Privacy Atrophy

Great privacy foundations may not be enough to ensure lasting privacy protections

Privacy by design is great, as systems can integrate privacy into their foundations.  Privacy should not be tacked on at the end of the system design.   However, this week I’ll address one reason why great privacy foundations may not be enough to ensure lasting privacy protections in software systems.  

What causes Privacy Atrophy?

Even a system that’s designed with privacy from the get-go can later discover privacy vulnerabilities. Privacy flaws can arise over time in released products even if the product design hasn’t changed.  This happens when the privacy landscape has changed.  I call this “privacy atrophy”, as it can be a gradual degradation in privacy protections.   Privacy atrophy in released software systems is caused by three main factors. 

The social or cultural context can change.  For example, there is now greater awareness about the sensitivity of fields such as “sex” and “gender.”  These are no longer seen as static over time, and an official “sex” data point on a person might not match a person’s own preferred definition.  

New privacy vulnerabilities are being discovered.  New privacy vulnerabilities are being discovered both by privacy researchers and unfortunately also by malicious hackers.  For example, our definition of “identifiable” has changed as we’ve seen creative attacks and re-identification of data sets that were considered “anonymized.”  Removing strong identifiers may have been fine when releasing datasets a decade ago; it certainly doesn’t fly today.  

Other technology changes around your product.  When fundamental changes occur to the OS, browser, or integrations, it can have an impact on the original privacy design.  For example, Chrome has announced that it will change how cookies are handled.  Websites will have to update their cookie mechanisms.  

Does Privacy Atrophy impact your system?  It depends on how old your production system is and how sensitive your data is.  Even well-designed systems need to be reviewed over time.  If you built your system with privacy by design, remedial privacy will certainly be easier.  If you build your systems with privacy remediation by design, you are ahead of the game.  

About the author 

Rebecca

Dr. Rebecca Balebako is a certified privacy professional (CIPP/E, CIPT, Fellow of Information Privacy) who helped multiple organizations improve their privacy through research, analysis, and engineering. 

Our Vision

 We work together with companies to build data protection solutions that are lasting and valuable, thereby protecting privacy as a human right.  

Privacy by Default

respect

Quality Process

HEALTH

Inclusion

>