Implementing DP principles using Data Protection By Design - By Default

Intro

Τhis material aims to provide practical guidance on how to implement data protection by design and by default in practice.
In particular, practical examples are provided, as well as known bad practices, in order to allow a system analyst/designer/developer to identify the main challenges towards ensuring the fulfilment of the aforementioned principles
(Recall that, although the data protection by design and by defaults are legal obligations for the data controllers, the role of system/product developers is crucial).

At the end of the study, the reader is expected to:

Understand the importance of data protection by design and by default
Be familiar with known problems/challenges to implement these principles
Be able to identify several pitfalls with respect to data protection by design and by default
Have knowledge of a proper guide towards implementing these principles

Examples

How to efficiently implement the principles of transparency, lawfulness and fairness?
- Be careful on how accurate, clear and easily accesible/readable is the information provided to the users
- Not vague formulations….
- Not dark patterns….
- Is any third party employed?
  E.g. Do you implement an Android app that is based on third-party libraries?

⇒ See relevant slides

How to efficiently implement the principles of purpose limitation, data minimisation and accuracy?
- Be careful on the purpose of the processing; having (“legally”) the users’ data does not allow making use of them for other purposes
  Does the design exclude such an option? E.g. Is a connection between different datasets, for different purposes, not possible?
- Are the data processed the minimum possible?
  Be careful: Proper pseudonymisation may be prerequisite in some cases
  
  Do you erroneously consider data as anonymous, but they are actually not?
- Do you implement measures towards ensuring accuracy of data?
  Are your sources trusted?
  
  What about users with “similar/almost similar identifiers”? E.g. what about two different users named Mary Adams?

⇒ See relevant slides

How to efficiently implement the principles of storage limitation and security of data?
- Is the retention time well-determined? If yes, is it ensured that it is implemented properly?
  Be careful of what remains in temporary storage, backups etc.
  
  Is data recovery indeed impossible?
- Do you anonymise instead of delete?
  Be careful: Data anonymisation is by itself a personal data processing
  
  Not always an easy task: Is it ensured that the resulting data are indeed anonymous?
- Are your decisions on security measures ad-hoc or relying on a systematic risk management?
  Ad-hoc empirical decisions is not the proper way…
  
  Even simply adopting the latest version of a security program/protocol is not adequate…
  
  Always consider the weakest link in the security chain…

⇒ See relevant slides

What about data protection by default?
- Which are the proper default settings?
- Are any guiding questions to help in making the proper choice for the default settings?

⇒ See relevant slides

Implementing DP principles using Data Protection By Design - By Default

Intro

Examples

General References