Today I had the privilege of having lunch with Dr. Ann Cavoukian, Information and Privacy Commissioner of Ontario, Canada, along with Jack Crail, Oracle Director of Security Sales Consulting for the Western US.  It was a pleasure to have a delightful lunch, sitting outside in the deliciously warm springtime air in Scottsdale, AZ.  We explored many topics of mutual interest, but focused primarily on the concepts in the white paper, “Privacy and Security by Design, A Convergence of Paradigms,” published recently by Dr. Cavoukian and Marc Chanliau, Director, Product Management with Oracle.

I had prepared the following matrix which shows remarkably close alignment with the seven foundational principles of Privacy by Design and how these principles could also apply to Information Security.  We recognize that the scope of security is broader than privacy, but the needs to proactively build security into all the technology and processes we create are remarkably similar.

In this matrix, row 5 (End-to-end security) shows where security and privacy interact.  In fact, end-to-end security is a necessary enabler for privacy.  The other rows begin to explore how a Security by Design approach can align with and support Privacy by Design.

While this matrix is just in draft form, I believe it can help us discuss how  the goals and solutions of privacy and security can be aligned in a meaningful way.  

If any on you would like to offer any suggestions for improvements, please let me know.