Guest Post: The Principles of Privacy by Design


Commissioner's Note: This guest post was authored by one of our Summer 2020 interns: Privacy Technology Analyst Kahlil Smythe. Kudos to Kahlil and thank you to the Department of Workforce Development for sponsoring his placement with PrivCom.


The seven principles of Privacy by Design are used to help educate stakeholders about potential data breaches and how they can be prevented. Privacy by Design can be applied to entire information technology systems. It is a method that consistently takes privacy into account during the engineering process. Each paragraph below will state and explain each of the seven principles of Privacy by Design (PbD).


“Proactive not Reactive; Preventative not Remedial” is the first principle. PbD comes into place before an incident or disaster happens, rather than waiting for a problem to occur. Immediately after being applied, PbD ensures consistent and strong privacy by: enforcing higher standards of privacy than some global laws and regulations, creating a commitment to a culture of continuous improvement, and giving the ability to recognize poor privacy designs and predic