The 7 Foundational Principles of Privacy by Design
Privacy by Design is a concept Dr. Ann Cavoukian developed back in the 90’s, to address the ever-growing and systemic effects of Information and Communication Technologies, and of large-scale networked data systems.
In October 2010, regulators at the International Conference of Data Protection Authorities and Privacy Commissioners unanimously passed a Resolution recognizing Privacy by Design as an essential component of fundamental privacy protection. Since then, Privacy by Design has developed a global presence and has been translated into 37 languages.
Privacy by Design advances the view that the future of privacy cannot be assured solely by compliance with regulatory frameworks; rather, privacy assurance must ideally become an organization’s default mode of operation.
Initially, deploying Privacy-Enhancing Technologies (PETs) was seen as the solution. Then, we realized that a more substantial approach is required — extending the use of PETs to a complete Privacy by Design framework. Replacing the existing zero-sum model of either/or with a doubly-enabling positive-sum (win/win) paradigm will be essential.
Privacy by Design extends to a trilogy of encompassing applications:
- IT systems;
- accountable business practices; and
- networked infrastructure.
Principles of Privacy by Design may be applied to all types of personal information, but should be applied with special vigour to sensitive data such as medical information and financial data. The strength of the privacy measures implemented tends to be commensurate with the sensitivity of the data.
The objectives of Privacy by Design — ensuring strong privacy and gaining personal control over one’s information, and, for organizations, gaining a sustainable competitive advantage — may be accomplished by practicing the PDF file7 Foundational Principles, which are intended to serve as the foundation of one’s privacy practices.