• 2BAdviceAilance
• 0 Comments
• 1608 Views

Privacy by design/by default

What does Privacy by design/by default?

The term "privacy by design" describes the principle of data protection by (technical) design. Taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the Processing and the varying probability of occurrence and severity of the risks associated with the Processing associated risks to the rights and freedoms of natural persons, the Responsible persons both at the time of determining the funds for the Processing as well as at the time of the actual Processing appropriate TOMs that are designed to effectively implement the principles of data protection and incorporate the necessary safeguards into the Processing to meet the requirements of the GDPR and to protect the rights of the data subjects (Art. 25 para. 1 GDPR).

The term "privacy by default", on the other hand, describes the principle of data protection by default. The Responsible persons pursuant to Art. 25 para. 2 GDPR suitable TOMs that ensure that by default only personal datawhose Processing for the respective specific purpose of the Processing is necessary. This obligation applies to the amount of personal data collected, the scope of its Processingtheir retention period and their accessibility. Such measures must in particular ensure that personal data cannot be made accessible to an indefinite number of natural persons by default without the intervention of the person.

Practical example

When developing a new app, privacy settings are set to privacy-friendly options by default, which follows the principle of 'Privacy by design/by default' corresponds.