Addressing the challenge of privacy engineering

Capgemini presents the framework for engineering privacy by design

Publish date:

The paradigm of privacy by design (PbD) has gained importance, both in academia and industry, since its inclusion in regulations, most notably in the EU General Data Protection Regulation (GDPR).

The main idea behind PbD is to embed privacy into the design of (the architecture of) an IT system rather than integrating it as a separate component after the system has been implemented. The first efforts to define PbD are credited to Cavoukian, who set out the core principles of this concept.

Figure 1: Privacy by design principles by Cavoukian

The importance of privacy by design has been generally acknowledged, with experts predicting that

… privacy will be an integral part of the next wave in the technology revolution and that innovators who are emphasizing privacy as an integral part of the product lifecycle are on the right track.”

However, translating these principles into engineering is still challenging; something that has been acknowledged, among others, by the European Union Agency for Network and Information Security (ENISA). Despite the fact that we are approaching the second year after entrance into force of the GDPR, there is still no standard or agreed best practice on how to integrate privacy into software development lifecycle.

In order to address this problem, Capgemini’s security expert, Dr. Fatbardh Veseli, together with researchers from Germany’s Goethe University and Sweden’s Karlstadt University, has developed a systematic approach to engineering privacy by design. The approach extends an existing privacy threat modeling framework – LINDDUN – and was demonstrated within the European innovation Project Credential to design and implement an architecture for a cloud-based, identity wallet platform.

Figure 2: Enhanced approach to applying privacy by design

The enhanced framework builds on data flow diagrams (DFDs) to model privacy threats at the design of a system. The framework itself is an instantiation of a model for privacy impact assessments (PIA), which is also required by the GDPR. Importantly, this approach addresses the need to consider environmental constraints, the project itself, and for an established process for continuously documenting such constraints and their impact on privacy into account. Furthermore, it defines mechanisms beyond privacy enhancing technologies (PETs) to mitigate identified threats, including the definition of organizational measures and promoting the integration privacy-friendly development principles in the software development lifecycle.

This framework has received positive feedback from different audiences within the EU, especially because it can directly be integrated into software engineering processes, addressing the acknowledged gap between regulation and engineering. Capgemini is happy to share this framework with its clients and guide them in integrating privacy into the software engineering practice, supporting compliance with (the principle of privacy by design of) the EU-GDPR. The enhanced framework is publicly available from Springer.

For more information, visit www.capgemini.com/cybersecurity

Related Posts

Cybersecurity

Chief incident response officer vs David the Malware Slayer

Sebastiaan de Vries
Date icon July 16, 2020

With the growing complexity of cyberattacks, there is an ever-increasing expectation from the...

Cybersecurity

Returning to the workplace brings elevated insider risk

Dan Leyman
Date icon July 13, 2020

With employees returning to work following the pandemic shut down, now is an appropriate time...

Cybersecurity

Time to make remote working more engaging and productive

Navin Malhotra
Date icon June 25, 2020

The main challenge for leadership has been ensuring that teams remain productive and...