Skip main navigation
We use cookies to give you a better experience, if that’s ok you can close this message and carry on browsing. For more info read our cookies policy.
We use cookies to give you a better experience. Carry on browsing if you're happy with this, or read our cookies policy for more information.

Skip to 0 minutes and 7 secondsSo what is Privacy by Design? Privacy by Design is the new approach towards building I.T. systems in such a way that privacy or data protection principles are embedded into an I.T. system from the start. Privacy by Design has been recognised by the European Data Protection Regulation and is generally seen as a way to tackle or handle privacy, as well as security issues. Privacy by Design is achieved if during the system design phase, we run through a so called "privacy risk assessment". Or, in other words, a privacy impact assessment. Privacy impact assessments are also now recognised by the European Data Protection Regulation. And they must follow a pretty clear methodology.

Skip to 1 minute and 5 secondsA standard for this methodology is currently finalised by the International Standardisation Organisation-- ISO. Most notably by the document 29-134. When it comes to RFID deployment, in particular, CEN has recently published a standard as well on how to do a privacy risk assessment. What do you have to expect when I talk about a privacy impact assessment or a risk based model to build up a privacy by design? The first step, just as in the related security risk assessment, is to ask what it is that needs to be protected? What is the protection goal? Take the example of not tracking a costumer through an RFID system. The protection goal would be to protect a person from being tracked.

Skip to 2 minutes and 7 secondsThe next step is to estimate how important is it for people in general, or for the costumers, to not be tracked. So to determine the degree of protection demand. Thus we know our protection goal and we know how important it is. In the next step, we can see how this protection goal is actually threatened. We can even do a kind of attack tree analysis to see how the protection goal is threatened. Once we have understood the threat, or several threats, we can also see whether those threats are likely or not. And if they are likely, then the next step is to define concrete controls that would mitigate those threats.

Skip to 2 minutes and 59 secondsWhat you have to be aware of, and this is the magic of Privacy by Design, is that every threat, every single threat, needs to be mitigated by some kind of control. That can be either technical controls or government controls. If you address all the different threats for the relevant protection goals with the control, you end up with the privacy by design. And this is what you want to have in your Internet of Things. Thank you very much for your attention.

Privacy by design

We hear from Dr. Sarah Spiekermann who chairs the Institute for Management Information Systems at Vienna University of Economics and Business. In this piece which Dr. Spiekermann recorded for us on location in Vienna she talks us through the concept of ‘Privacy by Design’.

Dr.Spiekermann’s book on this topic:

Sarah Spiekermann. Ethical IT Innovation: A Value-Based System Design Approach. : Auerbach Publications; 2015.

Share this video:

This video is from the free online course:

The Internet of Things

King's College London

Contact FutureLearn for Support