Privacy Design Pattern Library

Helena Haapio, Arianna Rossi, and I have been working on formalizing a pattern library for visual and interactive mechanisms for making privacy policies understandable to people.

The Patterns

  1. Multi-Layered Notices
  2. Privacy Icons
  3. Interface for Unambiguous Consent
  4. Structured Layout

Related Efforts

We recognize that other scholars, engineers, and policy-makers have begun to collect different ways to design privacy into the code of applications, sites, and internet protocols. 

Here is more to look at and read if you are interested in the best ways to design and engineer for privacy.

    • https://privacypatterns.org/ for us: layered policy design, privacy color coding, privacy icons (categories: inform, explain, visualize, transparency, notice, user interface)
    • https://privacypatterns.eu/ same as above
    • “Privacy Design strategies” J.H.Hopeman (2013); for our scope, especially Sect. 5.2: Process oriented strategies INFORM and CONTROL
    • “Pattern collection for Privacy Enhancing Technology” Graf, Wolkerstorfer, Geven, Tscheligi; for our scope, especially: PET patterns for privacy policies and PET Visualization
    • “Privacy patterns for online interactions.” Romanosky, Sasha, et al. (2006); for our scope, especially: Informed-consent for web-based transactions, Minimal Information asymmetry
    • Doty, Nick, and M. Gupta. “Privacy design patterns and anti-patterns.” Trustbusters Workshop at the Symposium on Usable Privacy and Security. 2013.
    • IF Data Permissions Catalogue: Documenting design patterns for personal data sharing, with example uses and research. Work in progress. Maintained by IF. View  on GitHub.https://catalogue.projectsbyif.com/
    • IF explanatory video on design patterns for consent/permissions/terms and conditions (https://trustanddesign.projectsbyif.com)
    • For Privacy Process Patterns, see Vasiliki Diamantopoulou et al. 2017 (Springer): Supporting Privacy by Design Using Privacy Process Patterns: “This paper presents a set of privacy process patterns that can be used to bridge the gap between privacy design and implementation, …” pdf available at [PDF] visioneuproject.eu