Abstract
In this paper I tackle the question, currently unaddressed in the literature, of how to reconcile the technical understanding of ‘privacy by design’ with the nature of ‘privacy’ in EU law. There, ‘privacy’ splits into two constitutionally protected rights– respect for private and family life, and protection of personal data– whose essence cannot be violated. After illustrating the technical notion of privacy protection goals and design strategies, developed in the privacy threat modelling literature, I propose a method to identify the essence of the two rights, which rests on identifying first the rights’ ‘attributes’. I answer the research question by linking the technical notion of privacy protection goals and strategies with the attributes and related ‘essence’ of the rights to private life and to the protection of personal data. The analysis unveils the need to adjust and further develop privacy protection goals. It also unveils that establishing equivalences between technical and legal approaches to the two rights bears positive effects beyond PbD.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Schartum’s method crosses four legally inspired ‘design techniques’ with four software ‘design elements’. The resulting matrix informs nine-stepped iterations (which he sketches, without unfortunately developing them).
- 2.
Defined by ENISA in [17].
- 3.
Note that the canon ‘utility’ is defined by the International Telecommunications Union [24], but not by ENISA.
- 4.
I am grateful to Marc van Lieshout for his comments, which prompted the clarification of this point.
- 5.
- 6.
See footnote above.
- 7.
Note that the CJEU invalidated the Safe Harbour Agreement in Schrems [44] on grounds of disrespect of this requirement, which it found to be the essence of the right to effective judicial protection enshrined in Art. 47 of the Charter, with no mention to the essence of the protection of personal data.
- 8.
In the version of this research discussed at the conference, I had proposed ‘minimization and accuracy’ as a separate attribute. While accuracy is very well expressed by the requirement to rectify the data, which is part of the attribute data subjects’ rights, the question remains as to whether data minimization should form part of a different attribute. The importance of minimization as a prerequisite for Privacy by Design is well argued, for instance, by Gürses, Troncoso and Diaz [45].
- 9.
That is, by making the interference of limitations to the right automatically serious.
- 10.
I believe this reflection addresses the important point raised by Bieker et al. [10], whereby the risk management performed in the context of technology is different than that performed in the case of privacy rights, because the first enables to factor in some risks, whereas the latter does not. While in abstract this is the case, in practice, particularly in the case of Art. 8, the applicable law allows to factor in a degree of risk. This is the case, for instance, of personal data breaches, which need to be notified only when they entail an appreciable risk to the rights and freedoms of data subjects (Art. 33 GDPR). I articulate the many reasons for this in [46].
References
Koops, B.-J., Leenes, R.: Privacy regulation cannot be hardcoded. A critical comment on the ‘privacy by design’ provision in data-protection law. Int. Rev. Law Comput. Technol. 28, 151–171 (2014)
Schartum, D.W.: Making privacy by design operative. Int. J. Law Inf. Technol. 24, 151–175 (2016)
International Conference of Data Protection and Privacy Commissioners: Joint Proposal for a Draft of International Standards on the Protection of Privacy with regard to the processing of Personal Data (The Madrid Resolution). 30th International Conference of Data Protection and Privacy Commissioners, Madrid (2009). https://icdppc.org/wp-content/uploads/2015/02/The-Madrid-Resolution.pdf
Cavoukian, A.: Privacy by Design…Take the Challenge (2010). http://www.privacybydesign.ca/content/uploads/2010/03/PrivacybyDesignBook.pdf
Wuyts, K., Scandariato, R., Joosen, W.: LINDDUN: a privacy threat analysis framework. https://people.cs.kuleuven.be/~kim.wuyts/LINDDUN/LINDDUN.pdf
Danezis, G., et al.: Privacy and data protection by design – from policy to engineering. ENISA (2014)
Pagallo, U.: On the principle of privacy by design and its limits. In: Gutwirth, S., Leenes, R., De Hert, P., Poullet, Y. (eds.) European Data Protection. In Good Health?, pp. 331–346. Springer, Dordrecht (2012). https://doi.org/10.1007/978-94-007-2903-2_16
Kamara, I.: Co-regulation in EU personal data protection: the case of technical standards and the privacy by design standardisation ‘mandate’. Eur. J. Law Technol. 8 (2017)
Rachovitsa, A.: Engineering and lawyering privacy by design: understanding online privacy both as a technical and an international human right issues. Int. J. Law Inf. Technol. 24, 374–399 (2016)
Bieker, F., Friedewald, M., Hansen, M., Obersteller, H., Rost, M.: A process for data protection impact assessment under the European general data protection regulation. In: Schiffner, S., Serna, J., Ikonomou, D., Rannenberg, K. (eds.) APF 2016. LNCS, vol. 9857, pp. 21–37. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-44760-5_2
Tsormpatzoudi, P., Berendt, B., Coudert, F.: Privacy by design: from research and policy to practice – the challenge of multi-disciplinarity. In: Berendt, B., Engel, T., Ikonomou, D., Le Métayer, D., Schiffner, S. (eds.) APF 2015. LNCS, vol. 9484, pp. 199–212. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31456-3_12
Porcedda, M.G.: Cybersecurity and privacy rights in EU law. Moving beyond the trade-off model to appraise the role of technology. Ph.D. thesis. European University Institute (2017)
Charter of Fundamental Rights of the European Union, OJ C 303/01. Official Journal C 303/01, pp. 1–22, European Union (2007)
Brkan, M.: In search of the concept of essence of EU fundamental rights through the prism of data privacy. Maastricht Working Paper (2017)
Lynskey, O.: The Foundations of EU Data Protection Law. Oxford University Press, Oxford (2015)
Tzanou, M.: EU counter-terrorism measures and the question of fundamental rights: the case of personal data protection. Ph.D. thesis, European University Institute (2012)
ENISA: Glossary. https://www.enisa.europa.eu/topics/threat-risk-management/risk-management/current-risk/risk-management-inventory/glossary
Microsoft: Threat modeling. https://www.microsoft.com/en-us/sdl/adopt/threatmodeling.aspx
OWASP: Risk modeling. https://www.owasp.org/index.php/Threat_Risk_Modeling
OWASP: Threat modeling. https://www.owasp.org/index.php/Application_Threat_Modeling
Jouinia, M., Rabaia, L.B.A., Aissab, A.B.: Classification of security threats in information systems. In: 5th International Conference on Ambient Systems, Networks and Technologies (ANT-2014). Procedia Computer Science, pp. 489–496 (2014)
Microsoft: The STRIDE threat model. https://msdn.microsoft.com/en-us/library/ee823878(v=cs.20).aspx
Microsoft: Applying STRIDE. https://msdn.microsoft.com/en-us/library/ee798544%28v=cs.20%29.aspx
International Telecommunication Union: Security in Telecommunications and Information Technology. An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications (2015). https://www.itu.int/dms_pub/itu-t/opb/tut/T-TUT-SEC-2015-PDF-E.pdf
Berendt, B.: Better data protection by design through multicriteria decision making: on false tradeoffs between privacy and utility. In: Schweighofer, E., Leitold, H., Mitrakas, A., Rannenberg, K. (eds.) Privacy Technologies and Policy, pp. 210–230. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-319-67280-9_12
Hansen, M., Jensen, M., Rost, M.: Protection goals for privacy engineering. In: Security and Privacy Workshops (SPW). IEEE (2015)
Hoepman, J.-H.: Privacy design strategies. In: 2013 Privacy Law Scholars Conference (PLSC), Cornell University, Ithaca, NY, USA (2013)
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the Protection of Individuals with regard to the Processing of Personal Data and on the Free Movement of such Data (Data Protection Directive) OJ L 281, vol. OJ L 281, pp. 31–50 (1995)
Regulation 2016/679/EU of the European Parliament and of the Council of 27 April 2016 on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of such data, and Repealing Directive 95/46/EC (General Data Protection Regulation), OJ L 119/1 (2016)
European Commission: Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications) (2017)
Porcedda, M.G.: On boundaries. In search for the essence of the right to the protection of personal data. In: de Hert, P., van Brakel, R., Leenes, R. (eds.) Proceedings of the 11th Computers, Privacy and Data Protection Conference, Hart (forthcoming)
United Nations, High Commissioner for Human Rights (OHCHR): Human Rights Indicators. A Guide to Measurement and Implementation (2012)
Candler, J., Holder, H., Hosali, S., Payne, A.M., Tsang, T., Vizard, P.: Human Rights Measurement Framework: Prototype Panels, Indicator Set and Evidence Base. Equality and Human Rights Commission, London (2011)
Fundamental Rights Agency: Using indicators to measure fundamental rights in the EU: challenges and solutions (2011)
Koops, B.-J., Clayton Newel, B., Timan, T., Skorvanek, I., Chokrevski, T., Galic, M.: A typology of privacy. Univ. Penn. J. Int. Law 38, 483 (2017)
Finn, R.L., Wright, D., Friedewald, M.: Seven types of privacy. In: Gutwirth, S., Leenes, R., de Hert, P., Poullet, Y. (eds.) European Data Protection: Coming of Age, pp. 3–32. Springer, Dordrecht (2013). https://doi.org/10.1007/978-94-007-5170-5_1
Convention for the Protection of Human Rights and Fundamental Freedoms (as amended by Protocols No 11 and 14), Council of Europe, ETS no 005, 4 November 1950, Rome (1950)
X and Others v. Austria, no. 19010/07 CE:ECHR:2013:0219JUD001901007 (2013)
Opinion 1/15 of the Court (Grand Chamber), ECLI:EU:C:2017:592 (2017)
Judgment of 5 October 2010 in McB, C-400/10 PPU, ECLI:EU:C:2010:582, (2010)
Judgment of 8 April 2014 in Digital Rights Ireland and Seitlinger and Others, Joined cases C-293/12 and C-594/12, ECLI:EU:C:2014:238 (2014)
Judgment of 13 May 2014 in Google Spain and Google, C-131/12, ECLI:EU:C:2014:317 (2014)
Convention for the Protection of Individuals with regard to automatic processing of personal data, Council of Europe, CETS n. 108, 28 January 1981. In: Europe, C.o. (ed.) vol. CETS No. 108, Strasbourg (1981)
Judgment of 6 October 2015 in Schrems, C-362/14, ECLI:EU:C:2015:650 (2015)
Gürses, S., Troncoso, C., Diaz, C., Engineering privacy by design. In: Paper Discussed at the 4th Computers, Privacy & Data Protection Conference, Brussels (2011)
Porcedda, M.G.: Patching the patchwork: appraising the EU regulatory framework on cyber security breaches. Comput. Law Secur. Rev. 34, 1077–1098 (2018)
Porcedda, M.G., Wall, D.S.: Data science, data crime and the law. In: Berlee, A., Mak, V., Tjong Tijn Tai, E. (eds.) Research Handbook on Data Science and Law. Edwar Elgar, Cheltenham (2018, forthcoming)
Gürses, S., Troncoso, C., Diaz, C., Engineering privacy by design reloaded. http://carmelatroncoso.com/papers/Gurses-APC15.pdf
Acknowledgements
I wish to thank my anonymous reviewers, the participants of the APF 2018 and Martyn Egan for suggestions on how to improve this draft. An early draft of this chapter appeared in a restricted deliverable of the FP7 SURVEILLE project (grant agreement no. 284725), as well as my PhD thesis, partly funded by SURVEILLE. Completion of this chapter was funded by the EPSRC research project “Combatting cRiminals In The Cloud” (CRITiCal - EP/M020576/1).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Porcedda, M.G. (2018). ‘Privacy by Design’ in EU Law. In: Medina, M., Mitrakas, A., Rannenberg, K., Schweighofer, E., Tsouroulas, N. (eds) Privacy Technologies and Policy. APF 2018. Lecture Notes in Computer Science(), vol 11079. Springer, Cham. https://doi.org/10.1007/978-3-030-02547-2_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-02547-2_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-02546-5
Online ISBN: 978-3-030-02547-2
eBook Packages: Computer ScienceComputer Science (R0)