The exemplary embodiment relates to a system and method for maintaining the privacy of personal information and finds particular application in connection with online services.
Most online (webserver) applications are not built to ensure protection of personal information. Several regulatory bodies, for example the European Union, are drafting regulations to require online service providers to ask users for the users' explicit consent for use of the users' information. See, for example, “Proposal for a Regulation of the European Parliament and of the Council on the Protection of Individuals with regard to the Processing of Personal Data and on the Free Movement of Such Data,” European Commission (Jan. 25, 2012).
The privacy-by-design approach is a generic engineering principle stating, when applied to development of online services, that the protection of private data is to be considered as a feature from its initial design to implementation. In particular, the proposed EU regulation requires assuming that, when the privacy feature is not considered, data protection must be guaranteed at the most restrictive requirement possible. i.e., there should be no use of the data. This requirement is known as privacy by default. In other words, every record of the application containing information related to a person is considered as private and cannot be communicated or used without explicit authorization of the owner of the data. This extreme requirement makes it difficult to conduct existing online businesses since the existing software infrastructure often has not been developed with privacy guarantees in place. Additionally, privacy-by-default may not be desired by some users who want to allow some data to be used. Privacy-by-consent allows users to select which private data to be disclosed.
A method and system are described which address the problems of integrating privacy requirements into an existing application.