Privacy by Design Strategies and Implementation
What is privacy?
- Intimacy?
- The right to be left alone?
- Control?
- Autonomy?
- Secrecy?
- Control?
What derives from this is the fact that there is no one single
measure that can accomplish privacy. Instead, a combination of
security measures is used in order to achieve privacy. These
measures can include:
- Minimise = Restrict amount of data (Big data rely on rich
data for insights)
- Hide = Hide from plain view (Leads to de-anonymisation)
- Separate = Data process distributed (Merging data from
different sources is a part of big data analysis)
- Aggregate = Least details possible
- Inform = Transparency
- Control = Data subjects should have control (Loop of
repurposing data)
- Enforce = Privacy policy compatible with GDPR
- Demonstrate = Demonstrate compliance
There are many strategies available to ensure privacy, but they
can become complicated in the context of big data.
Big Data analytics phases
a. Data acquisition/collection
Minimising the amount of data that is collected can ensure
privacy here. Which data is really needed? Privacy Impact
Assessments (PIAs) are used to identify data processing
needs, identify risks arising from needs and managing
identified risks.
b. Data analysis/curation
The method of aggregate can be used for local
anonymisation here to either remove data or make data
more generic. Hiding can also be used to prevent
collection of observed data, such as website visited, online
What is privacy?
- Intimacy?
- The right to be left alone?
- Control?
- Autonomy?
- Secrecy?
- Control?
What derives from this is the fact that there is no one single
measure that can accomplish privacy. Instead, a combination of
security measures is used in order to achieve privacy. These
measures can include:
- Minimise = Restrict amount of data (Big data rely on rich
data for insights)
- Hide = Hide from plain view (Leads to de-anonymisation)
- Separate = Data process distributed (Merging data from
different sources is a part of big data analysis)
- Aggregate = Least details possible
- Inform = Transparency
- Control = Data subjects should have control (Loop of
repurposing data)
- Enforce = Privacy policy compatible with GDPR
- Demonstrate = Demonstrate compliance
There are many strategies available to ensure privacy, but they
can become complicated in the context of big data.
Big Data analytics phases
a. Data acquisition/collection
Minimising the amount of data that is collected can ensure
privacy here. Which data is really needed? Privacy Impact
Assessments (PIAs) are used to identify data processing
needs, identify risks arising from needs and managing
identified risks.
b. Data analysis/curation
The method of aggregate can be used for local
anonymisation here to either remove data or make data
more generic. Hiding can also be used to prevent
collection of observed data, such as website visited, online
