It has been almost 20 years since I developed the concept of Privacy by Design (PbD). Reflecting on the widespread acceptance it currently enjoys within the public and private sectors, as well as its endorsement by the International Association of Data Protection Authorities and Privacy Commissioners, the U.S. Federal Trade Commission, the European Union and privacy professionals, is particularly gratifying.
An accountability-based regulatory structure is one where organizations are charged with societal objectives, such as using information in a manner that maintains individual autonomy and protecting the individual from social, financial and physical harms that might come from the mismanagement of information, while leaving the actual mechanisms for achieving those objectives to the organization. One of the best conceptual models for building in the types of controls suggested by Professor Schwartz is Privacy by Design.
Information is the new currency of our economy. Since the dawn of the digital era, information has become increasingly available, and at a scale previously unimaginable. According to IBM, each day, 2.5 quintillion bytes of information are being created and, over 90 percent of the information currently in existence has been created in the past two years.
This paper introduces the concept of Privacy-Protective Surveillance (PPS) – a positive-sum, “win-win” alternative to current counter-terrorism surveillance systems – and proposes a methodology for its implementation within the framework of Privacy by Design.