Privacy by Design: essential for organizational accountability and strong business practices

• Published in: Identity in the information society Vol. 3; no. 2; pp. 405 - 413
• Main Authors: Cavoukian, Ann, Taylor, Scott, Abrams, Martin E.
• Format: Journal Article
• Language: English
• Published: Dordrecht Springer Netherlands 01.08.2010
• Subjects: Computer Science; Ethics; Legal Aspects of Computing; Philosophy of Technology; Social Sciences; Organizational accountability; Privacy assurance; Fair information practices
• ISSN: 1876-0678; 1876-0678
• DOI: 10.1007/s12394-010-0053-z

An accountability-based privacy governance model is one where organizations are charged with societal objectives, such as using personal information in a manner that maintains individual autonomy and which protects individuals from social, financial and physical harms, while leaving the actual mechanisms for achieving those objectives to the organization. This paper discusses the essential elements of accountability identified by the Galway Accountability Project, with scholarship from the Centre for Information Policy Leadership at Hunton & Williams LLP. Conceptual Privacy by Design principles are offered as criteria for building privacy and accountability into organizational information management practices. The authors then provide an example of an organizational control process that uses the principles to implement the essential elements. Initially developed in the ‘90s to advance privacy-enhancing information and communication technologies, Dr. Ann Cavoukian has since expanded the application of Privacy by Design principles to include business processes.