Privacy-by-design principles: Getting it right from the start

To efficiently cater to their customers, businesses routinely collect various forms of personal data. Fifty years ago, when companies kept such data in filing cabinets, questions around privacy weren’t complex. However, in today’s Digital Age where personal data can be sent across thousands of miles in a matter of seconds, privacy is a much more pertinent issue than before.

Privacy-by-design is a concept that was first popularized in the 1990s by Ontario’s then information and privacy commissioner, Ann Cavoukian. By 2012, the U.S. Federal Trade Commission started to refer to it as a best practice for privacy. It’s now a key pillar of the EU’s landmark General Data Protection Regulation (GDPR).

Privacy-by-design simply means embedding privacy principles in the building and design of a business, website, application, product, or tool. Whichever way you look at it, ensuring that any capture and use of customer data is done with mutual consent is a good thing for the business in the long-term. Every organization should, therefore, strive to apply privacy-by-design principles.

Ann Cavoukian posited that privacy-by-design must be underpinned by the following seven principles.

1. Proactive and preventive versus reactive and remedial

Privacy-by-design principles are inherently proactive and preventative. It means anticipating privacy challenges beforehand. It implies creating the procedural and technical framework needed to prevent violations before they can occur. Businesses must apply privacy-by-design with an appreciation of the value they can derive from adopting strong privacy practices consistently and early.

There must be unequivocal commitment to privacy from the very top of the organization. That sets the tone for the rest of the employees. This commitment should exceed the requirements set out in regulations such as the GDPR. The privacy framework should include a means of recognizing weak designs, anticipating poor practices, and correcting negative impacts.

2. Privacy by default


Privacy shouldn’t be an afterthought that organizations take into consideration once they have perfected everything else. Instead, privacy considerations must be in place by default and automatically. That way, even where a user doesn’t make any explicit decisions about the privacy of their data, the enterprise applies privacy-by-design principles unless the users themselves specify otherwise.

For this to happen, the reason for the collection, use, retention, disclosure, and destruction of personal data must be made clear from the outset. Businesses should only capture the personal data they need. Organizations must configure their systems to keep data collection at the minimum. Where they have to collect data, they have to make it, as much as possible, unidentifiable, unobservable, and unlinkable.

3. Embedded privacy

Enterprises must integrate privacy into the design and development of technology systems, business procedures, and organization practices. That ensures privacy is a core component of the product’s, process’, or system’s functionality. They must embed privacy in a way that considers the broader context, ropes in all key stakeholders, and re-engineers all existing choices to ensure privacy compliance.

A principle approach to privacy that leverages frameworks and standards and is subject to external audits and reviews ought to be adopted. Conduct detailed assessments that detail the privacy risks and document the measures taken to contain the risks. The privacy strength of the technology, procedures, and policies shouldn’t be easily degraded through error, misconfiguration, or use.

4. Full functionality

Implementing privacy-by-design principles shouldn’t be part of a trade-off. It’s possible to deliver the full spectrum of a product’s capabilities and still have a robust privacy policy in place. You don’t have to compromise on operational and security capabilities in order to satisfy privacy requirements. You must see privacy as something that relays positive benefit for the business as opposed to being an impediment to effective operations. Of course, some innovation and creativity will be needed in certain cases to ensure that all privacy interests and desired functions are simultaneously satisfied.

5. Lifecycle protection

With privacy embedded in the entire organization’s systems and processes before the first piece of personal data is collected, privacy protection must also be extended throughout the life of the data. Establishing strong privacy measures at the start is meaningless if the data will not be subjected to a similar degree of protection up to its retirement and destruction.

There should be no room for privacy gaps from start to finish. For consistency, organizations should assign responsibility for a data set’s protection to a specific individual or department.

6. Privacy practices are applied and seen to be applied

All stakeholders must rest in the knowledge that the organization is doing everything in accordance with the commitments it has made in its privacy policy documents. This should be open to external verification.

It doesn’t serve any organization’s interest to adhere to privacy-by-design principles but not demonstrate that it does so. Perceptions matter and so just complying with privacy standards alone isn’t enough. Regulators and users shouldn’t just trust that you are doing the right thing. Rather, they must have a means of verifying the same.

7. Keeping the user at the center


Businesses exist to make a profit. So, it’s easy for entrepreneurs and business managers to get too caught up in chasing the bottom line as to forget who should be at the center of a privacy policy — the user. Yet, by centering the needs of their users and customers, enterprises will, in fact, be playing to and bolstering their own long-term interests.

After all, the personal data in the business’ possession belongs to the product user. The user has by far the highest vested interest in the privacy of their information. Businesses will be more effective in curtailing data abuse and misuse if they give users the power to decide how their data is used.

Privacy-by-design principles are good for business

Whereas the average organization knows and understands the reasons and merits of privacy, many have been less than enthusiastic about implementing privacy-by-design. It’s largely a result of the perception that privacy requirements can be an impediment to creative freedom.

On the contrary, though, a failure to apply and enforce privacy-by-design principles exposes the business to a wide range of risks including data breaches, regulatory censure, lawsuits, and loss of reputation.

Featured image: Pixabay

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top