Oasis group to promote privacy by design

Open standards organisation Oasis has formed a new committee tasked with integrating privacy and security policies into systems and processes, so that privacy and data protection is architected into networked applications at the design stage.

The Oasis Privacy Management Reference Model (PMRM) Technical Committee has been set up to promote an open standards framework to define ways in which 'privacy by design' can be applied to applications, especially in emerging cloud computing environments.

The initiative could help companies prevent policy breaches and support their privacy requirements, according to Oasis.

John Sabo, co-chairman of the PMRM Technical Committee, and director of global government relations at CA Technologies, argued that most policies describe fair information practices and principles, but rarely provide insight for the IT professionals who have to actually build the systems.

"PMRM will provide a template for developing operational solutions to privacy issues, and serve as a model for ensuring that privacy controls are in place across policy and enterprise boundaries in the growing cloud environment," he said.

Privacy by design has been a key initiative of UK data protection watchdog the Information Commissioner's Office and the European data protection supervisor.

Former Information Commissioner Richard Thomas launched a report on the issue two years ago, while his European counterpart, Peter Hustinx, argued last year that a privacy by design approach should be reflected in the European Union data protection legal framework "at different levels of laws and policy making".