Privacy by Design is an approach to designing and creating systems that considers privacy features. The term “privacy by design” can be understood as “privacy embedded into design”. The struggle for privacy protection interferes with the entire system design cycle. This can concern, for instance, an information system design or design of organization’s processes. The concept of Privacy by Design first appeared in 1995 in the “Privacy-Enhancing Technologies” report, which was jointly created by Information and Privacy Commissioner for the Canadian province of Ontario, Dutch Data Protection Authority and Dutch Organization for Applied Scientific Research. Later, it was also expanded thanks to the unique book entitled “Privacy by Design” by Information and Privacy Commissioner of Ontario, Ann Cavoukian.
What are the basic principles of Privacy by Design?
Systems aiming for respect of privacy are based on 7 pillars. These should be part of the system design:
- Proactive not Reactive - Preventative not Remedial: predicting risks and avoiding invasive events before they happen.
- Privacy as the Default Settings: sensitive data is automatically protected by the system itself. Therefore, user does not need to undertake any action in this regard since privacy is built-in by default.
- Privacy Embedded into Design: privacy protection is not an add-on. Privacy protection must be part of the core of the system, it has to be one of its foundation elements.
- Full Functionality - Positive-Sum not Zero-Sum: the protection of privacy in the system does not interfere with its other functions. It means that the privacy is not protected to the detriment of other system functions, but the whole system benefits from it. It is a win-win situation.
- End-to-End Functionality - Full Lifecycle Protection: sensitive data will be protected throughout its lifecycle. There should be no gaps in data protection and responsibility during its lifetime which begins by the data acquisition, continues by making use of it, and terminates by safe destruction when the reason for storing is no longer there.
- Visibility and Transparency: crucial to establishing responsibility and trust. This principle is emphasized both in auditing as well as in documenting and reporting information about some obligations to individuals.
- Respect for User Privacy: the system should be deliberately designed around the interests and needs of individual users to enable them to manage their personal data. It is a good practice to empower users (entities) to play an active role in managing their own data.