Privacy as Code
How do you operationalize privacy at scale? The response to this question has swung back and forth from one extreme to another over the past decade.
The first extreme is "privacy as a blocker," where engineers benefit from a bottoms-up culture, bespoke workflows, and limited processes. This freedom enables high throughput and customer engagement.
But in this scenario, privacy is bolted-on at the end, mainly through privacy reviews that the legal/compliance teams conduct. These teams face a difficult choice: identify risks and block certain features or own the risks and their public ramifications. This model may work for a short period but eventually leads to swirl, growing privacy debt, and erosion of trust.
The other extreme is "privacy as compliance," where central IT/privacy teams issue top-down guidance on what engineers can collect, process, and build. The goal, rather than identifying and remedying privacy risk, is to stifle it. This restrictive model often thwarts innovation with its "one size for everyone" approach.
As a former engineer, I delighted in finding ingenious workarounds to bypass these restrictions, and I am certain today's engineers will do so too.
It is hardly surprising that all the money companies have thrown at privacy has failed to produce trust in consumers and scale for businesses. This dynamic, in turn, leads to a more punitive regulatory regime that adds additional burdens on emerging businesses unaccustomed to data protection as an area of focus.
Is data protection destined to become both an unscalable problem as well as a money pit?
We offer an approach - called "Privacy as Code" - and the tooling to make privacy a trust builder and business enabler. Our goal is to help you make privacy a competitive differentiator.
Why Privacy is Hard
Since the onset of the agile revolution, engineers have had clear marching orders: to build code and ship features out fast. In doing so, they've had to cut corners and be creative.
Given the constraints of pace and time, engineers across the board have built user-centric products while unintentionally causing present or future privacy harm. Rather than helping them rethink how to build for privacy from the get-go, engineers are being told to account for an unending slew of privacy issues after the fact.
Privado's tooling strategy recognizes this tension between good intentions and high expectations.
We address this problem by making privacy available at scale and velocity to the engineers before their code creates any privacy problems.
Operationalizing privacy presents what we like to call the "problem of plenty."
Organizations have plenty of engineers with access to plenty of data, all of which collectively create swirl and add plenty of technical debt. This overall inefficiency is the unwanted side-effect of the bottom-up distributed culture that drives innovation.
The situation is fixable but will need more than top-down mandates or high-minded first principles. This is where Privado comes in; it will help achieve your top-down privacy commitments via bottom-up adoption.
Privado aims to solve this by driving bottom-up adoption of our platform by empowering engineers. Just as forward-thinking engineers should add tests to their code for reliability, privacy testing should be part of the software development life cycle. Privado's solution, driven by engineers, will help provide wider coverage and reliable verifiability.
This is an approach Privado endorses and is building.
Privado is an open-source static code analysis tool to discover data flow in the code. It detects the personal data which is processed and further maps the journey of the data from the point of collection to the destinations of data like third parties, APIs, databases & even leakages to logs.
Privado connects with source code management tools like GitHub, GitLab, or Bitbucket and, within minutes, provides visibility into data flows to privacy teams that otherwise would have taken months of back & forth with product managers & developers.
With Privado, privacy & security teams can discover & control data flows across the entire products & tech infrastructure within minutes. We drive the following use cases:
- Discovering Data Flows: Instantly visualize the data lifecycle, from data collection, storing, and sharing to leakages across products & applications.
- Find & Fix Privacy Issues: Remediate CWE & OWASP data privacy & security vulnerabilities, for example, data leakages to logs, insecure data storage & excessive data sharing.
- Up to Date Compliance Reports: Automatically generate compliance reports from the code, which is the source of truth for data processing
Discovery at Privado works with these three components:
- Personal Data Classifier: This is where the Privado tools tag variables in code as personal data. Examples include tagging first_name as First Name or GAD_7_score as Health Status. This creates an automated and continuous inventory where the risk level of data is embedded into the code. Since different code use cases could lead to different risk outcomes for the same data, Privado's approach is geared to a more context-rich and, therefore, more dependable classification.
- Detecting Data Source & Destinations: Next Privado maps all the data processing happening in the code by discovering APIs, SDKs, forms, databases, logs & other collection points.
- Generating the data flows: The first two components working together helps us progressively identify patterns around data flow. As more and more engineers start benefiting from the Privado toolkit, you will be able to generate real-time data flow diagrams for each data element. Given the risks around policy enforcement on data, having a continually self-improving data lineage process will empower your engineers to build for privacy with a lower risk of surprises and minimal impact on throughput.
By building privacy in the code and helping scale policy enforcement, Privado orchestrates privacy as an engineering enabler. It will provide seamless coverage for the numerous decisions engineers must make, either manually or via automation. In doing so, it will reduce context-switching and rework by preempting privacy.
Engineers can therefore focus on execution, compliance/legal teams can focus on mapping privacy controls to regulations, and executive leaders can develop roadmaps with fewer privacy surprises.