Free tools and resources for Data Protection Officers!

Tag Archives for " privacy by design "

US to Help Define New International Standard for Consumer Privacy by Design

Defining international standards for privacy is critical for the future of global commerce. To support this cause, many of America’s leading companies and government agencies are collaborating to help define the new international standard for “Consumer Protection: Privacy by Design”.

The standard will be part of ISO Project Committee 317. As one of 12 countries with Participant status in ISO/PC 317, the United States will be represented by its Technical Advisory Group (TAG), administered by the American National Standards Institute (ANSI) in partnership with the OASIS standards and open source consortium. Members of the U.S. TAG represent America’s leading companies and government agencies committed to privacy rights for consumers.

Source: U.S. to Help Define New International Standard for Consumer Privacy by Design | OASIS

ICO to help business with innovation and Privacy by Design

The UK’s data protection authority – Information Commissioner’s Office – will set up a Regulators’ Business and Privacy Innovation Hub to support businesses, with other regulators, to comply and understand privacy and data protection – for example by helping them to build privacy in right from the start in innovative products and services.

The Hub will work alongside the ICO’s Regulatory Sandbox – an initiative to create a safe space where organisations are supported to develop innovative products and services using personal data in innovative ways.

Source: ICO to help business with innovation and Privacy by Design – Privacy Laws & Business

It’s a Post-GDPR World: (Device) IDs Will Be Checked at the Digital Door

Smart TVs and streaming digital media players such as Roku and Chromecast have their own unique device IDs that fulfill several functions for OTT services in addition to identifying a specific device. Collecting and using this information incurs several obligations on the part of OTT providers, ideally beginning with conducting a “data protection by design” review of their applications and services. This is a systematic technology and process review to ensure good privacy protections are built in, identify and mitigate potential privacy risks and document all the steps in accordance with the GDPR’s accountability requirement.

Full article: It’s a Post-GDPR World: (Device) IDs Will Be Checked at the Digital Door – Multichannel

Am I logged in or not? GDPR case study on the example of Chrome browser change

Starting with Chrome 69, when you log into a Google service (GMail, or so), Google Chrome is effectively logging you into the browser. This change apparently “solves” the hypothetical issue of user confusion: “am I logged into the system or into the browser?” And at the same time is creating others.

Full article: Am I logged in or not? GDPR case study on the example of Chrome browser change

It Shouldn’t Take GDPR to Prioritize Privacy by Design

With GDPR now live, Privacy by Design (PbD) has taken center stage, as the landmark 99-article legislation requires companies serving EU residents to adhere to its principles. PbD’s journey from being a niche obsession of techies to a foundational element of arguably the most-discussed privacy regulation in history contains valuable lessons about why brands need to incorporate privacy into every digital product or service of theirs that touches the consumer, not just for GDPR-compliance purposes but to provide a great customer experience and mitigate against breaches and cyber attacks as best as a company can in today’s times.

Full article: It Shouldn’t Take GDPR to Prioritize Privacy by Design

Privacy: A Quick Overview for App Designers

Privacy by design and by default is something that all developers will have learn. Here are some basic points app designers should know and take into consideration:

  • Privacy isn’t scary: it’s an opportunity to earn people’s trust.
  • This is about how we handle personal data.
  • Some data are sensitive, and we need explicit consent before collecting them.
  • System permissions for apps are not the same as explicit consent.
  • Everyone is entitled to certain privacy rights: to be informed (Notice), to see the data we collect (Access), to take their data elsewhere (Portability), and to have their data corrected or deleted (Right to Be Forgotten).
  • Here are some design patterns we can use to respect people’s privacy in our mobile apps.

Source: Privacy: A Quick Overview for App Designers – Prototypr

Sidewalk Toronto commits to Privacy by Design principles amid citizen concerns

Members of the Sidewalk Toronto team echoed the principles of Privacy by Design, the framework of Ryerson University’s expert in residence Ann Cavoukian.

The former Information and Privacy Commissioner of Ontario is an adviser to the project’s privacy policy development as it works through a lengthy public consultation phase for a project that is in many ways the first smart city development of its kind.

Source: Sidewalk Toronto commits to Privacy by Design principles amid citizen concerns | IT World Canada News

Privacy by Design: Building a Privacy Policy People Actually Want to Read

Article 12 of GDPR mandates that privacy notices be “concise, transparent, intelligible and easily accessible”.

Legal design is not just a nice to have in the context of privacy; it’s actually a regulatory imperative. With this mandate, the team at Juro set out with a simple aim: design a privacy policy that people would actually want to read.

Source: Privacy by Design: Building a Privacy Policy People Actually Want to Read

>