Operationalizing Privacy by Design: an Indian illustration
Authors
Ankit Kapoor
5th Year Student, B.A.-L.L.B, National Law School of India University,
Bangalore, India, ankitkapoor@nls.ac.in. The author would like to thank
Mr. Rahul Matthan for his inputs and his enlightening seminar course.
This article identifies Privacy by Design [“PbD”] as a suitable regulatory approach to address the attack on personal data in the Fourth Industrial Revolution. It proposes Privacy Engineering [“PE”] as a concrete methodology to operationalize the otherwise vague Privacy by Design. Privacy Engineering operationalizes the normative knowledge of privacy into specific use cases through layers of flexible abstract thinking, interconnected through a “web of templates”. This “web of templates” can be constructed by answering the two-fold question of relevancy and extent of data protection required. PE provides regulators with a specific language in which they can communicate with data controllers to establish privacy obligations and undertake prioritized capacity building for resource-deprived data controllers.
