Privacy by Design

Privacy by Design represents that privacy is embedded into systems, products, and services, by default. It is driven by seven foundational principles.

1. Proactive not Reactive; Preventative not Remedial

   The idea emphasizes that the approach is proactive rather than reactive. This means that it anticipates high-risk privacy events and places preventative measures. This significantly reduces the risk of invasive events occurring from the start.

   • set and enforce a high standard of privacy

   • methods to evaluate privacy designs and correct any negative impacts

   • bring new innovative and proactive techniques to improve privacy measures

2. Privacy as the Default

   • Purpose Specification is the reason why personal information is collected, used, and retained. The user should be made aware of these reasons before collecting information.

   • Collection Limitation is the amount of data you are legally allowed to collect.

   • Data Minimization is the least amount of personal information being stored. Most systems should begin with non-identifiable interactions, by default, and any other data collected after should be minimized.

   • Use, Retention, and Disclosure Limitation is the use of personal information should be limited to the purpose identified to, and consented by, the individual.

3. Privacy Embedded into Design

   Privacy must be embedded into applications, technologies, and business structures without disrupting its functionality. It's essential to prioritize privacy in systems with a holistic, creative, and integrative approach.

   • There should be a reliable framework utilized and implemented at the same standard at every step in the design process.

   • There should be detailed documentation and implementation of privacy impact and risk assessments

4. Full Functionality - Positive-Sum, not Zero-Sum

   The goal of privacy is to be able to protect information without any trade-offs. It allows for full functionality of the system.

   • Privacy by Design takes a positive-sum approach where privacy is integrated in unique ways that don't affect functionality and flow

5. End-to-End Security - Lifecycle Protection

   Privacy should continuously protect, across the whole domain and for every step of the data life-cycle. Furthermore, the data should be securely retained and securely destroyed at the end of the process.

   • Security is the responsibility of securing personal information throughout the lifecycle. It follows methods of secure destruction, encryption, and access control.

   • Applied security are standards that ensure confidentiality, integrity, and availability of personal data throughout its lifecycle.

6. Visibility and Transparency

   This Privacy by Design principle is essential to accountability and trust.

   • Accountability is the responsibility of all privacy-related policies documented and communicated to the individual.

   • Transparency brings awareness to individuals about the privacy policies and practices that are related to their personal data.

   • Compliance strategies are essential to monitor, evaluate, and verify privacy policies and procedures.

7. Respect for User Privacy

   Systems designed following Privacy by Design principles are often mindful of the interests and needs of the users. This prevents any misuse of personal information.

   • Consent: The individual must consent to the collection or use of their personal information. The greater the sensitivity of the information the more clear and redundant consent should be from the user.

   • Accuracy: The data must be accurate, complete, and updated to be used for the predefined purpose.

   • Access: The user should have full visibility of their personal information and the uses or disclosure of this information.

   • Compliance: Organizations must follow some compliance structure and make these standards publicly available, for user awareness.