CA Technologies joins EU 'privacy by design' research project
CA Technologies is one of eight technology partners that will shape a European research project designed to facilitate software privacy by design.
The Privacy and Data Protection for Engineers (PDP4E) project aims to help software engineers to incorporate privacy design into all of their applications.
This approach will also help those who use the applications to comply with the European Union’s General Data Protection Regulation (GDPR), and international standards related to privacy.
CA Technologies joins partners from countries including Belgium, France, Germany, and Spain. The project is funded by the European Union H2020 Research and Innovation Program.
CA Technologies’ EVP & CTO Otto Berkes says that privacy protection can only be effective when it is proactively addressed throughout the entire software development lifecycle – or in other words, privacy by design.
“Regulation often only provides abstract guidance which means software engineers struggle with translating its goals into development specifics, while data privacy specialists lack the mechanisms to implement and validate compliance,” he adds.
CA Technologies will be looking at the market requirements for privacy by design in the context of GDPR. The company will also ensure that resulting tools and methodologies are aligned to what the market needs.
The company will also develop a risk management tool to identify, assess, and mitigate both data protection and privacy risks.
“CA Technologies is proud to be partnering on this European research that will help drive stronger integration of privacy by design during product development,” comments CA Technologies vice president of Strategic Research, Victor Muntés.
“With the advent of GDPR, organisations will have to prove they are protecting data in the best possible way. As the pace of software development accelerates, the PDP4E research will help innovate new ways for privacy by design to be built into the development of new applications and help to comply with the GDPR and other global requirements.”
The PDP4E research results will be tested across two pilot programs: a fintech application domain, and a smart grid energy application domain. These two domains were chosen because they are relevant to privacy by design.
The results will subsequently be promoted among engineering groups, such as Eclipse (a community of software developers) or IPEN (a community of privacy engineering stakeholders).
An open Alliance for Privacy and Data Protection Engineering is also planned as a follow-up to the project, building on that community and the synergies among the participating partners.