Privacy by Design, a globally accepted framework for personal data management and privacy protection, advances the view that privacy cannot be assured solely by compliance with regulatory frameworks but must become an organisation’s default mode of operation. We are proposing a similar template for the research ethics review process.
The argument that privacy stifles Big Data innovation reflects a dated, zero-sum mindset. It is a false dichotomy, consisting of unnecessary trade-offs between the benefits of Big Data and the protection of personal information within Big Data sets. In fact, the opposite is true—privacy drives innovation and it forces innovators to think creatively to find solutions that serve multiple functionalities. We need to abandon zero-sum thinking and adopt a positive-sum paradigm where both Big Data innovation and privacy may be achieved.
Above all, Privacy by Design requires architects and operators to keep the interests of the individual uppermost by offering such measures as strong privacy defaults, appropriate notice, and empowering user-friendly options. The goal is to ensure user-centred privacy in an increasingly connected world. Keep it user-centric.
Privacy by Design seeks to assure all stakeholders that whatever the business practice or technology involved, it is in fact, operating according to the stated promises and objectives, subject to independent verification. The data subject is made fully aware of the personal data being collected, and for what purpose(s). All the component parts and operations remain visible and transparent, to users and providers alike. Remember, trust but verify!