Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Privacy by Design applied in Practice and the Consequences for System Developers
KTH, School of Electrical Engineering and Computer Science (EECS).
2019 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesisAlternative title
Applicering av inbyggd integritet och konsekvenserna för systemutvecklare (Swedish)
Abstract [en]

Providing privacy for users is an important matter, data is processed to an increasing extent including sensitive personal information. It is a liability for organizations to take responsibility for the privacy of their users. Organizations are required by law to handle personal information in accordance to General Data Protection Regulation (GDPR). But there is a gap between the legal requirements and the technical solutions. The framework Privacy by Design (PbD) presents guidelines to include privacy in a system but lacks concrete implementations. This paper investigates how PbD can be applied to a system and how it impacts the system development. The study adopts the approach of Colesky, Hoepman and Hillen to apply Privacy by Design in Practice. This was used to develop a system model with consideration of the privacy of users as well as functional requirements and the needs of system developers. The evaluation showed a positive attitude among system developers towards the proposed system model implementing PbD. The system developers estimated that the proposed system model would introduce a slight decrease in productivity but believed the positive aspects of applying privacy would outweigh the disadvantages.

Abstract [sv]

Användares integritet har blivit allt viktigare i takt med att mer data hanteras, inklusive känslig personlig information. Organisationer är skyldiga att ta ansvar för sina användares integritet. Det är obligatoriskt enligt lag för organisationer att hantera personlig information i enlighet med kraven definierade i direktivet Allmän Dataskyddsförordning eller General Data Protection Regulation(GDPR) på engelska. Men det kvarstår en klyfta mellan de juridiska kraven och tekniska lösningar. Inbyggd integritet eller Privacy by Design(PbD) på engelska består av principer för att utforma system med hänsyn till integritet, men metoden saknar konkreta implementationer. Denna studie undersöker hur PbD kan appliceras i ett system och hur det påverkar systemutvecklingen. Studien använder Colesky, Hoepman och Hillens tillvägagångssätt för att applicera PbD i praktiken. Med denna metod utvecklades en modell av ett system som tar hänsyn till användarnas integritet likväl systemutvecklarnas behov och systemkrav. Utvärderingen visade att systemutvecklarna var positiva till den föreslagna systemmodellen implementerad med PbD. Systemutvecklarna estimerade att den föreslagna systemmodellen skulle medföra en lätt minskning i produktiviteten men förmodade att de positiva effekterna av inbyggd integritet skulle väga upp nackdelarna.

Place, publisher, year, edition, pages
2019. , p. 47
Series
TRITA-EECS-EX ; 2019:94
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:kth:diva-251672OAI: oai:DiVA.org:kth-251672DiVA, id: diva2:1316430
Supervisors
Examiners
Available from: 2019-05-24 Created: 2019-05-17 Last updated: 2019-05-24Bibliographically approved

Open Access in DiVA

fulltext(645 kB)28 downloads
File information
File name FULLTEXT01.pdfFile size 645 kBChecksum SHA-512
c5b11b1f499b59a6fc14bdab362f54522f34e5301cf8741b6f1318c4d95bb24236031aa05e181f9e7509f1477dafcf833d253fc64f3c4af5fcf03bb98be34cbe
Type fulltextMimetype application/pdf

By organisation
School of Electrical Engineering and Computer Science (EECS)
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 28 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 76 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf