1. Home
2. Events
3. European Identity & Cloud Conference 2014
4. OASIS Workshop

OASIS Workshop

Designing Privacy into our ‘Smart’ Systems and Services

"Smart" technologies are helping to solve many modern day challenges: making our living space "smarter," our cities more efficient and livable, and bringing networked functionality to transportation, public facilities and services. But the networked storage and streams of data associated with these new technologies and their integration into big data systems create new risks for personal privacy. In this sense, privacy is not about having something to hide, it's about transparency and personal control. In the case of smart cities, privacy concerns arise in many ways: when there is the possibility of unauthorized services or when third parties access sensitive information, such as habits and behaviors, personal relationships or account information and use this information without an individual's consent. The increased integration and inter-relationship of smart applications amplify the potential for systemic risks to personal privacy.

0900 – 0905 – WELCOME AND INTRODUCTIONS –Gershon Janssen

0905– 0950 – WORKSHOP CONTEXT, ANN CAVOUKIAN VIDEO, PBD PRINCIPLES – Michelle Chibba

09:50 – 10:35– PRIVACY BY DESIGN AND SOFTWARE ENGINEERING, THE PBD-SE TC – Dawn Jutla

10:35 – 11:00 – PMRM OVERVIEW AND PRIVACY MANAGEMENT ANALYSIS TOOLS DEVELOPMENT – John Sabo, Gershon Janssen

11:00 – 11:15 – BREAK

11:15 – 11:45 – USING XACML AND ABAC TO PROTECT PII AND PHI – David Brossard

11:45 – 12:10 – USE CASES: APPLYING PBD IN SMART GRID SYSTEMS (Hydro One, San Diego Gas & Electric, and Vatenfall) – Michelle Chibba

12:10 – 12:55 – GAPS AND WORKS IN PROGRESS: TECHNICAL STANDARDS TO SUPPORT PRIVACY BY DESIGN IN SMART SYSTEMS – John Sabo, Panelists

12:55 – 13:00 - CONCLUDING REMARKS

 

"Smart" technologies are helping to solve many modern day challenges: making our living space "smarter," our cities more efficient and livable, and bringing networked functionality to transportation, public facilities and services. But the networked storage and streams of data associated with these new technologies and their interaction with big data systems create new risks for personal privacy. In this sense, privacy is not about having something to hide, it's about transparency and personal control. In the case of smart cities, privacy concerns arise in many ways: when there is the possibility of unauthorized services or when third parties access sensitive information, such as habits and behaviors, personal relationships or account information and use this information without an individual's consent. The increased integration and inter-relationship of smart applications amplify the potential for systemic risks to personal privacy.

 

This workshop will help business owners, software developers, and policy makers understand how to move from the abstract PbD principles toward implementation and conformance assessment in “smart” systems and services.  The workshop will include:

 

• An overview of the seven foundational principles of PbD including its motivation and benefits and how standardization initiatives underway in OASIS are addressing the challenges of Assessing privacy management risks in complex, "smart" systems and applications.
• A video message to participants from Ontario Privacy Commissioner, Ann Cavoukian, the creator of PbD.
• An overview of the current work of the OASIS Privacy by Design Documentation for Software Engineers (PbD-SE) technical committee and the relationship of PbD to software engineering, embedded code, and application development.
• An update on the OASIS Privacy Management Reference Model and Methodology (PMRM) specification and a PMRM-based privacy management analysis template now under development to support the baseline analysis needed for Privacy by Design assessments.  
• The applicability of Attribute Based Access Controls (ABAC) and privacy profiles developed by the OASIS XACML (eXtensible Access Control Markup Language) Technical Committee in support of technical privacy management solutions and standards where XACML can play an important role.
• An overview of Smart Meter Use cases: PbD smart meter technical and service implementation projects and the benefits of PbD to business
• A discussion of the gaps in standards and technology that must be filled to ensure that PbD implementations are possible.

 

It may be impossible to envision all potential risks in the design and implementation phases of "smart" projects, but using Privacy by Design approaches in the development of smart applications and systems can help dramatically.  Developing user-centric, user-driven tools can also ensure that users' privacy rights and preferences are integrated into smart technologies and services, giving individuals greater measures of control of their own personal information and some ability to identify and remedy problems.  As privacy and security risk management practices continue to take center stage in our headlines, and governments enforce stronger privacy laws and regulations, making smart technologies user-centric should be seen as an exciting challenge for industry, and even as a way to generate customer loyalty and revenue growth. 

 

The broader challenge will be to understand the societal values that our communities see as imperatives, such as the fundamental right to privacy and user control, and to ensure their integration as much as possible in the new "smart" architectures, technologies, and business practices surrounding the provision, delivery, and use of services. By doing this, developing badly needed standards, and designing privacy into smart systems, we can achieve improved system functionality, more effective risk management and greater public awareness and confidence.

Organizer

Speakers

Stay Connected

Information

Partners

The OASIS Workshop is proud to present our partners
Learn more

How can we help you