Privacy by design: 7 principles

Photo by Lianhao Qu on Unsplash

User privacy-centred design

When it comes to creating secure digital products, privacy must be present throughout the design process.

Privacy by Design

Privacy by Design is a systems engineering approach developed by Ann Cavoukian towards the creation of new technologies and systems.

Photo by Jason Dent on Unsplash
  1. Privacy as default
  2. Privacy integrated into the design
  3. Full functionality
  4. End-to-end security
  5. Visibility and transparency
  6. Respect for user privacy

Proactive, not reactive; preventive, not corrective

This principle anticipates and prevents privacy violations before they actually occur. Because privacy has been built into the product, security becomes a priority from the very beginning of the design process, especially considering the potential fines we may face in case of information leaks.

Privacy as default

This principle ensures that personal data is automatically protected in any system or business practice. Individuals do not have to protect their own privacy because the system is designed to be secure.

Privacy integrated into the design

This principle states that if we incorporate privacy directly into the design, the system will work better, given that the following steps (development, analysis) will already take it into account and will not ignore its principles.

Full functionality

Privacy by design seeks to accommodate the interests and objectives of a product in a win-win approach, avoiding an unnecessary trade-off perspective.

End-to-end security

Privacy by design considers end-to-end security. This means that information is safe and secure when it enters the system, is securely retained, and then appropriately destroyed.

Visibility and transparency

By allowing users and other stakeholders to know how information moves through your system, your system improves. Being transparent about the level of security a system provides builds trust and holds your organisation accountable for the data it collects.

Respect for user privacy

This principle establishes user privacy as a primary concern. In other words, we have to think that the risk of information leakage is always high, with a real risk of users’ private data falling into the wrong hands. In general terms, a system should be optimised for its users and all their needs.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Torresburriel Estudio

Torresburriel Estudio

User Experience & User Research agency focused on services and digital products. Proud member of @UXalliance