Privacy by Design.

November 21, 2022

Privacy & Security.

min read

Privacy by design is a concept developed by Dr. Ann Cavoukian in the 1990s, collaborating with data regulation authorities across the globe. She built this framework around the idea compliance with regulation alone can not assure that privacy; it should ideally become an organization’s default mode of operation. Privacy by design is all about giving people control over their information, & about organizations becoming accountable. When I build my clients’ sites, as well as my own, I follow the seven foundational principles of privacy by design. 

Proactive not reactive; preventive not remedial.

It’s all about identifying and anticipating risks, rather than trying to find solutions when problems have already happened. This approach is all about acting before-the-fact & preventing privacy breaches from taking place. 

Privacy as the default.

Within this framework privacy is the default setting throughout the system. What this means is that you, as a visitor, don’t have to take any action for your privacy to be safeguarded.

Privacy embedded into design.

Privacy is an integral part of the design process, not an addon or an afterthought. It is an essential component of a site’s functionality and of an organization’s business practices. 

Full functionality – positive sum not zero sum.

It is possible to create a win-win scenario where privacy and other legitimate interests and goals are fulfilled. The framework looks to dismantle the old way of thinking with false dichotomies that pin privacy against other goals like security or user experience.

End-to-end security – full life cycle protection.

Information is securely collected, securely retained, and securely destroyed. Every step of the process has been designed in a deliberate way to keep information safe. 

Visibility & transparency – keep it open. 

Making all information about privacy and protection available to all stakeholders, being open, honest and transparent about the process.

Respect for user privacy.

Keeping the systems user-centric empowers people to decide about their information and make choices in an user friendly way.

Written by

Maria Arango-Kure

Org. Nr. SE8710239727-01


+46 (0) 76 183 4310

Lundmarksgatan 31, 57831.

Aneby, Jönköping, Sweden.

Last Revised

July 23, 2023