What does privacy by design mean?

In recent years, there seems to be a growing interest in privacy and safeguarding it. More and more consumers are also concerned with the privacy issue. They visit Privacy Cafes and install adblockers and anti tracking tools. More and more organizations are wondering how to better protect our privacy in the digital age.

Privacy by Design

Privacy by Design means that privacy must be considered as early as the development of products and services. Several aspects come into play. For example, you might ask yourself whether it is really necessary for the product or service to process certain sensitive personal data. So collecting data because you can is not privacy by design.

Whenever you develop a product or service, you have to ask yourself, in terms of privacy, what the product should and should not do, what data will be processed in it, and whether you can achieve the purpose of processing in other ways. Achieve as much as possible with as little (sensitive) data as possible. Every aspect of your service or product should be privacy-friendly

For example, you might ask yourself whether it is really necessary for the product or service to ask for date of birth, gender or address information. Perhaps it would be possible to work with completely anonymized data. You collect data only if it is necessary for the operation of the app, or if it enriches the user experience.

Design my privacy

In the book Design my Privacy, Tijmen Schep describes 8 privacy (by design) principles

Principle 1: Privacy first
In the early stages of a project, think about how to handle privacy and data. (See Privacy by Default)

Principle 2: Think mischievously
By thinking from the perspective of the potential abuser already during the design phase, you can anticipate abuse to some extent .

Principle 3: Collect as little data as possible
The more information you collect, the more attractive you become to criminals who can leak, resell or otherwise misuse the data. In the process, there is significant potential for PR damage. Companies are even going under .

Principle 4: Protect your data
The first question every designer should ask is: is it essential to keep this data in the cloud (someone else’s computer) .

Principle 5: Understand identity
Allowing multiple identities is not just a way to protect minorities; everyone benefits from systems that allow complex forms.

Principle 6: Open the Black Box
Give your user insight into what a smart system is doing, who or what it is communicating with, and how to turn it off.

Principle 7: Make the user designer
Ease of use and simplicity are nice, but we should also always challenge users to keep learning and discovering more about what is possible, making them co-designers of their smart environment.

Principle 8: Technology is not neutral
There seems to be room for professionals: designers who specialize in ethical issues surrounding data and privacy. They could well have a golden future.

Privacy by Default

Another phrase you may encounter when talking about privacy by design is Privacy by default. This means that the default settingsof a product or service are as privacy-friendly-as possible. Perhaps the most telling example is a profile on social media, which may be public, but only if a user first actively chooses to do so himself. The same is true for apps. For example, some apps collect technical data to improve the app. There is nothing wrong with that in itself, but give the user a choice beforehand whether they want to share this kind of data.