critical industries’ business operations, including healthcare and finance. High privacy standards, though an ethical and legal requirement, can restrict the collection and use of data for future purposes, such as research, marketing, or business strategy. Other key challenges can include:
- Inconsistent definitions of privacy — While some pieces of legislation, such as the GDPR and HIPAA, define key terms such as “Personally Identifiable Information” (PII) or “Protected Health Information” (PHI), these laws are often sector or nation-specific. Organizations that operate globally must adhere to numerous privacy laws with varying definitions of privacy and protected information –– increasing resource and cost burdens for compliance. Proactive institutions will need to ensure compliance with these regulations, and/or create their own comprehensive definitions of privacy and protected information.
- Buy-in at all organizational levels –– For correct implementation of the Privacy by Design framework, management and individual contributors must be aligned, forward-thinking, and adaptable to privacy stewardship and product development. Privacy by Design inherently requires centering privacy at each stage of the development process, from ideation to implementation.
- Solidifying the framework –– By nature, Privacy by Design suggests a set of principles for centering privacy –– rather than a step-by-step, easy-to-implement process. Organizations will need well-defined strategies for implementation, product testing, and more to ensure each principle is successfully upheld.
How can my organization implement “Privacy by Design?”
Privacy by Design can easily guide data protection engineering processes, ensuring full lifecycle protection for sensitive data. Simple steps can include:
1. Devising and Sharing Transparent Privacy Policies
If your organization collects, uses, or shares personal information, it’s important to explicitly share the nature and purpose of collecting user data. This can include volunteered personal data, such as the information a user inputs on a form, or automated personal data, such as data collected through cookies, tracking scripts, and more. Methods for transparency include sharing privacy policies through pop-up notifications, banner displays, and user agreements. Users should always have the option to opt out of sharing personal information.
2. Incorporating Privacy as a Default Setting
If your website, application, or other service requires explicit consent in the form of a checkbox –– avoid using a pre-ticked option. By granting the user full choice and autonomy to “check” for explicit consent, you allow the individual to actively participate in the collection, storage, or use of their data. If your organization requires consent to progress with data processing, you can always display a prompt or banner to let users know.
3. Reduce Data Collection
Supporting the principle of Full Lifecycle Protection requires collecting and processing the minimum amount of user data to achieve a specified purpose. In doing so, your organization can minimize liability and potential harm in the event of a data breach. This takes place by limiting the volume of data collected, selecting or excluding sections of user data collected, and only collecting critical data from users.
4. Restrict Data Observability
By limiting data access or sharing to a need-to-know-basis, your organization can more effectively protect user confidentiality. These access controls can include one-way encrypting datasets, terminating electronic sessions with data after a predetermined time of inactivity, and utilizing robust digital management systems for collection, storage, and use approval.
5. Implement a Combination of Privacy-Enhancing Technologies
If collaborating with sensitive data is a core element of your organization’s business development, strategy, or operations, consider implementing privacy-enhancing technologies into your product or service’s design process. Combinations of techniques like secure multi-party computation, tokenization and masking, and more can allow your data-intensive organization to thrive without compromising security or privacy. Note that while each individual privacy-enhancing technique can come with downsides, new innovations have radically improved the practical use of privacy-preserving technologies by adding true scalability and faster processing.
What is the TripleBlind Solution?
The TripleBlind Solution is one such innovation. Built on well-understood principles of data protection, our software-only solution supports all data and algorithm types –– so your organization can unlock the intellectual property value of data, while preserving privacy and enforcing compliance with HIPAA and GDPR.
Here’s how the TripleBlind Solution is built with Privacy-by-Design in mind:
- Proactive not Reactive; Preventative not Remedial: TripleBlind never stores or handles any personal data. Our technology permanently and irreversibly de-identifies data through a combination of one-way encryption and distributed computing, which allows the algorithm to generate the same outputs without requiring an Algorithm Provider to process or use any personal data.
- Privacy as the Default Setting: TripleBlind was built with privacy and security in mind, allowing your data to remain behind your firewall while it is made discoverable and computable by third parties for analysis and ML training. The TripleBlind Solution has also obtained SOC 2 Type 1 certification for our commitment to establish and follow security policies and procedures. Learn more here.
- Privacy Embedded into Design: Since TripleBlind never stores, handles, or processes personal data, our technology helps minimize privacy risks and infringement on data subjects’ rights when working between vendors.
- Full Functionality –– Positive-Sum, not Zero-Sum: We believe that data privacy, security, and collaboration can exist simultaneously. Since data never changes hands and remains behind each party’s firewall when using our API, the TripleBlind Solution reduces the risk of compliance failures with respect to data transfers –– allowing your organization to harness the full potential of information, without compromising on privacy or security.
- End-to-End Security –– Full Lifecycle Protection: Our AI Tools remove common barriers to using high-quality data for artificial intelligence and deep learning, allowing AI professionals to solve their most pressing data access, prep, and bias challenges. These tools make it possible to train new models on remote data and run inference on existing models, while protecting the privacy and fidelity of data and intellectual property.
- Visibility and Transparency –– Keep it Open: We believe in, “trust, but verify.” TripleBlind provides robust digital rights management (DRM). Each data operation must be explicitly approved by the appropriate administrator. Once approved, the dataset is one-way encrypted for one-time use. Once the operation is complete and the result is returned to the appropriate party, the one-way encrypted data is rendered useless. Permissions can be set as broadly or specifically as needed, to govern both internal and external use of an organization’s information assets.
- Respect for User Privacy –– Keep it User-Centric: We’re built with privacy in mind, and we’re also built with users in mind. Our software-only solution is easy to use, delivered by a simple API, and comes with comprehensive support from the TripleBlind team. All operations within the TripleBlind Solution are private by default, allowing your organization to decide how to collaborate with sensitive data.
If you’re an organization looking to harness the intellectual property value of data, you can start by implementing privacy-enhancing technologies such as the TripleBlind Solution. Privacy by design, reduced risk, and increased consumer confidence can become your new normal.
Ready to see the most practical application of Privacy by Design? Schedule a demo with us or check out the following use cases of the TripleBlind Solution:
Early Indication Clinical Trial Reporting
Alternative Data in Financial Services
Insurance Claims Management Services