Hancock Privacy Patterns & Framework
Updated: Feb 10, 2019
"The internet is a design philosophy and architecture expressed in a set of protocols," shared Vint Cerf in a video for beginners at Code.org. Protocols are the rules and standards that ensure we can connect, communicate, and participate. Information and content about our location, device, application, and behaviors are transmitted via data packets at rapid speed across the network.
The internet we use today was not designed to be secure or private. Its architecture was created to keep two-way communication open without a centralized network, even during disasters.
The Hancock Privacy Pattern provides use-case frameworks to ethical data governance, standards and accreditations for data models that protect privacy, comply with laws, and improve our ability to make choices.
The data we create while online is combined with the data created by others such as social networks, schools, banks, and governments. These data are shared (duplicated) and used by many types of organizations. How data is used and by whom have life-long implications.
The Privacy Pattern helps frame privacy from a new perspective. Each connection has opportunities and risks. When moving sensitive information, like behavioral health or substance use electronic information, we must ensure that data is protected at every connection via the network, device, application, or the human behavior.
The patter also helps us look at privacy through a new lens. Rather than looking at "what is allowed" in privacy law, we can take a holistic approach about what information is known, with whom can it be shared, how are they authorized, what audit trails are required, are privacy laws enforced? At what point are my "user profiles" aggregated by data brokers and web companies and linked with my personal information? Whom do I contact when I want to know answers?
Even without cookies, browser fingerprints identify my connected device.
To comply with rapidly changing privacy laws around the world and in my own state of California, new data structures and architectures are required. Following the Privacy Pattern and making decisions about how much information is known about us and what we can expect regarding its use is the critical step in the internet we want and trust.