Recently, the Stanford Center for Internet and Society and the Future Privacy Forum hosted an App Developer Privacy Conference. The event brought together technologists, lawyers, and business people giving them the chance to communicate their challenges and understand what really needs to happen in privacy from every side.
One of the more interesting issues raised at the conference came from developers: they want clear guidelines from lawyers explaining what they can or cannot do. The challenge, however, is that technology is constantly changing. Nonetheless, there are some constants that will not change which lawyers can communicate to developers to keep in mind to design for privacy.
Data Context and Sensitivity
The context in which data is collected and the sensitivity of data are two essential areas to address. Prioritize notice and choice for more sensitive data based on context of data collection. Convey this importance to developers so they may appropriately respond to legal needs and provide users with choice or ensure security.
Unfortunately, there is not much consistency across the industry on the meaning of important terms for privacy. However, attorneys have the ability to use consistent terms across different policies in a single company. If developers understand what terms mean in one policy, they will more easily be able to later design in line with other relevant policies as well.