Privacy by design

Privacy by design (PbD) is an idea in systems engineering and information technology.[1]

In privacy by design, the engineers build the system so that it keeps information private starting at the beginning instead of building the system and then adding privacy protection later. In privacy by design, the designers treat privacy protection as just as important as other parts of the design.

History

Dr. Ann Cavoukian first said the term "Privacy by Design" when she was the Information and Privacy Commissioner of Ontario, Canada. Dr. Cavoukian later wrote about the "7 foundational principles" of privacy by design in the 1990s.

The European GDPR regulation incorporates privacy by design which revolves around the following foundational principles:

Foundational principles

Privacy by Design is based on seven foundational principles

  1. Privacy First
  2. Privacy as the default setting
  3. Privacy inside of design
  4. Full functionality
  5. End-to-end security
  6. Keep it open
  7. Keep user centered

The authors of more than five hundred other articles have talked about these principles by citing the white paper "Privacy by Design in Law, Policy and Practice" by Ann Cavoukian. Privacy by Design is accepted as the gold standard internationally.

References

  1. David Krebs (February 10, 2021). "Canada: "Made In Canada" – What Is Happening To Privacy By Design Under The CPPA?". Mondaq. Retrieved March 11, 2021.