The Architecture of Privacy Management

Abstract

The previous chapter has presented how to implement the Privacy Management Model (PMM) in the market with the help of Personal Information Administrators (PIAs). They support data subjects in managing their personal data in the ICT systems of service providers. This can be achieved only by means of technological tools. But, as discussed in Chapter 4, technology is not just the implementation of legal measures; it is a separate tool, the ‘code’, which should shape online architecture to achieve balance in the relationships between data subjects and online service providers. This is important because, as noted in Chapter 3, regardless of the legal mechanisms involved, the architecture of online services is the source of the imbalance of power. So, the countermeasures should also be architectural and should enable individuals to make choices currently disabled by the architecture. The discussion below presents these countermeasures and verifies that it is feasible to implement the PMM model through technology. The architectural countermeasures needed to implement PMM should consist of two broad groups that collectively cover supporting data subjects in exercising informational self-determination: tools for expressing and communicating privacy decisions and tools for enforcement and accountability. First, the technology should enable data subjects to express and communicate their privacy decisions, which make up their privacy policies in the PMM. This cannot be done without the organisation of personal data and their uses. Therefore, section 1 below presents the ways to express privacy decisions and section 2 puts forward the proposition for organisation of data and data uses, and discusses the way in which it should be presented to data subjects. Second, enforcement and accountability tools (presented in section 3) deal with the problem of monitoring data in the ICT systems of service providers. That is, enforcement tools ensure that privacy decisions of data subjects are respected, while the accountability measures demonstrate that the obligations of data controllers are met. HOW TO EXPRESS AND COMMUNICATE DATA SUBJECTS’ PRIVACY DECISIONS Privacy decisions need to be expressed in some policy language capable of being recorded in computer systems and conveying their meaning along the path of management data (i.e. from the data subject through the PIA to the service provider). Many such languages already exist, so section 1.1 aims to find the best one for PMM. Section 1.2 then discusses existing initiatives in which service providers are giving their customers some privacy management tools.