Member-only story
Privacy by Design
With Mark Zuckerberg currently standing trial, for both Facebook and the entire tech industry’s past decade, we have to take a moment and ask: but how could we have done better? How can we move forward from here?
While media seems to be focused on Zuckerberg’s potential resignation and the DOW dropping in response to Facebook coming under fire for oversharing information through a Cambridge Analytica built app, we in tech should take a moment to consider the implications on the work we do and how we do it.
Revenue models aside for a moment, what could an ethical privacy and information future look like in the industry? It is an important question to consider at this pivotal moment, not only because the laws are likely to change, but also because, at this point in time, there really isn’t an industry that isn’t touched by software — be that healthcare, government, ecommerce or education.

Privacy by design comes out of a Canadian healthcare tradition of fair information access and sharing. Long before the digital age, Canadian healthcare had strict privacy and information sharing policies in place, which regulate everything from what kind of data can be stored to how it can be stored and how long it can be stored before its lifecycle has expired and it needs to be destroyed.
The policies can be followed down to the most granular of potential actions. You can’t, for example, in a children’s hospital, store data in a non-medical volunteer database about the Committee a child may be volunteering on or part of, because it could be possible to work backwards from there to put together the type of volunteer work they do and their potential medical diagnoses.
Born from this tradition and policies came the idea of “privacy by design” as data started to go digital.
User-centric
User-centric in this case means elevating the users’ interests above all else.
This may seem like a radical concept from the Silicon Valley perspective, where monetizing users is all about selling information and data.
Outside of Silicon Valley, however, are all kinds of applications and websites that will demand a user-centric approach to data protection and privacy. Healthcare is one of the first examples that springs…