A GDPR principle (Article 25) requiring data protection to be integrated into the design of products, services, systems, and processes from the outset, rather than retrofitted after development. It includes privacy by default, which mandates that the most privacy-protective settings apply without user intervention.
In practice
What is Privacy by Design
Privacy by Design (PbD) is a framework developed by Dr. Ann Cavoukian in the 1990s and codified as a legal obligation under Article 25 of the GDPR. It requires data controllers to implement appropriate technical and organisational measures — such as data minimisation and pseudonymisation — both at the time of determining the means of processing and at the time of the processing itself.
The seven foundational principles
- Proactive not reactive: anticipate and prevent privacy risks before they occur
- Privacy as the default setting: without any user action, the most protective configuration must apply
- Privacy embedded into design: privacy is an integral part of system architecture, not an add-on
- Full functionality (positive-sum): privacy and business objectives are not zero-sum trade-offs
- End-to-end security: data protection throughout the entire data lifecycle
- Visibility and transparency: processes must be verifiable and auditable
- Respect for user privacy: user interests are paramount
Legal obligations under Article 25
Article 25 GDPR creates a binding obligation for controllers to apply data protection by design and by default. This includes implementing measures proportionate to the nature, scope, context, and purposes of processing, as well as the risks to individuals. Regulators have begun enforcing this — companies that launch products without privacy considerations face both fines and orders to redesign.
Practical implementation
For development teams, PbD means conducting DPIAs before launching new features, applying data minimisation in forms and databases, implementing automatic retention schedules, using pseudonymisation and encryption, and documenting privacy-related design decisions. In agile environments, privacy reviews should be integrated into each sprint cycle.