Privacy by Design (PbD) is not a difficult concept.  Stated simply, it means including privacy protection as an intrinsic part of systems development projects from the earliest stages.  If privacy is the default state the risk of privacy breaches, along with their associated costs and compliance issues, is much reduced.

While the term was coined and the principles were formalized by Dr. Ann Cavoukian, when she was the Information and Privacy Commissioner for Ontario, the concept of embedding privacy into software applications has been around much longer.  It just isn't implemented in practice as much as it should be. Privacy issues are often an afterthought for developers, or seen as having been covered off by security features. But privacy is different from security, not least because it is subject to legislated requirements. Internet of Things (IoT) devices, web-enabled software, cloud services and networked systems will all benefit from the application of PbD. 

Seven foundational principles for PbD were stated by Dr. Cavoukian and her collaborators:

  1. Proactive not reactive; Preventative not remedial
  2. Privacy as the default setting
  3. Privacy embedded into design
  4. Full functionality – positive-sum, not zero-sum
  5. End-to-end security – full lifecycle protection
  6. Visibility and transparency – keep it open
  7. Respect for user privacy – keep it user-centric

Excela Associates can assist in implementing privacy by design for any project.  We can recommend PbD approaches for software applications, IoT projects, cloud computing services, database designs and other information technology projects.