The premier weekly newspaper for the legal profession in Ontario
Issue link: https://digital.lawtimesnews.com/i/50201
Law Times • January 24, 2011 An online resource 1.800.263.3269 Focus On PRIVACY LAW Cavoukian gets kudos for PbD Innovative concept integrates privacy tactics from the beginning BY ROBERT TODD Law Times O ntario Information and Privacy Commis- sioner Ann Cavoukian became the toast of the global privacy and data protection com- munity in 2010 when her Privacy by Design concept was embraced in a resolution at the 32nd Interna- tional Conference of Data Protection and Privacy Commissioners. But Cavoukian tells Law Times the crowning achievement for her groundbreaking concept — which calls for the embedding of privacy considerations at the earliest stages of the creation of new technologies and business practices — was a long time coming. What's now known as PbD grew out of a paper Ca- voukian authored in the mid-1990s with Peter Hustinx, who's now the European Union's data protection super- visor, on privacy-enhancing technologies. Th eir presen- tation of their observations to the International Confer- ence of Data Protection and Privacy Commissioners in Brussels met with complete silence. "It was not well-received and it was surprising to me," Cavoukian says in an interview. She admits that privacy-enhancing technologies were an unprecedent- ed concept at the time and points out that privacy commissioners were a highly regimented, regulatory- focused lot then. "Th is notion of enlisting the support of technology to protect privacy, instead of erode it, was a foreign concept," she explains. But Cavoukian and Hustinx persisted, spending the next few years heralding its virtues at each opportuni- ty. In the third year, former British privacy watchdog Elizabeth France got on board by strongly advocating the idea of privacy-enhancing technologies at a forum of European privacy czars. "It was like turning on a light switch — everything changed," Cavoukian recalls. "All of a sudden, [pri- vacy-enhancing technologies] became the new thing, and everyone was focusing on [them]." Meanwhile, Cavoukian had been working to re- fi ne the ideas she and Hustinx espoused at the Brus- sels meeting. Th ose ruminations led her to the idea of PbD. She was eager to ex- pand the proactive nature of the concept beyond the realm of technology. In her view, the idea needed to expand to the creation of business practices, networked infrastructure, and even the physical design of buildings like hospitals and pharmacies. "I came up with the term Privacy by Design — that it should be by design; it should not be an accident," she says. "It shouldn't be reactive after the fact." Regulatory schemes simply outline restricted behaviours and provide remedial measures for violations. Cavoukian saw wisdom in putting the focus on what must happen before the fact in order to avoid the harm. "I kept thinking it's got to be by design," she says. Th at leads back to last Oc- tober's meeting of interna- tional privacy commissioners the resolution backing PbD, which the federal pri- vacy commissioner and her counterparts from Berlin, New Zealand, the Czech Republic, and Estonia co- sponsored, wasn't a foregone conclusion. Th e resolu- tion that preceded it, for example, was shelved after 45 minutes of debate. But the only questions directed at Cavoukian were about implementation of PbD, which she followed up on by creating a curriculum in the month after the conference. "It's now an international standard that's being ap- plied globally," she says. "Th e beauty of it, to me, is it shifts the focus to the proactive. In this day and age — when you have cloud computing, Web 2.0, Web 3.0, the semantic web, wireless everything — the ability to control that you may have had before has evaporated. So we need new legal instruments, new methods of protecting what is the most sacred of rights: the right to privacy." Of course, it's one thing to espouse a sensible the- ory but quite another to have it implemented in the real world. Th at's why Cavoukian has been working with organizations like Hydro One Inc. and Toronto Hydro to ensure their emerging smart-grid systems, which will make detailed information on consumers' home energy usage available, are in line with PbD principles. Major corporations like General Electric Co., IBM, Colleagues initially gave Ann Cavoukian's PbD concept a cold reception. in Jerusalem, where PbD received the exact opposite response to Cavoukian and Hustinx' privacy-enhanc- ing technologies concept in the mid-1990s. Th e reso- lution recognizes PbD as an "essential component of fundamental privacy protection" and calls for com- missioners across the globe to promote it in part by incorporating its seven foundational principles in privacy policy and legislation and by pushing for re- search into the concept. "I can't tell you how remarkable it felt," Cavoukian says. "It was the most validating experience to have this concept recognized." It's important to point out that the acceptance of and Intel Corp. have also embraced the concept. "2010 was the year of Privacy by Design," says In- tel senior policy counsel Brian Huseman. "Th e work that [Cavoukian] has done and her leadership is really showing up in a lot of diff erent jurisdictions and a lot of diff erent areas around the world." Huseman says his company considers PbD an "es- sential part" of any of its product development or privacy protection eff orts. Intel has assigned person- nel to oversee privacy issues from the earliest stages of research and development, train employees on privacy, and conduct privacy reviews on products and services all in an eff ort to fall in line with PbD's principles. At the same time, not everyone views the PbD con- PRIVACY BY DESIGN: THE SEVEN FOUNDATIONAL PRINCIPLES cept as a saving grace. Bernice Karn, a partner with Cas- sels Brock & Blackwell LLP's information, communica- tions, and entertainment group, believes the cost of fully implementing it is a non-starter for many businesses. "I'm not sure I necessarily buy 1. Proactive, not reactive; preventative, not remedial: The PbD approach is characterized by proactive rather than reactive measures. It anticipates and prevents privacy-invasive events before they happen. 2. Privacy as the default: PbD seeks to deliver the maximum degree of privacy by ensuring that personal data is automatically protected in any given system or business practice. If individu- als do nothing, their privacy remains intact. 3. Privacy embedded into design: PbD is embedded into the design and architecture of techno- logical systems and business practices. It is not bolted on as an additional element after the fact. 4. Full functionality; positive-sum, not zero-sum: PbD seeks to accommodate all legitimate in- terests and objectives in a positive-sum, win-win manner, not through a dated zero-sum ap- proach involving unnecessary trade-off s. 5. End-to-end security: PbD, having been embedded into the system prior to the fi rst element of information being collected, extends securely throughout the entire life cycle of the data involved. Strong security measures are essential to privacy from start to fi nish. 6. Visibility and transparency: PbD seeks to assure all stakeholders that whatever the business practice or technology involved, it is in fact operating according to the stated promises and objectives subject to independent verifi cation. 7. Respect for user privacy: Above all, PbD requires architects and operators to keep the inter- ests of the individual top of mind by off ering measures such as strong privacy defaults, ap- propriate notice, and user-friendly options. Source: privacybydesign.ca www.lawtimesnews.com her argument that it shouldn't be a zero-sum situation; that it should be a win-win in terms of privacy-enhancing technolo- gies," says Karn. "Businesses need to see answers on the bot- tom line, and I think that's re- ally what's driving them." But for Cavoukian, the PbD concept may soon be the only way for regulators to protect privacy as technologies like cloud computing and geoloca- tion tracking devices become more prevalent. "Th e ability to transmit per- sonally identifi able informa- tion, use it, and disclose it, it's going to happen at lightning speed," she says. "Th at's why Privacy by Design, I think, is so important in this decade. It's going to be beyond our grasp in the traditional regulatory models to enforce compliance with existing statutes." LT PAGE 9