Towards Applying Design-Thinking for Designing Privacy-Protecting Information Systems

Abstract

Designing privacy-protecting Information Systems (ISs), i.e., realizing the Privacy by Design (PbD) principle, is a challenging task. This challenge stems from having many stakeholders and design trade-offs involved, which cause uncertainty in defining the problem, eliciting soft requirements, and making design trade-offs among many contending objectives. As creating a formal model of such settings is often infeasible, applying a conventional engineering design method alone may not result in elucidating users' needs and/or devising a viable design that is acceptable for all parties (e.g., end-users and data subjects). This contribution aims at enriching engineering approaches for privacy-protecting ISs with the so-called design-thinking approach. Design-thinking, initially used for product and service design, has been applied to the areas where there are interactions among people, organizations and technologies, in order to elucidate user needs and concerns that are insufficiently formulated and/or hidden in tacit knowledge. In this contribution, we elaborate on three main PbD components, namely problem space, solution space and mapping space. We, further, analyze the shortcomings of traditional engineering approaches for privacy protection as well as the potentials and shortcomings of design-thinking in general. Finally, we present our practical experience with applying the design-thinking approach to the problem of PbD for ISs. We foresee the applicability of design-thinking for elucidating the problem space as well as for making design trade-off among contending values in order to come up with a viable design option.