Privacy by design is a framework designed to ensure that any new process or tool is designed and built with data privacy in mind.
The concept isn’t new, but it has attracted greater attention in recent years as data protection and privacy have become mainstream concerns.
It took on added importance when a broader model – known as data protection by design and by default – was enshrined within the GDPR (General Data Protection Regulation).
In this blog, we explain how privacy by design works, why it’s important and what you must do to implement it.
What is privacy by design?
As organisations become more technologically sophisticated, they are finding innovative ways to use personal data.
The downside of this is that it increases the risk of system vulnerabilities, which may threaten the security and privacy of sensitive information.
With developers often up against tight deadlines, they may overlook these bugs as they focus on making the system functional – and by the time anyone spots the extent of the damage, it could be too late.
Organisations are then forced to create a patchwork solution that may only partially resolve the issue or complicate the system’s design.
Privacy by design is intended to prevent that, requiring organisations to prioritise privacy when developing processes or tools.
Before any system goes live, organisations must be confident that sensitive data is being used responsibly and that it cannot be accessed by unauthorised parties.
The seven principles of privacy by design
There are seven foundational principles to privacy by design; they were first published in 2012, and have been widely recognised and adopted, including by the UK’s data protection authority, the Information Commissioner’s Office.
1. Proactive, not reactive; preventive, not remedial
Organisations must identify and address privacy risks as they design a new processing activity or make significant changes to an existing one, and not wait until after the risk or issue materialises.
2. Privacy as the default setting
If users don’t understand privacy settings, they are liable to avoid them. As such, you should automatically give individuals the maximum level of protection and give them the option of customising the settings.
3. Privacy embedded in design
Data privacy should be considered throughout the project, with organisations treating it as a feature of the design.
4. Full functionality – positive-sum, not zero-sum
Achieving privacy by design doesn’t mean you have to sacrifice other aspects of your system.
You should consider it a ‘positive-sum’ (win–win) scenario, which is possible if the actions you take to improve privacy lead to better products and services – and by extension, happier customers.
5. End-to-end security – full lifecycle protection
You must ensure that data protection and data privacy are addressed at every stage of the information lifecycle.
You should consider several things, including the information’s confidentiality, integrity and availability.
6. Visibility and transparency – keep it open
You must act transparently throughout the process to demonstrate that your systems meet the requirements of privacy by design.
This principle is closely related to the GDPR’s principle of lawfulness, fairness and transparency.
7. Respect for user privacy – keep it user-centric
For a product to be deemed adequate, it must be user-friendly and user-centric.
Likewise, products that deliver the best privacy by design results tend to be designed with users’ needs and interests in mind – both privacy-related and otherwise.
An eight-step approach to implementing privacy by design
You can find more information on this topic by downloading Privacy by Design – Step by step.
This free, eight-step guide explains in more detail what privacy by design is and how it works, and contains a walkthrough to help organisations meet their privacy by design requirements.
It takes you through the entire process of embedding privacy in your processes and tools, from creating a roadmap and selecting features to implementing, testing and launching your set-up.