Privacy in Information technology
Privacy is needed to taken care with utmost importance with the recent development of the information technologies. This paper briefly describes the idea of privacy inside an information technology organisation and the requirement of privacy. The properties of the privacy policies are discussed namely anonymity, unlinkability, pseudonymity unobservability and undetectability. Next the paper describes the various principles of the privacy design of the system. There are seven key principles of Privacy by Design (Drey and Delak 2021). The paper further elaborates the strengths and weaknesses of the implementation of privacy at the very initaial stage and providing appropriate situations according to the implementation of the system.
Privacy process is achieved by the realisation of the privacy issues through specific steps and flow of activities. The five basic privacy properties that are described are anonymity, undetectability, unlinkability, pseudonymity and unobservability. These factors need to taken care of while the design and implementation stages are being handled. Anonymity is defined to be the characteristics that helps identifiable information not to be identified in an indirect or direct manner. It helps in protecting the user of the services. The benefits of this are it helps users to not reveal their identity while accessing services. Safety from user profiling is provided with no location tracking and user involvement is minimalized. The negative side of it is it has to confirm user accountability, maintain usability of necessary information (Morales-Trujillo et al. 2018), Law enforcement require to erase anonymity to detect criminal activities requiring investigation of human identity. Next Pseudonymity is the use of an alias so that personally identifiable data are always kept safe and the data available cant link it to any real identity. It helps users accessing services without having to disclose real identities. Reputational capital grows under pseudonymity. User accountability is maintained. It helps users to safeguard themselves from the threat of online services. The limitations of pseudonymity lead to forgery or impersonation allowing few users to abuse their privacy and carry out unethical services (Gabel and Schiering 2018). Unlinkability is the process of using a resource without being able to be linked the user of the service by using a third party. The benefits that are offered by unlinkability are protection of the privacy of the user while using a service by not facilitating malicious and harmful third parties to monitor which services are under use of the user. It helps in restricting profiling and misuse of data related to privacy. The limitations would be to store large numbers of unlinkability sets. The Undetectability is defined as the ability to be not detected or distinguished by a third party while a group of users are using the services (Morales-Trujillo et al. 2018). The strength of this undetectability comes from the number of nodes present in the undetectability sets. It helps the users to stay undetected not allowing third parties to understand which user is using which service. Limitations would be maintaining an equal traffic distribution between senders and receivers (Pattakou et al. 2018). Lastly unobservability is the inability of observation whether a user uses a service or not. It provides in increasing system anonymity and undetectability.
Principles of Privacy
The PbD facilitates the views of future towards privacy by implementation of privacy assurance that is determined as the primary mode of operating business. The PbD is applied on IT systems and solutions, business practices and infrastructure of the network (Bu et al. 2020). The strength of privacy must be regulated according the sensitivity of the information. The primary objective is defined as ensuring control of access over personal information facilitating privacy with special care taken to sensitive data to gain a sustainable growth and advantage over competitors. There are 7 basic principles of privacy that must be ingrained in the system. First, the system should be preventive and proactive dynamically preventing privacy issues before occurrence. There is no waiting for risk occurrence, the risks are analysed and mitigated throughout the system. Secondly, there should be no need of privacy afterwards as it should be a default setting being built with the system design and implementation. Data privacy is taken maximum care of being automatically protected without any requirements (Bennet 2018). Thirdly, Privacy must be embedded into the design and infrastructure of the system as it becomes an effective component for business functionality core. Privacy is an integral part of the system and it provides in increasing business functionality. At fourth, The PbD accommodates all interests and goals of the company by a positive sum manner diminishing the idea of unnecessary trade-offs (Cavoukian et al. 2020). The fifth principal defines that PbD provides security measures throughout the entire life cycle of the information ensuring privacy from the start to the end. All data in the system are secured, retained, and destroyed at the end of the need of the data. At sixth place, PbD allows transparency and visibility to all of its stakeholders about the operations, practices or technologies involved in the system. PbD assures that operations are operating according to the goals, objectives and stated promises and can be subjected to verifications. Lastly the seventh principle states PbD should be user-centric requiring the archivists and operators to give utmost importance to the interest of the users offering measures privacy defaults, notices, and user-friendly services (Morales-Trujillo et al. 2018).
Data privacy must be integrated into the design of the system leading to the rise of PbD. However, this process has its own sets of strength and weaknesses that are needed to be assessed for the sustainable development of an ICT. The strengths and opportunities that might be accessed are the saving the cost of business in the long-term including avaibility of sanctions. There is a significant decrease in the time taken and effort required in design and post implementation stage of the system (Romanou 2018). The company is able to provide higher rate of protection of data to its audience. There is a sense of understanding developed between the multidisciplinary teams by higher collaborations and coordination. It allows the detection of privacy issues by development of a Privacy Impact Assessment (Vemou and Karyda 2018). The PbD helps in facilitating privacy measures with help in reinforcement of image of the firm to the audience. Trust if the stakeholder towards the company is significantly improved. PbD at times is used as a marketing tool to attract interested customers (Poritskiy, Oliveira and Almeida 2019). The weaknesses that might be seen in the company are excessive use of resources with lack of proper understanding about the necessity of the new system. Sometimes excessive measures are taken to protect privacy of the information leading to customer and stakeholder dissatisfaction due to the rigidity and opacity of the process (Büscher, Perng and Liegl 2019). During the integration of the PbD in the system by the analysts, at times, employees do not welcome new implementations increasing tension inside the company. There is will inside the employees to not to be regulated by other professionals trying to secure privacy for the system (Justinger et al. 2019). There are many questions attached to the mind of the employees regarding the issues of the integration of the process. The leading area of questions are the quality of the privacy and security measures and risk to labour and the work environment. The focus of PbD should be dynamic caring about sensitive information with more priority, failing in which might lead to catastrophic loss of data and private information (Sangaroonsilp, Dam and Ghose 2021). Weaknesses should be mitigated and strength should be promoted for the success of ICT.
Strength and weakness
According to the above analysis, four situations are found for the implementation of PbD to manage privacy inside an ICT. The first situation leads to an offensive strategy that Formalizes the practices in designing privacy from inside of the organization, by creation of programs, procedures and routines that helps in reaching organizational goal. Certi?cations are provided in quality and privacy standards that prove the compliance with privacy (Alessi et al. 2021). The second situation leads to adapting a defensive strategy which helps in communication with data owners for PbD focuses to be adopted and its advantages on the company. It requires performing marketing planning for communication with the data processing in terms of privacy protection. The third situation describes the reorientation of the strategy to raise the awareness of the managers to implement privacy as a part of every decision made for collection and sharing of private information and develop the same awareness between to the employees (Bednar, Spiekermann and Langheinrich 2019). There should be ample trainings and campaigns to promote and teach privacy awareness to the employees to signify the need of implementation of PbD (Dias Canedo et al. 2020). The final situation leads to survival strategy which helps in collaboration with consultancies to provide help to the organization with privacy. Privacy risks are incorporated and assessed while risk assessment done for the company in the initial stage.
Recent developments in the Information and Communications Technologies have to the rise for need of privacy in human lives. Companies aims to access the control to private information by proposing various rules and guidelines which helps in attaining sustainable development and innovation with protection to user data. This paper briefly describes the concept of privacy in information and communications technologies and why it is an important factor for protecting data privacy. The paper briefly discusses about general data protection regulations and how PbD satisfies the sets of rules in GDPR in generation of security policies for the firm. Companies are adopting the basic properties of privacy in terms of anonymity, unlinkability, pseudonymity unobservability and undetectability. The seven principles of Program by design are briefly discussed along with its strength and weaknesses in achieving privacy for the organization. Lastly the paper concludes with the situations for implementation of the program by design by various strategies.
Alessi, A., Ciccarelli, G., Cipolli, L., Guidotti, L., Marsano, A. and Hanganu, A., 2021. Privacy by design and by default in software development in order to prevent unlawful processing of personal data. Privacy certifications impact on software development and liabilities.
Bednar, K., Spiekermann, S. and Langheinrich, M., 2019. Engineering Privacy by Design: Are engineers ready to live up to the challenge?. The Information Society, 35(3), pp.122-142.
Bennett, C.J., 2018. The European General Data Protection Regulation: An instrument for the globalization of privacy standards?. Information Polity, 23(2), pp.239-246.
Bu, F., Wang, N., Jiang, B. and Liang, H., 2020. “Privacy by Design” implementation: Information system engineers’ perspective. International Journal of Information Management, 53, p.102124.
Büscher, M., Perng, S.Y. and Liegl, M., 2019. Privacy, security, and liberty: Ict in crises. In Censorship, Surveillance, and Privacy: Concepts, Methodologies, Tools, and Applications (pp. 199-217). IGI Global.
Cavoukian, A., 2020. Understanding How to Implement Privacy by Design, One Step at a Time. IEEE Consumer Electronics Magazine, 9(2), pp.78-82.
Dias Canedo, E., Toffano Seidel Calazans, A., Toffano Seidel Masson, E., Teixeira Costa, P.H. and Lima, F., 2020. Perceptions of ICT practitioners regarding software privacy. Entropy, 22(4), p.429.
Drev, M. and Delak, B., 2021. Conceptual Model of Privacy by Design. Journal of Computer Information Systems, pp.1-8.
Gabel, A. and Schiering, I., 2018, August. Privacy Patterns for Pseudonymity. In IFIP International Summer School on Privacy and Identity Management (pp. 155-172). Springer, Cham.
Justinger, J., Heuer, T., Schiering, I. and Gerndt, R., 2019. Forgetfulness as a feature: Imitation of Human Weaknesses for Realizing Privacy Requirements. In Proceedings of Mensch und Computer 2019 (pp. 825-830).
Morales-Trujillo, M.E., Matla-Cruz, E.O., García-Mireles, G.A. and Piattini, M., 2018, April. Privacy by Design in Software Engineering: a Systematic Mapping Study. In CIbSE (pp. 107-120).
Pattakou, A., Mavroeidi, A.G., Diamantopoulou, V., Kalloniatis, C. and Gritzalis, S., 2018, August. Towards the design of usable privacy by design methodologies. In 2018 IEEE 5th International Workshop on Evolving Security & Privacy Requirements Engineering (ESPRE) (pp. 1-8). IEEE.
Poritskiy, N., Oliveira, F. and Almeida, F., 2019. The benefits and challenges of general data protection regulation for the information technology sector. Digital Policy, Regulation and Governance.
Romanou, A., 2018. The necessity of the implementation of Privacy by Design in sectors where data protection concerns arise. Computer law & security review, 34(1), pp.99-110.
Sangaroonsilp, P., Dam, H.K. and Ghose, A., 2021. Common Privacy Weaknesses and Vulnerabilities in Software Applications. arXiv preprint arXiv:2112.13997.
Vemou, K. and Karyda, M., 2018. An Evaluation Framework for Privacy Impact Assessment Methods. In MCIS (p. 5).
Zaeem, R.N. and Barber, K.S., 2020. The effect of the GDPR on privacy policies: Recent progress and future promise. ACM Transactions on Management Information Systems (TMIS), 12(1), pp.1-20.
To export a reference to this article please select a referencing stye below:
My Assignment Help. (2022). Privacy In Information Technology: Essay On Properties, Principles, And Implementation.. Retrieved from https://myassignmenthelp.com/free-samples/ict303-professional-ethics-in-computing/privacy-in-information-technology-file-A1D4FDA.html.
"Privacy In Information Technology: Essay On Properties, Principles, And Implementation.." My Assignment Help, 2022, https://myassignmenthelp.com/free-samples/ict303-professional-ethics-in-computing/privacy-in-information-technology-file-A1D4FDA.html.
My Assignment Help (2022) Privacy In Information Technology: Essay On Properties, Principles, And Implementation. [Online]. Available from: https://myassignmenthelp.com/free-samples/ict303-professional-ethics-in-computing/privacy-in-information-technology-file-A1D4FDA.html
[Accessed 01 March 2024].
My Assignment Help. 'Privacy In Information Technology: Essay On Properties, Principles, And Implementation.' (My Assignment Help, 2022) <https://myassignmenthelp.com/free-samples/ict303-professional-ethics-in-computing/privacy-in-information-technology-file-A1D4FDA.html> accessed 01 March 2024.
My Assignment Help. Privacy In Information Technology: Essay On Properties, Principles, And Implementation. [Internet]. My Assignment Help. 2022 [cited 01 March 2024]. Available from: https://myassignmenthelp.com/free-samples/ict303-professional-ethics-in-computing/privacy-in-information-technology-file-A1D4FDA.html.