Privacy by default and privacy by design

Privacy reloaded: A dieting plan for data-hungry practices

Privacy by default in practice: Built-in data protection
A friend of yours recommends this new app that should facilitate the planning of the annual meeting of your club for you and your colleagues. The app is a great help in coordinating the get-together, but a look at the settings concerns you. Why does the app want to make all updates and posts of your planning group public by default, so that other clubs can see them? And why is the default profile set to allow access to your camera when you don’t need it? You have to tediously click your way through all the settings pages to protect your data.

Privacy by default puts a stop to such practices: This principle obliges providers to establish data protection-friendly settings.

Privacy by default: Stopping the data-mining frenzy

Clicking through pages and pages of settings to finally reach a certain level of data protection in an app or on a website should be a thing of the past — with privacy by default. Privacy by default, or data protection by default, describes the principle of having privacy-friendly settings from the get-go: It obliges data-processing companies to provide their products and services with default settings that, for example, process as little of your personal data as possible. Standard settings in apps or in social networks that might, for instance, share your location with all of your friends or make your posts available on search engines contradict the idea of privacy by default. This idea is meant to allow for a minimum level of protection against unwanted data collection.

Privacy by design: Technical measures so that data protection is a standard feature

Data-processing companies should already consider data protection during the development of their products and services: This what privacy by design demands. So an app or a software should be build to allow privacy-friendly settings and technologies such as with settings such as allowing the pseudonymisation of your personal data. Together with the principle of privacy by default, these technical measures ensure that you won’t have to take of data protection issues after the fact, but that this protection exists from the start.

Using data protection as advantage: How privacy by default supports privacy-friendly companies

Because of the requirements for privacy by design and privacy by default, data protection should turn into a competitive advantage: Companies that have already committed to high data protection standards and have maybe even found new solutions for developing privacy-friendly offers receive a small boost. Companies whose default settings used to allow massive collection and storing of personal data might be obliged to adopt their settings. That’s how you as a consumer should have the option to choose between different privacy-friendly providers in the future.

The dictionary contains more details and has sources regarding privacy by default and privacy by design.