Privacy principles

The following principles were considered in LISA system design in order to ensure trust, confidentiality and integrity as well as to guarantee a user-friendly Interface within an ethic and secure environment.

Privacy by Design

This concept has been around for many years, but it is only now a legal requirement due to the introduction of GDPR. The term privacy by design means that data privacy should be taken into account during the conception and development phase of a software.

The principles on which Privacy by Design as well as data protection are based can be summarized as follows:

Lawfulness, fairness and transparency
Purpose Limitation
Data mining
Data security
Accountability

Lawfulness, fairness and transparency
Transparency implies that data management procedures must be easily accessible and transparent, written in simple language, possibly through graphics and icons, so that those concerned are able to understand what will happen to their data. Moreover, this principle informs data subject of the possible risks that the treatment may involve.

Purpose Limitation
It means that the collected information obtained for explicit and legitimate purposes must not be processed for other purposes without the data subject’s consent.

Data mining
The concept of data mining is important for the privacy by default approach specified by the GDPR. The Data Controller should only process personal information which is strictly necessary and pertinent to the companies’ intended use, in this sense support and improve student learning context and performance. The collected data must be deleted as soon as they are not needed anymore.

Data security
In the collection and processing of personal data confidentiality and integrity are ensured. That means, that unauthorized access to personal data must be prevented by technical and organizational safeguards. Such measures can include authentication and authorisation mechanisms and the use of encryption.

Accountability
According to these principles, companies must be able to demonstrate the purpose of the data collection and its effectiveness.

Privacy Notices & GDPR

A privacy notices usually provides users with information about the data that has been collected. Through such a text, the user can become aware of what information an organization will collect, how they’ll do it, who they’ll share it with and how they’ll use it.

Layering privacy notices
Provide User-Friendly Summaries

Layering privacy notices
Layered notices improve communication of complex or detailed information about privacy by first providing the reader with a clear sum- mary of key privacy points (the first layer). A second layer provides more detailed or specific information.

Provide User-Friendly Summaries
Whenever certain changes occur, it would be opportune to provide users with a clear and user friendly summary, rather than highlighting the importance of privacy in long texts.

Uncompromising Consent Forms

Obtaining consent by default does not reflect the new European regulations. Consent need to be freely given and explicit, i.e. the data subject must be given the possibility to agree or disagree with the collection and use of personal data and organizations should explain how and why the data will be processed, using concise and comprehensible legislative explanation.

Another method to ensure explicit consent is the use of so called just-in-time alerts. In this way users can give their consent only when it is necessary. Furthermore, the GDPR specifies that the user must be able to withdraw consent at any time.