Rethinking the Proposition of Privacy Engineering

The field of privacy engineering proposes that there exists a methodological framework for designing privacy-protecting information systems. Recognising that the utilisation of privacy-enhancing techniques for data storage and analysis does not address the entire scope of individual privacy, privacy engineering incorporates influences from user sentiment, legal norms and risk analysis in order to provide a holistic approach. Framed by related design principles, such as ‘Privacy-by-Design’, privacy engineering purports to provide a practical, deployable set of methods by which to achieve such a holistic outcome. Yet, despite this aim, there have been difficulties in adequately articulating the value proposition of privacy engineering. Without being able to adequately define privacy or map its contours, any proposed methodology or framework will be difficult to implement in practice. This talk examines the assumptions that underpin privacy engineering, linking them to open questions within privacy research.