The General Data Protection Regulation (EU) 2016/679, established data protection by design and by default (PbD) as a legal obligation that every data controller must comply with. Implementing this principle in practice may be a complicated task, given its generic nature and the difficulty of finding technological solutions that truly turn privacy into an integral part of companies' products and/or services.
It is a highly practical document that begins defining the foundational principles of PbD:
It continues explaining that the PbD must be seen as a comprehensive sum of risk approach and proactive accountability, and in addition to the security risks (confidentiality, integrity and availability), it adds three new protection objectives: i) unlinkability, ii) transparency and iii) intervenability.
- Proactive not Reactive; Preventative not Remedial
- Privacy as the Default
- Privacy Embedded into Design
- Full Functionality – Positive-Sum, not Zero-Sum
- End-to-End Security – Lifecycle Protection
- Visibility and Transparency
- Respect for User Privacy
These six protection objectives constitute an overall framework of protection in the processing of personal data and determine, as a result of an assessment of the risks involved, other non-functional attributes or requirements to be met by the system which become the gateways to privacy by design processes.
Following the results of the risk assessment, controllers must use privacy engineering which is the use of engineering knowledge and techniques to systematically address risks associated with planned and authorized functioning of systems that collect, use and disclose personal information. In order to better understand this concept, the guide explains what Privacy Design Strategies, Design Patterns and Privacy Enhancing Technologies are and includes an extensive list of different strategies for the practice.
Ensuring privacy and establishing a governance framework that guarantees the protection of personal data does not represent an obstacle to innovation. Quite the opposite, it offers advantages and opportunities for all participants (controllers, suppliers, product and application developers, device manufacturers and data subjects).