SmartPrivacy for the Smart Grid:
Embedding Privacy into the Design
of Electricity Conservation
November 17, 2009


• Ann Cavoukian, PhD., Information and Privacy Commissioner of Ontario, Canada
• Jules Polonetsky, Co-Chair, Future of Privacy Forum
• Christopher Wolf, Co-Chair, Future of Privacy Forum

This paper introduces the Smart Grid and its benefits, as well as the questions that should be explored regarding privacy. It also introduces the term SmartPrivacy which represents a broad arsenal of protections, encapsulating everything necessary to ensure that all of the personal information held by an organization is appropriately managed. These include: Privacy by Design; law, regulation and independent oversight; accountability and transparency; market forces, education and awareness; social norms; data security; and fair information practices.

Privacy by Design:
Essential for Organizational Accountability and Strong Business Practices
November 2, 2009


• Ann Cavoukian, PhD., Information and Privacy Commissioner of Ontario, Canada
• Martin E. Abrams, Senior Policy Advisor and Executive Director, Centre for Information Policy Leadership, Hunton & Williams LLP
• Scott Taylor, Chief Privacy Officer, Hewlett-Packard Company

This paper discusses the essential elements of accountability, Privacy by Design principles, and provides an example of a control process that uses the principles to implement the essential elements. So universal are the PbD principles, and so diverse are the contexts within which these principles may be applied, that the future of privacy in the 21st century information age may be limited only by our collective imagination and will.

Remote Home Health Care Technologies:
How to Ensure Privacy?
Build It In: Privacy by Design

The purpose of this paper is to understand these remote home health technologies and their uses, identify the privacy considerations, and provide an approach whereby privacy can be designed directly into these systems in a positive-sum manner, both protecting the personal data of individuals and maintaining the functionality and health benefits of the technology being used.

A Pragmatic Approach to Privacy Risk Optimization:
Privacy by Design for Business Practices

This paper introduces Nymity’s Privacy Risk Optimization Process (PROP), a process that enables the implementation of privacy into operational policies and procedures, which results in Privacy by Design for business practices. The PROP is based on the International Organization for Standardization (ISO) concept that risk can be both positive and negative. Based on this concept, ISO also defines Risk Optimization as a process whereby organizations strive to maximize positive risks and mitigate negative ones. The PROP uses these concepts to implement privacy into operational policies and procedures.