A Privacy-by-Design Implementation Methodology for E-Government

Abstract

The issues of privacy and data protection are gaining in prominence, especially against the backdrop of changing citizen preferences and the enforcement of strict legislations such as the EU’s General Data Protection Regulation. Pursuant both article 25 of the Regulation and following good practice, public sector institutions need to apply the principle of Privacy by Design (PbD) to their Information Systems. However, there is limited consensus on how this application is to be carried out. This article aims to fill this gap by constructing an implementation methodology with a particular focus on the e-government domain. This is done by using a design science approach leveraging practical experience and extant literature to design the methodology in accordance to user needs, existing legal requirements, and best practices. The proposed new methodology is applied to a real-life project from Bulgaria’s e-government road-map and evaluated by project stakeholders and experts.