Privacy by design

The principle of data protection by design is also known as “privacy by design”. It stipulates that manufacturers observe data protection laws from the development and design of products, services and applications and to ensure that data controllers can meet their data protection obligations.

For data controllers, the General Data Protection Regulation requires privacy by design, taking into account the current state of the art and implementation costs. The General Data Protection Regulation does not specify technical measures to be taken to adhere to privacy by design demands. Pseudonymisation is mentioned as one way to store less personal data. However, it remains to be seen how providers will meet the requirement for data protection by design in practice.

See also Privacy by default

Article 25 GDPR (Data protection by design and by default)

1. Taking into account the state of the art, the cost of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for rights and freedoms of natural persons posed by the processing, the controller shall, both at the time of the determination of the means for processing and at the time of the processing itself, implement appropriate technical and organisational measures, such as pseudonymisation, which are designed to implement data-protection principles, such as data minimisation, in an effective manner and to integrate the necessary safeguards into the processing in order to meet the requirements of this Regulation and protect the rights of data subjects.


3. An approved certification mechanism pursuant to Article 42 may be used as an element to demonstrate compliance with the requirements set out in paragraphs 1 and 2 of this Article.

Source: Regulation (EU) 2016/679 (see also recital 78)

Go to article