Engineering Privacy

Article Source: IEEE Transactions on Software Engineering, Vol. 35, No. 1, pp. 67-82, January/February, 2009
Publication Date:
Time to Read: 2 minute read
Written By:

 Sarah Spiekermann

Sarah Spiekermann

Search for the full article on Bing



This article reviews how engineers can design computer systems to protect privacy.


Policy Relevance:

Engineers should design systems to ensure that users have more knowledge and control over how their data is used.


Key Takeaways:
  • So far, engineers have given little thought to designing systems that help protect privacy.
  • Privacy means controlling access to one’s personal sphere and data, and also limiting the risk that the data will be used in a harmful way.
  • Engineers can affect the privacy of data controlled by users, by data recipients such as online retailers, and in between. Data transfer, data storage, and data processing can all affect privacy.
    • Automatic transfers of data that happen without the knowledge of the user raise more privacy risks than transfers of data of which the user is aware.
    • Transient or temporary storage raises fewer concerns than long-term storage.
  • Many users are willing to reveal private information in social setting like Facebook, or when involved in buying and selling, but concerns about privacy can still affect their behavior. Firms that do not protect privacy can suffer a backlash.
  • Systems either protect privacy through their engineering architecture, automatically avoiding data collection, or using privacy policies. Most business rely on privacy policies.
  • In designing systems, engineers make choices about network architecture and how data and users are tagged and identified that affect privacy.
    • Systems can relay information to users from servers through intermediaries that make the user more anonymous.
    • Systems that store data with the user, or “client,” often protect privacy better than network-based systems, but might not work with some business models.
    • Systems can be designed to store only essential data about users.
  • If a system is not designed to keep users anonymous, engineers should design the system to help ensure that users have notice and choice about how their data is used.



Lorrie Faith Cranor

About Lorrie Faith Cranor

Lorrie Faith Cranor is the Director and Bosch Distinguished Professor in Security and Privacy Technologies of CyLab and the FORE Systems Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University. She also directs the CyLab Usable Privacy and Security Laboratory (CUPS) and co-directs the MSIT-Privacy Engineering masters program. She teaches courses on privacy, usable security, and computers and society.

See more with Lorrie Faith Cranor