Privacy by design, essential in data protection, combines innovation and security from design. This article explores its seven principles, the impact on the GDPR, and practical strategies for a successful implementation.

Constant progress in the field of information technologies and the growing complexity of systems have revealed important threats to privacy. The main question is then: how to make innovation and protection of personal data cohabit? Privacy by Design is trying to respond by approaching innovation from the point of view of design.

In this article, we will explain to you what Privacy by Design is, what are its fundamentals and how to put it in place.

What is Privacy by Design?

The approach of Privacy by Design allows companies to proactively manage and avoid risks related to privacy. To this end, taking into account Privacy by Design from the design of a system, a service, a product or a process, then throughout its life cycle, obliges the company to think of questions relating to the protection of privacy.

Organizations must therefore Integrate appropriate technical and organizational measuresdepending on the nature of data processing. These measures are designed to identify the risk of infringement of people's privacy and mitigate them, as well as to implement the principles of data protection and protect the rights of the persons concerned.

The setting for Privacy by Design requires that protective measures are integrated into the operational phase of all activities and all treatments. This is in opposition to certain practices aimed at acting after an incident or a violation of personal data. That thus guarantees the protection of privacy Throughout the life cycle of a project or a system.

In order to successfully implement the “Privacy by Design” approach, companies must at least guarantee the following measures:

  • Proceed to a risk assessment in terms of privacy protection.
  • Ensure appropriate controls, such as pseudonymization and the encryptiondepending on the nature of personal data and risks for people's rights.
  • Provide clear and complete information concerning the processing of personal dataand facilitate compliance with the rights of people and allow them to control the processing of their data.
  • Minimize processing of personal data And ensure that the harvesting and processing of these data are done only on the basis of authorized legitimate reasons.
  • Implement internal and strict external access restrictions in accordance with the applicable laws on privacy protection.

The 7 Principles of Privacy by Design

The original Privacy by Design model was developed by Anne Cavoukian, a Canadian specialist in privacy. This version of Privacy by Design revolves around the following seven principles:

  1. Proactivenot reactive; preventivenot corrective.
  2. Respect for privacy by default.
  3. Integrate Privacy in the design.
  4. Full functionality – positive sum rather than zero sum.
  5. End -to -end safety – Protection of the full life cycle.
  6. Visibility and transparency – Stay open.
  7. Respect the privacy of the user – Stay centered on him.

Let us now examine in more detail each principle of Privacy by Design with practical examples.

1 – Proactive, not reactive; preventive, not corrective

Better to prevent than cure. The taking into account of Privacy by Design means that it is necessary to anticipate and prevent the problems linked to the protection of privacy, and not solve them once they appeared.

Example : A company is developing a ticket booking application that provides notifications for concerts depending on the city where the customer is. The precise geolocation data harvest is particularly risky because it can reveal sensitive data on personal life.
This is why developers collect location data at the city level only and offer the user the possibility of entering its position manually. Data are deleted at each session, unless the user asks to remember his position.

2 – Confidentiality as a default parameter

You must always start from the principle that the Internet user does not want you to collect or use his data. By default, a product or service must only process personal data if necessary to provide the requested service.

Example : A training monitoring application works in two modes: private – where training history and results are only visible by the Internet user – and public – where the rankings show which are the best racing times on popular routes.
=> This application must operate in default private mode, public mode being available for users who wish.

3 – Integrate the protection of privacy in the design

This point must be at the heart of each system, not added afterwards. It must be part of the discussions throughout the development cycle, from planning to maintenance.

Example : A company is planning a local administration project aimed at analyzing the number of cars that cross the key areas of a city. From the start, the company must think about how to minimize the impact of the project on privacy.
For example, can the company distinguish individual cars without identifying drivers? How can the company inform the public of the data it collects? Can it depend on data once it is collected? When and how does it delete the data?

4 – Complete functionality – positive sum, no null sum

The philosophy of Privacy by Design considers the protection of privacy as a win-win process. A company must seek to take advantage of the protection of privacy to deliver its finished product, and not expect compromise between the protection of privacy and the ease of use.

Example : A company uses marketing cookies on its website, which forces it to obtain the consent of Internet users most of the time.
The site has an intrusive pop-up window that prevents users from accessing the page if they do not accept cookies. Applying the principle of “full functionality”, the company replaced the pop-up with a non-intrusive cookie banner offering users the possibility of freely choosing.
Everyone wins: while the proportion of users accepting cookies decreases, the total number of users increases, because more people visit the fully functional and remain there website.

5 – end -to -end safety – full life cycle protection

This fifth principle consists in ensuring the securing of personal data from collection to their deletion, and at each intermediate stage.

Example : A used clothing marketplace allows users to send messages. This marketplace should consider preventing users from seeing unnecessary information on each other, to secure its payment process, to encrypt personal messages, to store personal data safely, etc.

6 – Visibility and transparency – Stay open

Be honest and open to your data processing practices. Transparency makes it possible to establish confidence. If you are afraid of frightening your users, ask yourself if you use their personal data in a fair and ethical way.

Example : A banking app requests the date of birth of its customers for legitimate security and knowledge of the customer. The bank sets up a small text next to the web form, explaining why the bank needs this data and how they will be used.

7 – Respect for privacy – Stay centered on the user

Privacy by design means that the privacy and other user rights must always be kept in mind. When you assess the need to collect or use personal data, approach the question from the user's point of view.

Example : A productivity application allows Internet users to block the sites that waste time. The supplier wishes to understand its user base by analyzing the sites that everyone is blocking. The marketing team claims that the collection of this data will benefit them in the long term by helping to attract investments.
However, the collection of these data is useless from the point of view of the Internet user and would go against the reasonable expectations of many of them. The company should therefore consider other approaches to better understand its user base, or at least deactivate this default feature.

Privacy by design as part of the GDPR

The RGPD version on Privacy by Design is to take “technical and organizational measures”: these are safeguarding measures, policies and techniques designed to protect privacy and other rights of people.

In accordance with the GDPR, you must implement appropriate technical and organizational measures:

  • when it comes to deciding how to process personal data, and
  • when processing this data.

These technical and organizational measures must:

  • effectively implement the data protection principles of the GDPR, and
  • Integrate all the guarantees necessary to comply with all the relevant aspects of the GDPR.

To decide the technical and organizational measures to be implemented, you must take into account the following factors:

  1. The current level of technical development.
  2. The cost of their implementation.
  3. Nature, scope, context and purposes of processing (it may be the types of data collected, quantity, number of users and your relationship with them).
  4. The risks for the “rights and freedoms” of individuals (including intimacy, freedom of expression and any other relevant right), both in terms of probability that risks occur, and the severity of the consequences in the event of risks.

Are you not sure of your compliance in GDPR? The webdesign Churchill, specialist in creating RGPD-Compliant sites, supports you on this subject!