Privacy by Design as a system design strategy - EIC 2019
•Download as PPTX, PDF•
1 like•193 views
1) Privacy by Design (PbD) is an approach to system design that emphasizes privacy and data protection through the entire lifecycle. The 7 PbD principles include making privacy the default, embedding privacy into design, and keeping systems user-centric and transparent. 2) To apply PbD, personal data should be separated from other business data and stored securely in a separate system. Standard protocols like SAML and OAuth2 should be used to share personal data securely. 3) When designing a personal data repository, transparency, data minimization, and giving users control over their data through a self-care portal are important considerations.
Report
Share
Privacy by Design as a system design strategy - EIC 2019
- 1. Privacy By Design as a System Design Strategy Sagara Gunathunga Director, WSO2 sagara@wso2.com
- 2. About Me ● Director of Identity & Access Management at WSO2 ● Mainly focuses on WSO2 Identity and Access Management (IAM) offerings ● Core member of WSO2's effort in making its products and business processes GDPR compliant ● PMC member and committer for a number of Apache projects including Apache Axis2 and Apache Web Services
- 4. Global Privacy Outlook D Data Protection Act PIPEDA Privacy Act of 1988 HIPAA, COPPA, CCPA, etc.. Information Technology Act Personal Information Protection Act Personal Data Protection Bill POPI
- 5. Privacy is a Fundamental Human Right: GDPR
- 6. Take Back Control Of Your Personal Information: Ccpa
- 7. 7 GDPR CCPA DPA One Way To Look At This Challenge
- 8. An Alternative Way to Look at the Problem
- 9. Privacy by Design (PbD) Principles 1 2 3 4 5 6 7 Proactive not reactive - preventative not remedical Lead with privacy as the default setting Embed privacy into design Retain full functionality(positive-sum, not zero-sum) Ensure end-to-end security Maintain visibility and transparency-keep it open Respect user privacy-keep it user-centric
- 10. Well… How can we Put These Principles into ACTION
- 11. Separate Personal Data (PII) from Other Business Data
- 13. A Typical System of a Business Organization Personal information is scattered all over the system
- 14. A Typical System of a Business Organization Personal information (user data) is scattered all over the system
- 15. ● Number of systems to protect ● Number of systems to modify and replace to support privacy standards ● Personal data removal needs changes in multiple places ● Increased chance of personal data breaches A Typical System Of A Business Organization
- 16. Solution Move all the personal information (user data) into a separate system so that other applications can look-up user data on demand
- 17. ● Reduce development and maintenance cost ● Reduce development and maintenance time ● Reduce system complexity ● Reduce the chance of personal data breaches ● Can adopt to future expansions easily Solution
- 18. Wait... My Organization Uses A Number Of Cloud Applications ?
- 19. Solution Most cloud applications today facilitate connecting to your corporate user management system as a trusted identity provider (trusted IdP)
- 20. Apply Anonymization and Pseudonymization into your Design
- 21. Anonymization Vs Pseudonymization Anonymization X Medical Report Medical Report John Doe SID536262 Pseudonymization Medical Report Medical Report John Doe SID536262 Name SID John Doe SID536262
- 22. Apply Anonymization and Pseudonymization into your Design System-Id Identity and Access Management System
- 23. Use Standard Protocols and Security Tokens for PII Sharing
- 24. Standard Protocols and Security Tokens ● Use standard transport security protocols and latested tools ○ TLS/SSL ○ Strong algorithm and key for hashing/encryption ● Use standard protocols ○ SAML ○ OAuth2/OIDC ○ WS-Federation ● Use standard security tokens over custom tokens ○ SAML tokens ○ JWT, OIDC IDToken
- 25. Standard Protocols and Security Tokens
- 26. Pick the Correct Token Type ● OAuth2 Bearer By Reference ● SAML 2.0 ● JWT ● OIDC IDToken By Value
- 27. Consideration for PII Repository Design
- 28. Provide Transparency Be transparent on ‘why’ you need specific PII data, how do you going to store and process, how long you retain those data. Source : https://startwithwhy.com/
- 29. Provide Transparency Source : https://startwithwhy.com/ Example, in a mobile application, ● Clearly show ‘location service’ icon when the app utilize customer location. ● Clearly show ‘bluetooth’ icon when the app communicate with another device via bluetooth.
- 30. Minimize PII data collection and storing ● Make sure to capture absolutely necessary set of PII only for current purposes. ● Consider data retention policy and implement data removal logic as a core requirement. ● Preference on storing results instead of raw PII data. ● Try to depend on system generated ids for identification. ● Use hashing and encryption whenever possible on PII data.
- 31. Minimize PII Data Collection and Storing Example : In a restaurant recommendation application, capture nearest city for processing instead of exact coordination of the user. Example : In a mobile application, use system generated id to track usages data of the application instead of mobile number or IMEI id.
- 32. Focus on Consent Management
- 33. Focus on Consent Management
- 34. Make Customer in Control on Own Data
- 35. Make Customer in Control on Their Data
- 36. Solution Provide a self-care user portal for users so that they can exercise their individual rights
- 37. Solution ● Individuals can access, modify, and remove their personal information ● Data processing activities can be informed and made transparent ● Individuals can download a copy of their personal data ● Can have a medium to submit ‘forget-me’ requests
- 38. References ● https://wso2.com/solutions/regulatory-compliance/gdpr/ ● https://docs.wso2.com/display/IS550/General+Data+Protection+Regulation ● https://ec.europa.eu/justice/smedataprotect/index_en.htm ● https://www.smashingmagazine.com/2017/07/privacy-by-design-framework/