Privacy by Design
Regulators, academics and industry have called for privacy-by-design as a way to address growing privacy concerns with rapidly developing technology. The public and private sector are responding — hiring privacy engineers to join the ranks of privacy-oriented professionals, often working under the guidance of a chief privacy officer. Yet, implementing concepts of privacy through design is an open challenge and research area.
There is a limited, disparate, and fragmented body of research affirmatively positioned as privacy-by-design.
There is a need for a broader research vision that frames and explores the problem at the conceptual, engineering, design, operational, and organizational levels. A broader vision will allow researchers from various disciplines to interact and collaborate to develop solutions that address practical privacy needs.
Four workshops were aimed at identifying a shared research vision to support the practice of privacy-by-design. They convened both practitioners with direct experience of the challenges in implementing privacy-by-design from a range of fields—software developers, privacy engineers, usability and interaction designers, chief privacy officers—and researchers from an equally broad range of disciplines.
The goals for the four workshops included:
- To take stock of the methods, tools, and approaches currently used to design for privacy.
- Broaden the lens through which privacy-by-design is viewed by the research community—positioning technical design along side theoretical/conceptual, organizational, and regulatory design questions.
- Begin the process of building an interdisciplinary community of researchers to develop broader theoretical foundations, systematic approaches, as well as organizational and regulatory models for supporting the practice of privacy-by-design.
State of Research and Practice