Built to last: The new discipline of privacy engineering

Privacy news
4 mins
What is privacy engineering?

This post was originally published on September 21, 2016.

Software has come a long way since the dawn of the Computer Age, but software design is still the same animal.

Engineers write code to give users what they want (email, photos, a social network, a game), and then iterate, iterate, iterate, gradually adding more features and eliminating bugs until the app is ready for release. From there, even more features can be added and adjusted depending on user demand.

Lately, users have been demanding one feature in particular: privacy. The growing urgency for privacy is especially evident in the backlash against Microsoft and Spotify, for what users saw as creepy data-collection privacy policies.

But adding privacy to software is like adding a lock to a house. The lock only works if people are honest enough to respect it. Because even if your house has a big, shiny lock on it, it won’t stop hackers and spies from breaking your windows and stealing whatever they want, if they want it badly enough.

That’s why a growing number of digital privacy advocates are calling for privacy to be a part of the software design process starting at the most basic, grassroots level. It’s called Privacy Engineering, and though it’s a relatively small discipline now, it’s about to become big business.

Taking a grassroots approach

A senior engineer at Xerox, quoted in Forbes, likens the rise of privacy engineering to the rise of organic farming:

The value of personal data can hardly be exaggerated, as businesses seek to improve competitiveness through customer insight, or create novel services and business models that respond in real time to customer data. I like to compare the rise in public concern over data privacy to what has happened in agriculture, where health and environmental concerns over food have spurred a rapid growth in organic farming. Just as farmers must choose whether to be organic or not, I believe that businesses must make a fundamental strategic choice about what kind of business they want to be when it comes to data privacy.
Thierry Jacquin,
Senior Research Engineer in Enterprise Architecture
Xerox Research Centre Europe

By “fundamental,” Jacquin is referring to integrating legal definitions of privacy and property ownership at the systems level, the same way operating systems have access rules for even the most basic file storage.

With privacy policies baked into the foundations of their software, privacy is no longer an afterthought, and developers at higher levels don’t have to waste creative energy trying to hack together bridges to comply with privacy laws and protect their users.

The cycle of transparency and trust

Transparency is often seen as a counterintuitive metaphor in privacy engineering, which is after all the business of making your data opaque. But to build trust, the mechanisms that protect your data need to be open to scrutiny, not just from you but from everyone.

Privacy engineering seeks to build trust over time. By default, software must declare transparently and state exactly what information it collects from a user. As the user interacts with the service, the sharing protocol evolves, and the process is streamlined.

It’s the solution to the age-old trade-off between convenience and security:

Start with pure security and gradually move the slider towards convenience, not the other way around.

The nuts and bolts of effective privacy

But building privacy into software from the beginning is much easier said than done. As James Connolly, editor of All Analytics, explains:

For starters, it requires that developers, security personnel, data specialists, and the business owners get on the same page early in the design process. It also is likely to require that those same players work together throughout the development lifecycle. From a logistics point of view, that can be a pain. But, so is explaining the loss of thousands of customer records in a breach.
James M. Connolly,
Editor, All Analytics

Engineers don’t necessarily enjoy talking to lawyers before writing code. Entrepreneurs sitting on a killer app idea might not want to sit through security meetings before putting marker to whiteboard. It’s likely that, at least for the foreseeable future, Privacy Engineering will become the “flossing” of software design: popular in theory, painful in practice, hard to want to do, but ultimately good for you.

Protect your privacy

While Privacy Engineering is a relatively new philosophy with a growing number of proponents, there’s still plenty you can do to protect your privacy.

For starters, EFF’s Who’s Got Your Back report is a good ranking of how well major developers support user privacy. Support the companies who care about keeping your information safe, and boycott the ones who are all too happy to hand over your details to the government or anybody else who asks.

In the meantime, keep your eyes peeled over the next several months for more companies weighing in on Privacy Engineering. Take note of the ones who have nothing to say about the matter. Because chances are they have nothing to gain from protecting your data privacy.

Johnny 5 is the founding editor of the blog and writes about pressing technology issues. From important cat privacy stories to governments and corporations that overstep their boundaries, Johnny covers it all.