Privacy is fundamentally social. It’s about who we trust with the information that makes us who we are. This article is part of the series “Privacy By Design, By All Of Us,” highlighting a few of the people at Ethyca who are engineering the future of data privacy. Meet Eduardo Armendariz, Senior Software Engineer.
What’s the hardest language that Senior Software Engineer Eduardo Armendariz has ever learned? Python? Some obscure programming language? Not quite. It’s English, he says. An immigrant to the United States from Ecuador, Eduardo is now part of the team at Ethyca building a whole new language—a language for engineers to describe privacy in their data systems.
In order to build any trustworthy system, everyone involved needs a shared baseline understanding of the system’s components and their functions. Because privacy engineering is a relatively young field, developers don’t yet have that shared understanding. A shared, open language for privacy is a crucial next step in delivering a consistent, reliable privacy experience to end-users. Eduardo’s work cuts to the core of modern privacy challenges worldwide, and he’s firmly committed to supporting this fundamental shift in how developers practice privacy.
We met up with Eduardo, who’s now out in the Pacific Northwest and enjoying its natural wonders. We chatted about his work in engineering data privacy and challenging the status quo when it comes to privacy within tech stacks.
How does your work help to build respect into how end-users’ data is handled?
I work on a team whose work is centered around building a language framework that empowers engineers to think privacy-first as part of their development experience. We are the front line when it comes to respecting end-users’ data. We’re doing this by providing engineers an effective way to declare their intentions with the users’ data as they go in their development process. For a given system, engineers can better understand whose data is in the system, what it’s being used for, and what the data is. With those pieces of information, we empower engineers to evaluate whether they’re respecting the end-users’ privacy.
What does the Privacy by Design framework mean to you?
When I think of Privacy by Design, I think of looking at privacy as a priority and not an afterthought in our systems. Privacy should not be tech debt that just sits in some backlog forever. I’ve been in a lot of software planning meetings in my career, and privacy is not something that comes up often, even when projects have dealt with user data.
Which of the seven principles of Privacy by Design particularly speaks to you and your work?
I believe that being proactive and not reactive is a crucial principle for Privacy by Design. In the software world, it’s really difficult to go back to tasks that have been de-prioritized. Starting early is going to make privacy a natural aspect of the software development experience. In our work here at Ethyca, our tools will make it easier for engineers to effectively implement this principle of being proactive rather than reactive in their privacy operations.
For sure. The industry’s norm for privacy thus far has been reactive, situated post-development.
In the old way of doing things, it always comes down to asking for forgiveness, rather than permission.
Right. Especially with more regulation and greater privacy awareness among consumers, that approach is not a wise one for any company. What would you say to someone who says that digital privacy is a lost cause?
I would tell them that it’s understandable that they feel that way. The software world moves really fast, and it has not prioritized privacy since its inception. To a lot of people, changing the status quo will feel impossible. What we have to do is shift the way we think about privacy to view it as a fundamental aspect of software development.
This shift toward proactive privacy is coming, no matter what. As more people start to value their privacy in the future, they’re going to better understand what it means for companies to have their data. My team and I at Ethyca, we really want to lead the way in facilitating this shift in how we, as an industry, approach privacy.
Here at Ethyca and elsewhere in your work as an engineer, why do you care about respectful systems?
I believe that everyone should have a right to determine what level of privacy they have in their online interactions. People’s lives are fully online now. But as a society, we haven’t fully adjusted to what that really means. People’s data has a lot of power tied to it. It should be up to each person to decide whom they trust with their data and really understand what those parties do with it. Right now, it’s just a big black box to a lot of people, and that’s not fair to the people. I care about respectful systems because I feel that everyone should feel safe online.
Eduardo and the entire team of engineers at Ethyca are building cutting-edge privacy tech. Visit ethyca.com to explore their latest innovations to make meaningful privacy a reality for all users.
At Ethyca, we believe that software engineers are becoming major privacy stakeholders, but do they feel the same way? To answer this question, we went out and asked 337 software engineers what they think about the state of contemporary privacy… and how they would improve it.
The UK’s new Data Reform Bill is set to ease data privacy compliance burdens on businesses to enable convenience and spark innovation in the country. We explain why convenience should not be the end result of a country’s privacy legislation.
Our team at Ethyca attended the PEPR 2022 Conference in Santa Monica live and virtually between June 23rd and 24th. We compiled three main takeaways after listening to so many great presentations about the current state of privacy engineering, and how the field will change in the future.
For privacy engineers to build privacy directly into the codebase, they need agreed-upon definitions for translating policy into code. Ethyca CEO Cillian unveils an open source system to standardize definitions for personal data living in the tech stack.
Masking data is an essential part of modern privacy engineering. We highlight a handful of masking strategies made possible with the Fides open-source platform, and we explain the difference between key terms: pseudonymization and anonymization.
The American Data Privacy and Protection Act is gaining attention as one of the most promising federal privacy bills in recent history. We highlight some of the key provisions with an emphasis on their relationship to privacy engineering.
Our team of data privacy devotees would love to show you how Ethyca helps engineers deploy CCPA, GDPR, and LGPD privacy compliance deep into business systems. Let’s chat!Book a Demo