Privacy by Design (PbD) is generally regarded as a synonym for Data Protection by Design. However, its use as a specific term was first outlined in a framework in the mid-1990s by then-Information and Privacy Commissioner of Ontario, Canada, Ann Cavoukian, with seven foundational principles.
- Data protection must be considered from the start of the design phase of system development.
- Companies must be able to show compliance with privacy considerations in system design and system access, e.g., collect and store only the minimum amount of personal data needed.
Privacy by Design – The 7 Foundational Principles
This document, authored by former Information and Privacy Commissioner of Ontario Ann Cavoukian, provides readers with additional information, clarification, and guidance on applying the seven foundational principles of privacy by design. This guidance is intended to serve as a reference framework and may be used for developing more detailed criteria for application and audit/verification purposes.