OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pbd-se message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: Comments: Privacy by Design Documentation for Software Engineers v0.1

Hei PbD-SEers.

 

Another comment on the v0.1 document content.

 

A fundamental component of information privacy is the notion of the Privacy Data Lifecycle (PDL). Since the impact of privacy comes with “data”, the tracking of the various data processing steps can have a very important role in understanding the privacy impact of a product. One approach to Privacy Engineering is to look at the product in terms of the PDL and which activities apply to help manifest privacy safeguards. I have looked at this approach to privacy assessment and refer to it as “Data Lifecycle Based Privacy Assessment”.

 

For my use, I refer to the following PDL data processing steps:

 

-          System description

-          Collection

-          Use

-          Storage

-          Transfer

-          Maintenance

 

And associate the following Privacy Engineering activities at each step:

 

-          System description

o   Train System Under Review (SUR) team on information privacy and product security

o   Identify responsible business, project management, legal, marketing privacy and security champ for contacts for the SUR

o   Describe SUR business intent, purposes, justification

o   Describe SUR system framework , internal and external interactors

o   Identify SUR main use cases that scope intended processing

o   Create DFD for main use cases

-          Collection

o   Identify primary purposes

o   Identify secondary purposes

o   Identify all personal data to be collected

o   Classify collection methods (EG, Automatic, 3rd Party, User Input, Analog)

o   Classify (EG, ”PII 2.0”) all personal data

o   Identify sensitive personal data requiring explicit notice (EG, location data)

o   Validate data to be collected against stated purposes

o   Identify candidates for data minimization

o   Verify the security controls to be used for all collection methods

o   Identify control methods to be used to safeguard requirements

o   Identify findings to be actioned

-          Use

o   Create appropriate links to the your Privacy Policy

o   Create Privacy Supplement or Additional Privacy Details documents as appropriate

o   Validate that all purposes are legitimate, fair and legal and proportionate to value provided to the user

o   Validate control methods to be used for user Notice and Consent

o   Identify methods to support user control of data processing

o   Identify any child use of SUR and specific privacy requirements

o   Identify any advertising use and specific privacy requirements

o   Create controls to allow user to opt-out of marketing activities

o   Identify audit/logging methods for validating data processing usage

o   Identify use cases of data analysis and validate purposes

o   Verify the security controls to be used for all data processing

o   Identify control methods to be used to safeguard requirements

o   Identify findings to be actioned

-          Storage

o   Create a data retention plan

o   Identify and remove any hidden data stores

o   Verify storage location for all collected data elements

o   Verify the security controls to be used for all data stores

o   Identify control methods to be used to safeguard requirements

o   Identify findings to be actioned

-          Transfer

o   Document precise location, identifier, processor contact for all network servers

o   Verify user control for 3rd party transfers of personal data

o   Verify conformance with requirements on international transfer of personal data

o   Identify methods to ensure confidentiality of any user communications

o   Train team on 3rd party privacy and security requirements and handling

o   Verify implementation of such 3rd party privacy and security requirements

o   Verify written agreements with 3rd party(s) includes a provision for Data Protection and Security Requirements that 1st party (you) follow

o   Verify the security controls to be used for all data transfers

o   Identify control methods to be used to safeguard requirements

o   Identify findings to be actioned

-          Maintenance

o   Create a user data access and redress plan

o   Identify methods to promote user interests pertaining to privacy

o   Make necessary notifications to national Data Protection Authorities

o   Verify applicability and compliance with necessary employment privacy requirements

o   Create a data deletion plan to support user requests

o   Create a program ramp-down plan

o   Create an IRM integrated plan for responding to privacy issues

o   Conduct a security assessment with Unit Product Security Officer

o   Identify control methods to be used to safeguard requirements

o   Conduct a risk analysis with product management team

o   Identify findings to be actioned

o   Identify privacy safeguarding methods suitable for design patterns

I think this is a useful additional content for a section within the specification.

 

Frank/

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]