Privacy by Design

Earlier this week, CDT submitted comments to the Federal Trade Commission (FTC) calling for the Commission to encourage business practices that are consistent with Privacy by Design, a concept prominently championed by Ontario’s Information and Privacy Commissioner Anne Cavoukian. We submitted the comments in advance of the FTC’s second “Exploring Privacy” roundtable, to be held in Berkeley, CA on January 28, 2010.

Our comments emphasize the role that Privacy by Design, the incorporation of privacy into the very fabric of new technologies and the policies and practices that govern them, can play in fostering an innovative Internet. As new technologies enable the collection of greater amounts of data online, it is essential that companies consider privacy at each stage of product development. As described by Cavoukian, “Privacy by Design asserts that the future of privacy cannot be assured solely by compliance with regulatory frameworks; rather, privacy assurance must ideally become an organization’s default mode of operation.”

Privacy by Design is often associated with Privacy Enhancing Technologies (PETs), such as encryption software, anonymizers, and browser extensions that provide granular data controls. While innovative PETs are an important component of Privacy by Design, when relegated to afterthoughts and product add-ons they do not fulfill the larger goal of crafting a set of consumer rights and company responsibilities that together fortify and protect the decisions that consumers make online. Privacy by Design is about building in privacy from the beginning.

Browser cookie controls provide a useful example of the limitations of PETs and of the importance of Privacy by Design as a broader concept. When cookies were first introduced on the Web, browsers provided no way for users to control their use. As concerns were raised about potentially privacy-invasive uses of cookies, browser vendors began to add cookie controls into their products, beginning with rudimentary tools and evolving over time to the more sophisticated controls in place today.

While existing cookie controls can serve as powerful privacy protection for those who understand how to use them, for many Internet users these controls are too complicated. This is part of the reason why CDT and others have supported simpler consumer choice mechanisms. If cookies and their associated browser functionality had been designed with privacy in mind from the very beginning, as Privacy by Design requires, it is highly unlikely that cookies and the technologies available for controlling them would look the way they do today. 

Privacy by Design offers a roadmap to integrate privacy considerations into business models, product development cycle, and new technologies and can help companies incorporate a full set of Fair Information Practice principles (FIPs) into their data collection and use practices. Privacy by Design should not, however, be viewed as a proxy for regulation. Efforts to encourage a Privacy by Design approach to innovation should be supplemented by a rigorous mix of self-regulation, enforcement of existing law, and enactment of a new consumer privacy statute that establishes baseline protections and gives the FTC rulemaking authority.

If legislators, regulators, and innovators work together to build and then buttress a regulatory and legislative framework with best practices that reflect Privacy by Design, then consumers and companies alike will discovery that privacy and innovation are not mutually exclusive, but that privacy is instead an essential element of the innovative Internet.