The Norwegian Data Protection Authority - privacy built in

Oct 27, 2015 | 1 min read | Trondheim Developer Conference

Martha Eike - @marthaeike

Hvordan kan utvikleren ivareta personvernet til den enkelte?

Privacy: you have the right to know where your personal information is stored and what it consists of.

Lol @ Android

As a platform vendor you need to take privacy seriously, the opportunities given to developers will be misused.

Datatilsynet has an anonymity guidance that should be considered before publishing private information.

“Godt personvern for apputviklere” contains guidance for app developers.

Privacy by design

1. Do a Data Protection Impact Assessment (DPIA) early in the projects lifecycle. Assess, determine risks, schedule activities and remedies and document that this has been done.
2. Make it private by default, aka. do the opposite of what Facebook does. Don collect information “just in case you need it”.
3. Think privacy also during design. Example is the iOS location tracking icon (which ironically is off by default).
4. Balance privacy whit business concerns. It’s not either or, it’s both at the same time.
5. Use systems thinking, privacy should be considered in all aspects of the projects solution.
6. Openness. The user should know what information is being stored and what it is used for. The user should be able to op out if needed.
7. Respect the user!