Ethyca Team
June 17, 2020Privacy By Design
Privacy By Design is a key concept in the study of modern data privacy. It’s incorporated into the text of the GDPR as a core principle, and its influence is considerable across a number of data privacy laws worldwide.
Privacy By Design is a key concept in the study of modern data privacy.
It’s incorporated into the text of the GDPR as a core principle, and its influence is considerable across a number of data privacy laws worldwide. The key figure in Privacy By Design’s development was Dr. Ann Cavoukian, Information and Privacy Commissioner for Ontario from 1997-2014.
In the foreword of Cavoukian’s groundbreaking work, former FTC Commissioner Pamela Jones Harbour stated:
“There must be some balance between regulation and innovation. One way to achieve that harmony is to embed privacy features from the beginning, starting with the design specifications of new technologies, i.e., Privacy by Design.”
If you’re interested, you can read Cavoukian’s full Privacy By Design White Paper here. The concept is based on seven “foundational principles.” Any organization must carefully consider each one in order to fully incorporate Privacy By Design.
- Proactive not reactive
- Privacy as the default setting
- Privacy embedded into design
- Full functionality – positive-sum, not zero-sum
- End-to-end security – full life-cycle protection
- Visibility and transparency – keep it open
- Respect for user privacy – keep it user-centric
There’s a great Medium explainer on what each of these terms means here.
Some GDPR commentators have expressed a wish that Privacy By Design contained more actionable specifics and less vague principles. They might have an argument, but it remains a key concept for data privacy regulators all over the world.
The Engineer’s Burden: Why Trustworthy AI Starts with the Data Layer
Read MoreTrustworthy AI begins with engineers ensuring clean, governed data at the source.
Google Tag Manager Is Now a Legal Risk: German Court Ruling Redefines the Consent Perimeter
Read MoreKey takeaways from a German court ruling that redefines consent requirements for using Google Tag Manager.
The Knowledge-Action Gap in AI: What Real Governance Requires
Read MoreMost AI governance tools fail because they focus on observation over control -documenting risks without providing the infrastructure to act on them.
One Company, One Data Language: The Foundation of Trustworthy AI Innovation
Read MoreTrustworthy AI starts with speaking the same data language across the organization.
Navigating the New Federal AI Landscape: Implications for Businesses and the Role of Trust
Read MoreAligning enterprise strategy with the next era of federal AI oversight.
Europe’s €200 Billion AI Bet: What It Means for Global Privacy and Trust
Read MoreRedefining global trust through strategic AI investment at scale.
Ready to get started?
Our team of data privacy devotees would love to show you how Ethyca helps engineers deploy CCPA, GDPR, and LGPD privacy compliance deep into business systems. Let’s chat!
Speak with UsSign up to our Newsletter
Stay informed with the latest in privacy compliance. Get expert insights, updates on evolving regulations, and tips on automating data protection with Ethyca’s trusted solutions.
