Log in / Register
Home arrow Computer Science arrow The Privacy Engineer’s Manifesto
< Prev   CONTENTS   Next >

Data Privacy Governance Frameworks

The OECD Guidelines, that were discussed in Chapter 2, is one of the better-known privacy governance frameworks. In addition to it, are other global and regional frameworks such as the 1995 EU Data Protection Directive (also known as Directive EU 95/46/EC), the Federal Trade Commission's version of the Fair Information Privacy Principles, (FIPPs), the ISO 2700x series of security standards, and the Generally Accepted Privacy Principles (GAPP), which were created by the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA) Privacy Task Force.

All these and others are worth knowing and learning about to perfect a privacy engineering tradecraft.

you can see from Table 3-1 how the various frameworks cited align. one of the most comprehensive is GAPP, which was designed to create a set of principles that would encompass the key points of the existing frameworks.

Table 3-1. How Key Privacy Frameworks Align

Generally Accepted Privacy Principles (GAPP)

According to the American Institute of Certified Public Accountants (AICPA), which developed the Generally Accepted Privacy Principles:

Generally Accepted Privacy Principles (GAPP) have been developed from a business perspective, referencing some, but by no means all, significant local, national and international privacy regulations. GAPP operationalizes complex privacy requirements into a single privacy objective that is supported by 10 privacy principles. Each principle is supportedbyobjective, measurablecriteriathatformthebasisforeffective management of privacy risk and compliance in an organization.{ See AcceptedPrivacyPrinciples/DownloadableDocuments/10261378ExecOverviewGAPP.pdf{}}

The following are the 10 GAPP:

1. Management: The entity defines, documents, communicates, and assigns accountability for its privacy policies and procedures.

2. Notice: The entity provides notice about its privacy policies and procedures and identifies the purposes for which personal information is collected, used, retained, and disclosed.

3. Choice and consent: The entity describes the choices available to the individual and obtains implicit or explicit consent

with respect to the collection, use, and disclosure of personal information.

4. Collection: The entity collects personal information only for the purposes identified in the notice.

5. Use, retention, and disposal: The entity limits the use of personal information to the purposes identified in the notice and for which the individual has provided implicit or explicit consent. The entity retains personal information only as long as necessary to fulfill the stated purposes or as required by law or regulation and thereafter appropriately disposes of such information.

6. Access: The entity provides individuals with access to their personal information for review and update.

7. Disclosure to third parties: The entity discloses personal information to third parties only for the purposes identified in the notice and with the implicit or explicit consent of the individual.

8. Security for privacy: The entity protects personal information against unauthorized access (both physical and logical).

9. Quality: The entity maintains accurate, complete, and relevant personal information for the purposes identified in the notice.

10. Monitoring and enforcement: The entity monitors compliance with its privacy policies and procedures and has procedures to address privacy-related complaints and disputes.

We will show in later chapters how frameworks like the OECD Guidelines and GAPP are used as a basis for developing the enterprise's privacy policies, processes, procedures, standards, guidelines, and mechanisms.

By Joel Weise, Director of security and Compliance, Hootsuite

The iso 27001:2005 “information technology—security techniques—information security management systems—Requirements” and the complementary iso 27002:2005 “information technology—security techniques—Code of practice

for information security management” standards provide a very good framework for defining, creating, and managing a comprehensive security architecture and governance framework that supports not only security but also privacy. some of the primary advantages are that these are mature standards, internationally recognized and well harmonized with other local and national standards such as the Us nisT

special Publication 800-53 “Recommended security Controls for Federal information systems and organizations.” Further, when utilized, the standards can enable compliance to privacy laws, demonstrate an organization's commitment to privacy and minimize, or limit the opportunity for breaches that could affect security and privacy of data, people as well as supporting technology and governance.

The overall value of the standards is to elaborate an information security management system (isMs) as noted in iso 27001:2005 and based on the security control objectives as noted in iso 27002:2005. The isMs uses a continuous improvement approach so that it is flexible and can change as new laws, technology, and threats emerge. The standards further allow for the foundation of a framework that can be audited so that its effectiveness can be measured. such a foundation

is critical to supporting security and privacy efforts in an organization. According to the standards, “The isMs is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.” This goal is fundamental to how the isMs functions and

addresses both security and privacy. The overall benefit of the standards is that they are used to enable the design, configuration, implementation, and use of controls that reflect best practices, and, most important, it allows for interoperability and a lingua franca so that different organization, security, and privacy professionals as well as auditor and legal authorities can analyze the use of those controls.

When considering security and privacy controls, one must always consider the costs of such controls. it is important that controls be balanced against their actual and intangible costs. For example, it would not be reasonable to implement a $100 control to address a risk that is only worth $10. A security practitioner must always evaluate controls within the business context of the environment in which they will be implemented. in addition to an actual value, one must consider the intangible costs of controls. For example, even if a $100 control is used to address a risk valued at $1,000, the security practitioner must consider intangible costs such as the impact the moral, productivity, and general perception of security. if a control negatively impacts the organization, even in such intangible ways, those should be taken into consideration.

The iso 27002:2005 standard has 11 different sections. Table 3-2 outlines each of these areas as they apply to privacy.

Table 3-2. Standards that Apply to Privacy

able 3-2. (continued)

Table 3-2. (continued)

Found a mistake? Please highlight the word and press Shift + Enter  
< Prev   CONTENTS   Next >
Business & Finance
Computer Science
Language & Literature
Political science