Privacy by design and privacy by default

Is there a difference between privacy by design and privacy by default?

The concepts of privacy by design and privacy by default are often mentioned in the same breath, but have different meanings. What the concepts have in common is that they are both explicitly mentioned in the Avg. This is also done in the same breath in the title of the relevant provision: ‘Data protection by design and by default settings’.

Are these notions relevant to me?

The Avg requires ‘data controllers’ to interpret these terms (for a more detailed explanation of the term ‘controller’, see our ten questions and answers about the Avg. From the point of view of the ICT supplier, the ‘processing manager’ is normally the customer.

However, these concepts will also have to penetrate the DNA of ICT suppliers. If only because customers are going to ask for it (whether or not forced by the risk of fines). In addition, it is much more expensive to implement privacy by design retroactively than to take this into account when developing products and services.

What is privacy by design?

The literal translation of privacy by design is: data protection by design. The idea is to enforce a careful handling of personal data at an early stage, both technically and organisationally. It means that privacy must be taken into account as early as the development of products and services. ICT products and services in particular involve the use of privacy-enhancing measures (also known as privacy enhancing technologies or PET) as early as the development process.

Different aspects play a role in this. For example, you may ask yourself whether it is really necessary for the product or service to process personal data or whether, for example, it is also possible to work with completely anonymised data. If personal data is going to be processed, it is important to think about the security of this data. This can be done, for example, by pseudonymisation (unlike anonymisation, the pseudonymised data are still seen as personal data), by encryption and with the help of access control.

Storage periods and facilitating the rights of data subjects are also important in order to operate in a privacy-proof manner. In addition, data minimization and privacy by default are parts of privacy by design. These terms are explained below.

Data minimization

An important part of privacy by design is data minimization. The draft must ensure that no more personal data are processed than is strictly necessary for the purpose of the processing.

Think, for example, of setting up an online ordering process. Asking for the address may be necessary in order to deliver a product. A date of birth is most likely not necessary for this. So don’t create a field where you ask for the date of birth, but consider whether this personal data is really necessary. If you do ask for the date of birth for marketing purposes, for example, this should not be a mandatory field and it should be clear what the consequences are of filling in the field or not.

Wat is privacy by default?

Privacy by default can be seen as part of privacy by design. Privacy by default requires that the default settings are always as privacy friendly as possible.

It must be ensured that personal data are never publicly visible by default. Perhaps the most telling example is a profile on social media. This may be public, but only if a user actively chooses to do so first. The social media application will have to shield the user profiles as much as possible in the default settings. This principle of blocking personal data applies to all ICT applications: from browser settings to a company application.

Compare it with newsletters; nowadays the Telecommunications Act requires an ‘opt-in’ for newsletters; you have to actively sign up for a newsletter and it may not be checked by default. The same applies to privacy: it should be as high as possible by default and you should let people actively choose to share their data more widely.

How do I make this transparent within my organization?

To be able to explain the concepts of privacy by design and privacy by default at a glance within your own organization, you could for example use the Privacy by Design Framework. This tool was developed by Privacy Company and made possible in part by the SIDN Fund. By going through the diagram, you will get an idea of how your organization can give substance to privacy by design.