Privacy by Design

Privacy by design is an approach that promotes privacy and data protection compliance throughout the whole system engineering process. The Information & Privacy Commissioner of Ontario has taken a leading role in developing the privacy by design concept, establishing a reference framework of “Seven foundational principles of privacy by design” with respect to a proactive, transparent and user-centric engineering process. [1][2]
The 7 principles are:
•    Proactive not Reactive; Preventative not Remedial
•    Privacy as the Default setting
•    Privacy Embedded into Design
•    Full Functionality – Positive-Sum, not Zero-Sum
•    End-to-End Security – Full Lifecycle Protection
•    Visibility and Transparency – Keep it Open
•    Respect for User Privacy – Keep it User-Centric

 

[1]    Informations Commisioner´s Office (n.d.), Privacy by design, https://ico.org.uk/for-organisations/guide-to-data-protection/privacy-by-design/, retrieved January 25, 2018.
[2]    Cavoukian, A. (2006), Privacy by Design. The 7 Foundational Principles, https://www.ipc.on.ca/wp-content/uploads/Resources/pbd-implement-7found-principles.pdf, retrieved January 25, 2018.
 
Trend tendency (relative frequency of related scientific publications)
Relative frequecies of Privacy by Design related publications
Public Sector Relevance (relative frequency of related scientific publications)
Trend Public Sector Relevance of Privacy by Design related publications
Big data potential
No
Type of content:
Trends
Type of trend:
Assessment matrix
 Agenda SettingPolicy Design and AnalysisPolicy ImplementationPolicy Monitoring and Evaluation
Agriculture, Fisheries, Forestry & Foods
Economy & Finance
Education, Youth, Culture & Sport
Employment & Social Security
Environment & Energy
Health
Foreign Affairs and Defence
Justice, Legal System & Public Safety
Public Affairs
Innovation, Science & Technology
Urban Planning & Transport
Institutional Questions / Internal Affairs

Comments

In July 2018, the European Commission has fined Google EUR 4.34 billion for illegal practices regarding Android mobile devices to strengthen the dominance of Google's search engine. [1]

With its illegal practices, Google not only violated the EU antitrust rules but also the seven principles of privacy by design. The pre-installment of Google Search and Google Chrome on Android devices as a condition for licensing the Playstore as well as the prevention of so-called „Android forks“ is a fundamental interference in the freedom of choice and the personal control over the data flows of the endusers.

The change of Google’s Privacy Policy in 2012 in combination with the pre-installment of Google services and apps on most Android devices gave Google the possibility to combine the private data retrieved from each Google service. That happened without providing the endusers with an adequate opt-out mechanism. [2]

Google’s reaction to the penalty is the introduction of a Licensing model which will come into effect on October 29, 2018. The Licensing model now distinguishes between Google Search App and Chrome browser (Google’s most important revenue streams) and the rest of Google‘s app suite which manufacturers now have to pay a license fee for. [3]

It is indeed questionable if this new model guarantees the users more control on what is happening with their private data, but it at least offers them more choices by opening the Android market for other service providers who integrated the PbD principles.

 

[1] European Commission (2018), Antitrust: Commission fines Google €4.34 billion for illegal practices regarding Android mobile devices to strengthen dominance of Google's search engine, http://europa.eu/rapid/press-release_IP-18-4581_en.htm, retrieved Oktober 18, 2018.

 

[2] Rubenstein, I., Good, N. (2013), Privacy by Design: A Counterfactual Analysis of Google and Facebook Privacy Incidents, https://scholarship.law.berkeley.edu/cgi/viewcontent.cgi?referer=&httpsredir=1&article=2007&context=btlj, retrieved Oktober 18, 2018.

 

[3] Lockheimer, H. (2018), Complying with the EC’s Android decision, https://www.blog.google/around-the-globe/google-europe/complying-ecs-android-decision/, retrieved October 18, 2018.