Data protection by design and default: what is it all about?

Data protection by design means that companies and organisations should take privacy into account when designing, implementing and operating any technology which processes personal data. Prior to the GDPR, the burden was on the user to take privacy protecting measures within a given product or a service; by changing the default settings, opting out, or turning on access controls, for example on location data. The GDPR privacy by design and by default principle requires that privacy standards are built into the technology and offered to the user by default. The GDPR shifts the burden of implementing privacy protecting measures from the user on to the company or organisation.

Leave a Reply