Privacy by Design

What is Privacy by Design?

Privacy by design is a concept that integrates privacy into the creation and operation of new devices, IT systems, networked infrastructure, and even corporate policies. Developing and integrating privacy solutions in the early phases of a project identifies any potential problems at an early stage to prevent them in the long run.

Former Canadian Information & Privacy Commissioner Ann Cavoukian was one of the first privacy experts to flesh out this concept. She defined several principles that are considered the foundation of privacy by design — from enabling privacy settings by default and being proactive to being transparent about the motives for data collection.

Previous data breaches show that privacy solutions are often an afterthought installed after a breach occurs. Privacy by design hopes to remedy that by pushing developers and businesses administrators to be proactive and make privacy a priority.

Organizations can also implement privacy by design to fulfill compliance obligations from data protection regulations like the General Data Protection Regulation (GDPR). The GDPR mandates stronger security for personal data. Recommended privacy protection practices include pseudonymization and data minimization, which are in line with privacy by design.