PSG's blog

Share this post

Big 5 list of Privacy Requirements

psgblog.substack.com

Big 5 list of Privacy Requirements

for Product Managers and Software Leaders

Marc French
Feb 13
Share this post

Big 5 list of Privacy Requirements

psgblog.substack.com

Hey folks,

PSG is happy to announce we have decided to open-source our list of “Big 5” software privacy requirements that folks can use to drive the discussion around inclusion of privacy into your products.

What are the “Big 5”?

As the complexity of applications and the sophistication of the privacy discipline have increased dramatically in the past decade, the number of potential product privacy requirements needed to meet these issues has grown beyond the capabilities of all but the most resourced engineering teams. As a result, engineering & product teams need to focus on implementing those requirements that balance risk reduction and resource utilization. PSG has curated a list of privacy requirements (Big 5) that we feel organizations can leverage in order to achieve this balance. While the list is “mostly” current with “most” of the privacy regimes, it is by no means complete and really represents what we feel are the requirements teams should be considering to implement in their products based on our collective team’s experience.

Shout outs

Special shout-outs to not only the internal PSG team but the following two folks who assisted in reviewing our list.

  • Kim Wuyts - Kim and I worked together on the Threat Modeling Manifesto and her work on LINDDUN inspired the list. If you haven’t looked at this, you should check it out at www.linddun.org

  • Demetrios Eleftheriou- Demetrios introduced me to privacy while we worked together at EMC. There isn’t a better privacy lawyer out there so if you need help, catch him at www.eleftherioulawfirm.com

The List

Here is the list.

Privacy Big 5

If you have any updates or additions, please feel free to contribute back to the community.

The Future

This post will be the first in a 3 part series covering these requirements.

  • (Coming Soon) - Part 2 - Mapping the Privacy Big 5 to LINDDUN

  • (Coming Soon) - Part 3 - Mapping the Privacy Big 5 to the Major Privacy Regs

Enjoy

Marc & the team at PSG

Share this post

Big 5 list of Privacy Requirements

psgblog.substack.com
TopNew

No posts

Ready for more?

© 2023 Marc French
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing