Syllabus Point
- Use and explain the 'privacy by design' approach in the development of software solutions
Including:
- proactive not reactive approach
- embed privacy into design
- respect for user privacy
Privacy by design is a proactive approach that anticipates potential privacy issues and addresses them during the design and development phase, ensuring data is protected by default without requiring users to take additional steps to secure their information.
Proactive not reactive approach
'Privacy by Design' is a proactive approach that prioritises integrating strong privacy practices throughout the entire lifecycle of a software product, including into specifications and the structure of new systems during planning.
| Proactive Security Approach | Reactive Security Approach | |
|---|---|---|
| Description | Anticipating potential security and privacy issues, and addressing them during the design and development phase of a project. Developers can ensure data is protected by default, without requiring users to take additional steps to secure their information. | Focused on responding to security breaches and privacy violations after they occur. Solves immediate issues, but it may come too late - can limit damage after a breach, but it is not as effective as proactive. |
| When | During the design and development process | After a breach or security event |
| Focus | Prevents issues before they occur | Focus on damage control and patching vulnerabilities |
| Data | Minimising data collection and risks | Short-term fixes, leaves the system vulnerable to future breaches |
| Protection | Stronger long term protection | Addresses immediate issues only |
Proactive security techniques
- Minimising the collection of data - only collecting data that is necessary
- Default privacy settings - most secure by default
- Encryption by default
- User control over data
- Anonymising sensitive information
- Using secure communication channels
Embed privacy into design
Privacy is integrated into the architecture and functionality of the software from the ground up. This means that privacy controls are built into the system's core, ensuring that user data is protected throughout its lifecycle.
Implementation
- Privacy-enhancing technologies like encryption and anonymisation
- Collecting the minimum amount of personal data
- Privacy by default settings
Respect for user privacy
Recognising and honouring the rights of users to control their personal data. Transparent data practices give users the ability to manage their information and ensure data is used ethically and responsibly.
Risks of using email
Email as personally identifiable information
Emails are considered Personally Identifiable Information. If user emails are exposed, it increases the risk of unauthorised access, phishing attacks, spam or identity theft. Emails should be replaced with nicknames throughout the system - follows the principle of least privilege.
Phishing attacks
Should use an internal notification system - not use emails for invitations but handle them directly in the web application.
Email spoofing
Attackers manipulate the 'From' field in an email to appear to come from a trusted source. Should use internal notifications handled by the application instead.
Controlled access and authentication
Only logged-in users should be able to receive notifications. Allows the application control over who and how people are notified.
Prevention of email interception and man-in-the-middle attacks
During the transmission of an email, data can be intercepted, altered or read by attackers. Using internal application notifications prevents this.
Related Resources
Keep Progressing
Use the lesson navigation below to move through the module sequence.
