Privacy By Design
Privacy By Design is a key concept in the study of modern data privacy. It’s incorporated into the text of the GDPR as a core principle, and its influence is considerable across a number of data privacy laws worldwide.
Privacy By Design is a key concept in the study of modern data privacy.
It’s incorporated into the text of the GDPR as a core principle, and its influence is considerable across a number of data privacy laws worldwide. The key figure in Privacy By Design’s development was Dr. Ann Cavoukian, Information and Privacy Commissioner for Ontario from 1997-2014.
In the foreword of Cavoukian’s groundbreaking work, former FTC Commissioner Pamela Jones Harbour stated:
“There must be some balance between regulation and innovation. One way to achieve that harmony is to embed privacy features from the beginning, starting with the design specifications of new technologies, i.e., Privacy by Design.”
If you’re interested, you can read Cavoukian’s full Privacy By Design White Paper here. The concept is based on seven “foundational principles.” Any organization must carefully consider each one in order to fully incorporate Privacy By Design.
- Proactive not reactive
- Privacy as the default setting
- Privacy embedded into design
- Full functionality – positive-sum, not zero-sum
- End-to-end security – full life-cycle protection
- Visibility and transparency – keep it open
- Respect for user privacy – keep it user-centric
There’s a great Medium explainer on what each of these terms means here.
Some GDPR commentators have expressed a wish that Privacy By Design contained more actionable specifics and less vague principles. They might have an argument, but it remains a key concept for data privacy regulators all over the world.
Ethyca Team
Ethyca’s Second P.x Session: From 0 to Full DSR Automation in 15 Minutes
Read MoreEthyca hosted its second P.x session with the Fides Slack Community earlier this week. Our Senior Software Engineer Thomas La Piana gave a live walkthrough of the open-source privacy engineering platform, Fides 2.0. He demonstrated how users can easily deploy Fides and go from 0 to full DSR automation in less than 15 minutes. If you weren’t able to attend, here are the three main points addressed during the session.
Consent Management in Fides 2.0
Read MoreIntroducing consent management in Fides 2.0. With the coming state privacy laws in 2023, your business needs to have granular control over users’ data and their consent preferences. Learn more about how Fides can enable this for your business, for free.
Key Points From Ethyca’s First P.x Session
Read MoreEthyca launched its privacy engineering meetup, P.x, where Fides Slack Community members met and interacted with the Fides developer team. Two of our Senior Software Engineers, Dawn and Steve, gave presentations and demos on the importance of data minimization, and how Fides can make data minimization easier for teams. Here, we’ll recap the three main points of discussion.
Seen And Heard At SOUPS 2022
Read MoreWe enjoyed two great days of security and privacy talks at this year’s Symposium on Usable Privacy and Security, aka SOUPS Conference! Presenters from all over the world spoke both in-person and virtually on the latest findings in privacy and security research.
How Do Software Engineers Feel About Data Privacy?
Read MoreAt Ethyca, we believe that software engineers are becoming major privacy stakeholders, but do they feel the same way? To answer this question, we went out and asked 337 software engineers what they think about the state of contemporary privacy… and how they would improve it.
Convenience Is Not The End-Goal Of Privacy Legislation—In The UK Or Anywhere
Read MoreThe UK’s new Data Reform Bill is set to ease data privacy compliance burdens on businesses to enable convenience and spark innovation in the country. We explain why convenience should not be the end result of a country’s privacy legislation.
Ready to get started?
Our team of data privacy devotees would love to show you how Ethyca helps engineers deploy CCPA, GDPR, and LGPD privacy compliance deep into business systems. Let’s chat!
Get a Demo