Privacy is fundamentally social. It’s about who we trust with the information that makes us who we are. This article is part of the series “Privacy By Design, By All Of Us,” highlighting a few of the people at Ethyca who are engineering the future of data privacy. Meet Catherine Smith, Software Engineer.
Classically trained on piano and violin, Catherine Smith is creating a new kind of harmony in the world of data privacy. As a Software Engineer at Ethyca, she builds technical tools that harmonize privacy responsibilities so engineers can proactively respect end-users’ data rights.
Emerging regulations are granting end-users the right to request their personal data be erased from a business’s systems. This might seem simple in the abstract, but building the tools to implement it at scale calls for careful, comprehensive engineering. That’s where Catherine comes in.
Amidst her busy schedule as an engineer—not to mention her other endeavors, like film photography—we caught up with Catherine to chat about her work and usable privacy at scale.
Catherine, how does your work build respect into the ways end-users’ data is handled?
As a privacy engineer, we build respect into systems by making privacy part of infra itself. This means it follows the same pre-thought in planning and processes as we would with any bit of code that’s released. Making it as easy as possible to integrate and manage means it’s ultimately predisposed to better respect user’s data in practice.
Absolutely. That focus on privacy in the planning and build processes is reminiscent of the Privacy By Design framework. Of the seven core principles in that framework, is there one that particularly resonates with you?
I would say “Visibility and transparency.” Part of working at Ethyca means helping to push the norm that a company’s data privacy policies can and should be obvious and out in the open. Open sourcing our privacy tooling is an embodiment of this principle. Part of this, too, is reclaiming public trust in the tech industry. It’s been a black box for far too long. I think online privacy at its core can bring up feelings that overwhelm the average internet user, and even make them feel like they are surrendering. But having clear, shared standards can help. Today, we have payment badges like “Powered by PayPal”, which increase brand trust in checkout. We can and will eventually see privacy badges, which would signal that standards are being adhered to in the world of data privacy.
We think about privacy all the time here at Ethyca. Some people outside of the profession might see privacy as a lost cause, or an impossible game of catching up with the latest tech. What would you say to them?
I would suggest that they just look at the history of tech innovation. A radical new way of approaching a pre-existing problem has historically turned entire markets on their head. The problem of digital privacy is not one that can be solved with the currently segmented, patchwork way of thinking about enforcing privacy policies and pipelines. While it will take a new way of thinking about privacy, I strongly believe we’re at the point where it makes sense for the tech industry to embrace a unified and infra-driven way of approaching data privacy.
Why do you care about respectful systems?
At the core, I believe every internet-using citizen has the fundamental right to respectful systems. This means knowing what data is being stored, how long it’s being stored, and how certain bits of data might be used. It means having control over that data, too: being able to delete and request it back. Just like privacy is a basic human right, privacy in our online lives should be no different.
Catherine and the entire team of engineers at Ethyca are building cutting-edge privacy tech. Visit ethyca.com to explore their latest work to make meaningful privacy a reality for all users.
We enjoyed two great days of security and privacy talks at this year’s Symposium on Usable Privacy and Security, aka SOUPS Conference! Presenters from all over the world spoke both in-person and virtually on the latest findings in privacy and security research.
At Ethyca, we believe that software engineers are becoming major privacy stakeholders, but do they feel the same way? To answer this question, we went out and asked 337 software engineers what they think about the state of contemporary privacy… and how they would improve it.
The UK’s new Data Reform Bill is set to ease data privacy compliance burdens on businesses to enable convenience and spark innovation in the country. We explain why convenience should not be the end result of a country’s privacy legislation.
Our team at Ethyca attended the PEPR 2022 Conference in Santa Monica live and virtually between June 23rd and 24th. We compiled three main takeaways after listening to so many great presentations about the current state of privacy engineering, and how the field will change in the future.
For privacy engineers to build privacy directly into the codebase, they need agreed-upon definitions for translating policy into code. Ethyca CEO Cillian unveils an open source system to standardize definitions for personal data living in the tech stack.
Masking data is an essential part of modern privacy engineering. We highlight a handful of masking strategies made possible with the Fides open-source platform, and we explain the difference between key terms: pseudonymization and anonymization.
Our team of data privacy devotees would love to show you how Ethyca helps engineers deploy CCPA, GDPR, and LGPD privacy compliance deep into business systems. Let’s chat!Book a Demo