Visibility and Transparency

Privacy by Design seeks to assure all stakeholders that whatever the business practice or technology involved, it is operating according to the stated promises and objectives, subject to independent verification. Its component parts and operations remain visible and transparent, to both users and providers alike. Remember, trust but verify!
Visibility and transparency are essential to establishing accountability and trust. This PbD principal tracks well to Fair Information Practices in their entirety, but for auditing purposes, special emphasis may be placed upon the following FIPs:

Accountability – The collection of personal information entails a duty of care for its protection. Responsibility for all privacy-related policies and procedures shall be documented and communicated as appropriate and assigned to a specified individual. When transferring personal information to third parties, equivalent privacy protection through contractual or other means shall be secured.
Openness – Openness and transparency are key to accountability. Information about the policies and practices relating to the management of personal information should be made readily available to individuals.
Compliance – Complaint and redress mechanisms should be established, and information communicated about them to individuals, including how to access the next level of appeal. Necessary steps to monitor, evaluate, and verify compliance with privacy policies and procedures should be taken.

What is Privacy by Design?

Why it's Important to Build in Privacy by Design

Proactive not Reactive; Preventative not Remedial

Privacy as the Default

Privacy Embedded into Design

Full Functionality – Positive-Sum, not Zero-Sum

End-to-End Security – Lifecycle Protection

Visibility and Transparency

Respect for User Privacy

Requirements Gathering and Analysis

Design

Development

Testing

Deployment

Operations and Maintenance

Upgrade or Decommission

Visibility and Transparency

No Comments