Developing privacy enhanced technology: The INSPEC2T project case study
Whilst we can gain great benefits from innovative technologies that are enabling society to generate and process vast amounts of data, regular reports of privacy and customer data breaches remind us of the need to protect users’ security and the serious consequences deriving from losing control of data.
The INSPEC2T project is a good example of our work in this area, in fact our focus has been on ensuring that the technical solution developed within the project addresses privacy and data security concerns.
The INSPEC2T (Inspiring CitizeNS Participation for Enhanced Community PoliCing AcTions) consortium is developing a technology which will enable collaboration and the exchange of information between citizens and Law Enforcement Agencies (LEAs) to empower citizens in their public safety. In this context, protecting users’ privacy is critical when disclosing information could place users at risk and compromise the success of ongoing operations.
The type of personal data processed by the INSPEC2T solution, including text (e.g., messages), images (e.g., pictures, video), and voice/sound-based data could also potentially place users at higher risk if their identity or location was to be disclosed.
Our team has identified privacy and data security considerations and developed design recommendations for the INSPEC2T solution, focusing on foundational principles of Privacy and Security by Design, such as:
- anticipating privacy invasive events and security breaches before they occur;
- building privacy measures and security directly into the ICT system;
- accommodating all legitimate interests and stakeholders;
- making components of IT systems visible and transparent;
- ensuring that there is respect for users.1
On the basis of over 13 years’ experience of privacy impact assessment, data protection and operationalising privacy by design, alongside further primary (focus groups and expert discussions) and secondary research, we have provided bespoke advice and design recommendations. For example, recommendations on data minimisation, proportionality, legitimate purpose, informed consent, data accuracy, transparency and protection from surveillance have been implemented into the INSPEC2T solution design by the technical team.
End-users and key stakeholders will then be more likely to adopt the INSPEC2T app since they can be reassured that these measures to protect privacy rights and other users’ fundamental rights have been integrated into the design of the technology.
Moreover, we supported our partners in creating a technology that meets the requirements of the General Data Protection Regulation (GDPR) which also highlights the need for organisations to adopt responsible privacy and data security practices.
Rachel Finn, Practice Manager at Trilateral, commented:
“Our Privacy Impact Assessment team works in partnership with technology developers to identify workable solutions to reduce privacy risks. Our repeat business and positive evaluations of this service is a testament to the quality of our work in both the private and research sectors.”
Contact Trilateral’s Data Science team for more information: