Digital services rely on data, which is often decentralized, operated in cloud-based solutions. These services frequently require sensitive, highly personal data. To name a few:

• Healthcare systems and services require treatment data of patients. Pharmaceutical and medical products companies as well as scientific institutions, use the data of treated individuals to assess and monitor the impact of treatments.
• Retail and consumer packaged goods industry aim to increase their revenue by improving the customer journey. Again, this requires the collection and processing of sensitive data.

Whether such digital services succeed or fail depends heavily on the trust of stakeholders in the protection and processing of their data.

Privacy Engineering

Any organization storing or processing personal data must deal with governmental regulations (see EU General Data Protection Regulation - GDPR) and non-governmental examination of the usage of such personal data. Failing to comply may result in financial and/or social penalties and a loss of reputation.

Privacy is a legal domain. EU GDPR has verbalized this in the terms of data storage and processing. Privacy engineering can be seen as the framework for implementing IT solutions that meet legal and social requirements. In other words, privacy engineering aims to integrate perspectives spanning product design, software development, cyber security, human computer interaction, as well as business and legal considerations.

Let us agree that Privacy Engineering is the broad framework describing all considerations, regulations and setting the principles for defining a strategy to ensure the security of storing and processing data. It encompasses legal, social, and technological dimensions. Let us explore the technological perspective in more detail.

Trust Architecture in a nutshell

Trust architecture, or sometimes called “Zero-trust architecture” is a technical framework where all entities, inside or outside of the organizations IT-network, are not trusted by default. This means, any entity accessing the solution must prove its trustworthiness. Usually, such concepts need multiple layers, controls and dedicated monitoring for each layer. Sensitive, personal data must not be directly accessible from outside (e.g., via the Internet).

[simplified ZTA illustration]

Digital identity is the mechanism that characterizes an entity. An entity, can be for example, an organization or a person. Digital identity means a computer-identifiable mechanism to manage access control.

A simple digital identity example is for instance the combination of an email address and a password. More sophisticated digital identity concepts are Blockchain-based. This technology allows for concepts such as decentralized identifiers (DIDs). A subset of these DIDs is the Self-Sovereign Identity (SSI) where an ID-provider provisions verifiable credentials. SSI encompasses attributes for identification, specification of the data (e.g. name) and to whom the data is shared (e.g. a healthcare provider).

Trust Architecture and Cloud

Organizations must manage hybrid solutions and a wide range of data with varying levels of privacy needs. Data controls are needed for access by employees, external professional partners, and/or customers. To define a fitting strategy, the following points should be considered:

• Type of application (e.g. on-premise, private cloud, public cloud)
• Transaction flows (what data is exchanged within and between your applications)
• Define boundaries between users and applications (see ZTA illustration)
• Establish your organization’s Zero Trust policies based on least privilege principles
• Train your users in your security policies
• Ensure transparency by making your security policies accessible to external users (e.g. customers/ consumers)
• Continuously monitor and improve your Zero Trust architecture to ensure it remains up-to-date and meets changing requirements.

Privacy Engineering and Artificial Intelligence (AI)

Any solutions based on artificial intelligence consume data. Often, the data processed falls into the category of sensitive data. To avoid the risk of not meeting regulations protecting this data, privacy engineering provides some approaches to mitigate that risk.

• Proactive Privacy by Design: Collaborating with stakeholders to document the scope of the AI project, understanding the architecture, data flows and initial privacy related risks. From this initial scope and policies, the privacy engineer identifies and communicates the relevant privacy requirements.
• Privacy Impact Assessment (PIA): Conducting an initial PIA to evaluate the impact of the proposed AI use case on user privacy.
• Legal and Ethical Compliance: Consulting with legal and ethics stakeholders to confirm alignment with legal requirements and ethical guidelines related to data privacy.

While the Trust Architecture in a Cloud Environment provides the technological backbone for any AI solution, Privacy Engineering supports the selection and the lifecycle of AI solutions, making it successful.

Benefits of Zero Trust Principles

You can expect various gains from appyling Zero Trust principles across your organization’s architecture and beyond. This includes a successful implementation of artificial intelligence-based solutions:

• Better visibility into data, assets, and risks.
• Consistent and comprehensive security.
• Speed and agility to stay ahead of evolving technologies.
• Reduced operational cost and complexity.
• Increased trust of your stakeholders
• Social acceptance

Summary

Trust in your stakeholders for your digital solution is vital. Especially in the case of a Cloud-delivered AI-empowered digital service, your users, business partners and consumers must trust that their personal data is safely processed and stored. This can be assured by applying privacy engineering and implementing a trust architecture.