Paper Number
1329
Paper Type
Complete Research Paper
Abstract
The privacy-by-design (PbD) paradigm was formulated to embed privacy throughout the entire life cycle of systems, processing activities, and data. However, existing research describes a lack of clarity, guidance, and structure resulting in this field being stuck in high-level principles and guidelines. The aim of this research is to investigate the functional composition of the PbD domain by identifying key practices and distilling activity categories. Two multivocal literature reviews are conducted to examine (1) privacy-related maturity models and (2) works related to PbD application. A total of 847 consolidated PbD practices were identified from various fields and disciplines, aggregated through a coding approach, and subsequently used to structure the domain into 14 prominent activity categories. We provide a first holistic overview of organisational PbD activities. This can aid in developing new artifacts that improve upon existing artifacts which currently insufficiently support the multidisciplinary nature of PbD.
Recommended Citation
Muszynski, Michel; van Dijk, Friso W.; and Brinkkemper, Sjaak, "Mapping the Privacy-by-Design Domain and Its Organisational Activities: Two Multivocal Literature Reviews" (2024). ECIS 2024 Proceedings. 23.
https://aisel.aisnet.org/ecis2024/track12_digtrans/track12_digtrans/23
Mapping the Privacy-by-Design Domain and Its Organisational Activities: Two Multivocal Literature Reviews
The privacy-by-design (PbD) paradigm was formulated to embed privacy throughout the entire life cycle of systems, processing activities, and data. However, existing research describes a lack of clarity, guidance, and structure resulting in this field being stuck in high-level principles and guidelines. The aim of this research is to investigate the functional composition of the PbD domain by identifying key practices and distilling activity categories. Two multivocal literature reviews are conducted to examine (1) privacy-related maturity models and (2) works related to PbD application. A total of 847 consolidated PbD practices were identified from various fields and disciplines, aggregated through a coding approach, and subsequently used to structure the domain into 14 prominent activity categories. We provide a first holistic overview of organisational PbD activities. This can aid in developing new artifacts that improve upon existing artifacts which currently insufficiently support the multidisciplinary nature of PbD.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.