Abstract

After the adoption of new data protection regulations, like GDPR, proper treatment of privacy throughout the system development lifecycle has become a must. In this paper, we discuss several aspects to more easily and effectively integrate privacy engineering in system development and how to bring the notion of privacy-by-design into practice. We propose the new W-model as a privacy-aware extension of the V-model frequently used in software engineering. One stage of the W-model deals with analyzing privacy in the system where privacy engineers conduct a privacy impact assessment in order to elicit privacy threats and to find a suitable countermeasure to remedy each threat. With respect to finding suitable countermeasures, we provide requirements the countermeasures need to meet in order to be selected. In addition, we introduce a cost function that assists privacy engineers in selecting the most suitable countermeasure. Furthermore, we point out several open issues that future work needs to address.