What is "Privacy by Design," and what are its core ideas?
Privacy by Design (PbD) means building privacy into systems proactively and by default, from the very start — rather than bolting protections on after the fact.
* Cavoukian's seven foundational principles — equal pillars (the wedges are equal by design, not proportional). *
The framework was developed by Ann Cavoukian and since the GDPR took effect (2018) has been legally anchored in GDPR Art. 25 as "data protection by design and by default."
Selected foundational principles:
| Principle | Meaning |
|---|---|
| Proactive, not reactive | Anticipate and prevent privacy harms before they happen |
| Privacy as the default setting | The user gets maximum privacy without having to act |
| Privacy embedded into design | A core feature of the system, not an add-on |
| End-to-end security | Protect data across its full lifecycle, collection to deletion |
| Full functionality | Reject false "privacy vs. usability" trade-offs — aim for both |
Why "by default" matters most: if the privacy-protective option requires the user to dig through settings, most people never will. PbD flips the default so the safe choice is the automatic one — e.g., a new account starting fully private rather than fully public.
Tip: PbD is the architectural counterpart to legal rules — it makes privacy violations hard to commit by construction, not just forbidden on paper. Data minimization (collect only what you need) is its most practical expression.
Go deeper:
Privacy by design (Wikipedia) — Cavoukian's seven principles and the GDPR Art. 25 anchoring.
GDPR Art. 25 — Data protection by design and by default — the text that made PbD binding.