Pretend. Protect. Preserve.

I’ve been thinking about a categorization of information systems as to how they relate to privacy. This has mostly been in the context of and in preparation for my speech on privacy engineering in the cloud. I want to give people a sense of the differences between approaches. So here is my breakdown:

Privacy Pretending is essentially when a system owner says “Trust us. We respect your privacy. Your privacy is important to us” but doesn’t really take any steps to protect or preserve privacy.

Privacy Protecting means information security. Steps are taken by the system owner to protect confidential information, be that encryption, physical security measures, policies or procedures.

Privacy Preserving is the pinnacle where privacy is preserved and by privacy I mean the decision making capabilities of the data subject as to the confidentiality.

When you frame privacy as a matter of decisional control over information, it’s easy to see the three options. Pretending you respect privacy means control is neither retained by the data subject nor are previous indications of what to do with information respected. Protecting privacy means that previous decisions are respected but control is ceded to the system owner. Privacy preserving allows the data subject to retain control.