Privacy by Design Certification

Privacy by Design Certification* is being offered by the Privacy by Design Centre for Excellence at Ryerson University. Developed to advance the operationalization of Privacy by Design, this certification is an important step for companies and organization who are working to embed Privacy by Design into their everyday processes. 

Harnessing the institutional assessment expertise of an independent consulting firm, products and services which have attained Ryerson’s Privacy by Design Certification can be assured they are meeting the highest standards of a globally recognized privacy standard. 

Organizations that display the Certification Shield will be able to demonstrate to consumers that they have withstood the scrutiny of a rigorous third party assessment, assuring the public that their product or service reflects the viewpoint of today’s privacy conscious consumer. 

The basis for Ryerson’s Privacy by Design Certification are the 7 Foundational Principles of Privacy by Design. Created by Dr. Ann Cavoukian, Privacy by Design is a framework that seeks to proactively embed privacy into the design specifications of information technologies, networked infrastructure and business practices, thereby achieving the strongest protection possible.

Dr. Ann Cavoukian is recognized as one of the world’s leading privacy experts.  She is presently the Distinguished Expert-in-Residence, leading the Privacy by Design Centre of Excellence at Ryerson University.

Privacy by Design Certification

Commit to Privacy, Publicly

Our Brochure outlines the key features of our Privacy by Design Certification program, and may be used to promote Privacy by Design and Privacy by Design Certification within your organization.

Assessment Control Framework

The Assessment Framework represents the heart of Privacy by Design Certification. The Framework maps internationally recognized privacy principles, regulations, and industry best practices. The illustrative controls provide examples that an organization can build towards.

Overview of Privacy by Design Certification
Application form
Program Use and License Agreement
Program Requirements
*Privacy by Design Certification is being offered by the Privacy by Design Centre of Excellence at Ryerson University and applies to businesses or organizations seeking to certify a product or service.It is not affiliated with the Chang School of Continuing Education, which independently offers the course "Privacy by Design: The Global Framework". For more information on this offering, please visit the Chang School's website at Privacy by Design Certification is not affiliated with the Information and Privacy Commissioner of Ontario, nor signifies compliance with Ontario privacy laws.

How does Privacy by Design Certification work?

The Privacy by Design Certification process begins when your organization submits a Privacy by Design application which can be found word filehere. The Privacy by Design Centre of Excellence reviews your application, afterword your information is forwarded to Deloitte our assessment partner, to begin the assessment process.
We have partnered with Deloitte Canada to provide assessment services for the Privacy by Design Certification. Assessment services will be carried out under a separate agreement between your organization and Deloitte. Deloitte will scrutinize the product(s), services(s) and/or offering(s) being certified, conduct interviews, and examine operational processes. Deloitte will then issue a report based on the assessment methodology and scorecard technique developed exclusively for Privacy by Design Certification which examines the organization’s adherence to Privacy by Design. The criteria are based on the 7 Foundational Principles of Privacy by Design:

1. Proactive not Reactive; Preventative not Remedial
2. Privacy as the Default Setting
3. Privacy Embedded into Design
4. Full Functionality – Positive-Sum, not Zero-Sum
5. End-to-End Security – Full Lifecycle Protection
6. Visibility and Transparency – Keep it Open
7. Respect for User Privacy – Keep it User-Centric
Upon completion of the assessment, Deloitte’s report will be forwarded to both your organization and the Privacy by Design Centre of Excellence for review. After examining the report, Ryerson's Privacy by Design Centre of Excellence will issue a decision as to whether certification will be granted. Successful applicants will be granted the use of our Certification Shield on any material related to your certified products, services or offerings and will be listed on our website so that customers can indepdently validate your certification.

Successful applicants who have been granted the use of our Certification Shield will demonstrate to the public and consumers alike their commitment to privacy. Our shield is a validation of an organization’s privacy framework, showing that an organization is well-equipped to meet the needs of today’s privacy conscious consumer.
Certifications are valid for a three year period, but must be renewed annually. We will remind you well in advance of your anniversary period with all the details on how to keep your certification current.
An important part of renewing your certification is an attestation form in which your organization attests that there has been no change which would affect your certification.
When Ryerson is satisfied with your attestation and upon payment of the renewal fee, your Privacy by Design Certification is renewed for another year.

Congratulations to the Organizations that have been awarded
Privacy by Design Certification