A Risk-based Approach to Privacy by Design (Extended Version)

The objective of the work described in this report is to help designers to select suitable architectures based on an incremental privacy risk analysis. We present a three-tier process including a generic privacy risk analysis depending on the specifications of the system and two refinements based on the architecture and the context respectively. We illustrate our approach with the design of a biometric access control system.