Empowering developers with privacy engineering tools

A few weeks ago, I had the honor and pleasure of speaking at the Texas McCombs School of Business at the University of Texas Austin about why developers need modern privacy tools to implement privacy directly into products and services today. 

With global privacy laws constantly emerging and holding businesses accountable for their privacy practices, engineers are increasingly involved in embedding privacy controls throughout the organization.

Unfortunately, without existing privacy tools or frameworks to do so, this task can seem daunting and even borderline impossible. That’s why our engineering team at Ethyca built the Fides open-source privacy engineering platform to help!

Fides is an expanding set of tools developers can use to solve privacy in a way they know and love. I was grateful to have the chance to explain a bit more about the ways developers can use Fides to embed privacy during my talk at UT Austin. 

Here’s a brief overview of what I discussed.

How Ethyca enables Privacy by Design for developers

Privacy by Design (PbyD) was a central topic addressed at the event. I was asked to describe the ways in which Fides allows developers to directly implement Privacy by Design principles into products and services. 

Fides was built to handle major privacy requirements businesses must fulfill, like data mappingdata subject access requests (DSARs) and consent management. My talk mostly centered around Fides’ data mapping features.

Data mapping with Fides allows developers to write code (as simple YAML files) that describes what their software does, what kinds of data they store, and then check that code into their version control system to create a permanent record of it.

The ability to actually store this information about your data in the codebase itself, while you’re working on the software, provides a complementary solution to other types of data discovery tools that help you determine what data you have *after* you build it.

That’s Ethyca’s personal take on Privacy by Design. Developers should have tools to keep track of this metadata all the way through the software development lifecycle. We frame this approach as “Privacy as Code ” to complement PbyD practices.

How Ethyca’s privacy taxonomy Fideslang helps developers practice Privacy as Code

Along with our powerful privacy toolset, our team of privacy engineers also built Fideslang – an open-source privacy language. Fideslang is meant to help standardize privacy governance by giving developers an agreed-upon way to declare data types and behaviors in the tech stack using a common standard.

For example, every developer has a different idea of how to “define” their own data labels. I might label a users’ email address as “email” in a database, whereas another engineer might label it as “contact email.” This creates two different ways to label the same thing!

By using Fideslang, it encourages developers to use a common language for privacy, which reduces the amount of different labels in the database, and as a result, confusion between engineers. 

And since this taxonomy was designed to reflect the language used in global regulations, it also helps developers to follow privacy best practices without having to think about it. 

There’s a lot more about Fideslang that I briefly touched on during my talk, like data categories and data uses… But ultimately, Fideslang exists to provide a common language we can all use to describe privacy data and plug that into our tools.

Modern privacy tools for developers

Since empowering developers to embed privacy in the software development and deployment lifecycle is the ethos at Ethyca, I was honored to have spoken alongside Nandita Rao Narla, Head of Technical Privacy & Governance at Doordash and Gagan Sarawgi, Director of Product Management at NVISIONx. 

I’d also like to give a big thank you to the Texas McCombs School of Business for inviting me and hosting the event. 

To experience the power of Fides yourself, clone the repo on GitHub or schedule a free 15-minute call to get a demo of our platform.