Cloud risks: Security and privacy concerns when moving to the cloud.
Privacy engineering is an emerging field of engineering which aims to provide methodologies, tools, and techniques to ensure systems provide acceptable levels of privacy.
Privacy engineering involves aspects such as process management, security, ontology and software engineering.The actual application of these derives from necessary legal compliances, privacy policies and 'manifestos' such as Privacy-by-Design.
Relationship between PbD and Privacy Engineering
Towards the more implementation levels, privacy engineering employs privacy enhancing technologies to enable anonymisation and de-identification of data. Privacy engineering requires suitable security engineering practices to be deployed, and some privacy aspects can be implemented using security techniques. A privacy impact assessment is another tool within this context and its use does not imply that privacy engineering is being practiced.
One area of concern is the proper definition and application of terms such as personal data, personally identifiable information, anonymisation and pseudo-anonymisation which lack sufficient and detailed enough meanings when applied to software, information systems and data sets.
Another facet of information system privacy has been the ethical use of such systems with particular concern on surveillance, big data collection, artificial intelligence etc. Some members of the privacy and privacy engineering community advocate for the idea of ethics engineering or reject the possibility of engineering privacy into systems intended for surveillance.
Software engineers often encounter problems when interpreting legal norms into current technology. Legal requirements are by nature neutral to technology, and will in case of legal conflict be interpreted by a court in the context of the current status of both technology and privacy practice.