Privacy by design: 7 principles
Privacy is a fundamental aspect of the digital product design process. From internet-connected applications to e-commerce and forms, data collection happens all the time.
Users are already used to this situation and generally tolerate these practices. On the other hand, more experienced users take measures, incorporating tools such as Tor or different VPNs into their daily lives to protect their identities and data online.
Despite increased awareness of this issue thanks to the efforts of the European Union with the GDPR or California with the CCPA, most users browsing the Internet or interacting with their favourite applications do not know how their data is being used, nor do they know what the true cost of a free service is to them.
User privacy-centred design
When it comes to creating secure digital products, privacy must be present throughout the design process.
The privacy of a digital product will be weak, to say the least, if privacy is considered after the design of the product, or if privacy is only considered as a feature rather than a fundamental part of it.
There are various reasons, whether ethical, economic, or legal, to follow the rules necessary to protect users’ privacy. As we have already mentioned, in Europe there is the General Data Protection Regulation (also known by its acronym GDPR), which monitors what companies and individuals can do with the data of European citizens. This has been followed by the recent California Consumer Privacy Act or CCPA, which has points in common with the previous one, being the first step in this direction in the US.
This infographic by iubenda shows quite clearly the differences between one and the other, forcing us to work on privacy as a basic part of the user experience in any digital product.
Digital channels are increasingly becoming the main point of contact between companies and customers, so transparency in data processing and respect for users’ privacy are essential aspects for building trust in a brand. By emphasising data protection, the foundations of this trust will be established.
So where should we start? What are the ways to design with users’ privacy in mind?
Privacy by Design
In short, this approach states that privacy should be built into its design by default, that it should minimise the personal data it collects, keep it secure and destroy it when it is no longer needed, and be transparent with users about why data is requested and what happens to it after it is used.
The Privacy by Design framework is based on seven principles that seek to proactively incorporate privacy into the product design process.
The seven principles of Privacy by Design are:
- Proactive, not reactive; preventive, not corrective.
- Privacy as default
- Privacy integrated into the design
- Full functionality
- End-to-end security
- Visibility and transparency
- Respect for user privacy
But let’s take a look at them one by one.
Proactive, not reactive; preventive, not corrective
This principle anticipates and prevents privacy violations before they actually occur. Because privacy has been built into the product, security becomes a priority from the very beginning of the design process, especially considering the potential fines we may face in case of information leaks.
Privacy as default
This principle ensures that personal data is automatically protected in any system or business practice. Individuals do not have to protect their own privacy because the system is designed to be secure.
If individuals want to take measures to protect their own data, they can do so; but by making privacy a default condition of the system, they do not need to take these measures.
Privacy integrated into the design
This principle states that if we incorporate privacy directly into the design, the system will work better, given that the following steps (development, analysis) will already take it into account and will not ignore its principles.
Dr. Ann Cavoukian, author of the Privacy by Design framework, points out that: “Privacy must be integral to the system, without diminishing functionality”.
Making the user experience worse for the sake of privacy is not an option. Privacy must be integrated holistically and creatively.
Privacy by design seeks to accommodate the interests and objectives of a product in a win-win approach, avoiding an unnecessary trade-off perspective.
This principle avoids the pretension of false dichotomies, such as privacy versus security, by demonstrating that it is possible to have both, thus generating greater confidence in the user feeling protected.
Privacy by design considers end-to-end security. This means that information is safe and secure when it enters the system, is securely retained, and then appropriately destroyed.
Visibility and transparency
By allowing users and other stakeholders to know how information moves through your system, your system improves. Being transparent about the level of security a system provides builds trust and holds your organisation accountable for the data it collects.
Respect for user privacy
This principle establishes user privacy as a primary concern. In other words, we have to think that the risk of information leakage is always high, with a real risk of users’ private data falling into the wrong hands. In general terms, a system should be optimised for its users and all their needs.
To sum up, we insist that these principles must be integrated as soon as possible, not only because of the many benefits associated with them (robustness, trust) but also because of the cost: incorporating them into an existing product not only consumes human and economic resources but can also destroy the relationship of trust with users.
This article is a translation of the following one published on our corporate website: