March 2012

Ok that may be a little bit of an overstatement, but I do think that this new concept of ‘Privacy By Design’ is the future of privacy in terms of SaaS privacy and software privacy.

Here are 3 simple things you should know about Privacy By Design:

1) ‘Being Adopted’ in the US (Invented in Canada). This methodology (if you can call it that) was actually conceived by the Information and Privacy Commissioner of Canada (Ann Cavoukian), but  the US Federal Trade Commission is joining in. While this is not the law (yet) in the US, the FTC is trying to get companies to think about adopting Privacy by Design when they are sued by the FTC for privacy violations, and it is being addressed/referenced in draft privacy legislation in the US…..not too hard to connect the dots. Also, it is already global (and has been translated into multiple languages), which is really a great thing.

2) Build Privacy Into Software Development. As soon as I read this, I thought ok this is how privacy should be addressed in SaaS and software (it should be thought about during design of the software and not an after thought….which it too often is). To me this is merely part of the evolution of privacy as part of the software development process, as at first privacy was not that big of an issue for software companies (therefore, developers did not spend a lot of time …