Privacy by Design

Die 7 Grundprinzipien von Privacy by Design in einer Grafik dargestellt.
Privacy by Design beschreibt einen umfassenden Prozess, um Technologien zu entwerfen, die die Privatsphäre der Nutzer schützen.

Privacy by Design: The 7 Foundational Principles

Privacy by Design (PbD) describes a design concept for creating technologies in a way to protect the privacy of users. The European Data Protection Regulation (EU-GDPR) demands PbD for all technologies that process personal identifiable information (GDPR Article 25), has greatly increased the interest in the topic.

The idea behind Privacy by Design has been discussed in privacy community since the 1970s. However, the terms were primarily coined by Ann Cavoukian in her publication "Privacy by Design: The 7 Foundational Principles" from 2009 (Cavoukian, Privacy by Design, 2009):

1. Proactive not Reactive; Preventative not Remedial

The Privacy by Design (PbD) approach is characterized by proactive rather than reactive measures.  It anticipates and prevents privacy invasive events before they happen. PbD does not wait for privacy risks to materialize, nor does it offer remedies for resolving privacy infractions once they have occurred - it aims to prevent them from occurring. In short, Privacy by Design comes before-the-fact, not after.

2. Privacy as the Default Setting 

We can all be certain of one thing — the default rules! Privacy by Design seeks to deliver the maximum degree of privacy by ensuring that personal data are automatically protected in any given IT system or business practice. If an individual does nothing, their privacy still remains intact. No action is required on the part of the individual to protect their privacy — it is built into the system, by default.

3. Privacy Embedded into Design 

Privacy by Design is embedded into the design and architecture of IT systems and business practices.  It is not bolted on as an add-on, after the fact. The result is that privacy becomes an essential component of the core functionality being delivered.  Privacy is integral to the system, without diminishing functionality. 

4. Full Functionality - Positive-Sum, not Zero-Sum

Privacy by Design seeks to accommodate all legitimate interests and objectives in a positive-sum “win-win” manner, not through a dated, zero-sum approach, where unnecessary trade-offs are made. Privacy by Design avoids the pretense of false dichotomies, such as privacy vs. security, demonstrating that it is possible to have both.

5. End-to-End Security - Full Lifecycle Protection

Privacy by Design, having been embedded into the system prior to the first element of information being collected, extends securely throughout the entire lifecycle of the data involved — strong security measures are essential to privacy, from start to finish. This ensures that all data are securely retained, and then securely destroyed at the end of the process, in a timely fashion. Thus, Privacy by Design ensures cradle to grave, secure lifecycle management of information, end-to-end.

6. Visibility and Transparency - Keep it Open

Privacy by Design seeks to assure all stakeholders that whatever the business practice or technology involved, it is in fact, operating according to the stated promises and objectives, subject to independent verification.  Its component parts and operations remain visible and transparent, to users and providers alike. Remember, trust but verify.

7. Respect for User Privacy - Keep it User-Centric

Above all, Privacy by Design requires architects and operators to keep the interests of the individual uppermost by offering such measures as strong privacy defaults, appropriate notice, and empowering user-friendly options. Keep it user-centric.



Wurster, Simone; Kamara, Irene; Sveinsdottir, Thordis; Krempel, Erik: 

Certified video surveillance systems for more resilient urban societies. In: Fekete, Alexander (Ed.): Urban disaster resilience and security: Addressing risks in societies. Cham: Springer International Publishing, 2018, S.313-330.


Bretthauer, Sebastian; Krempel, Erik; Birnstill, Pascal:

Intelligente Videoüberwachung in Kranken- und Pflegeeinrichtungen von morgen: Eine Analyse der Bedingungen nach den Entwürfen der EU-Kommission und des EU-Parlaments für eine DS-GVO. In: Computer und Recht 31 (2015), Nr.4, S.239-264.


Bier, Christoph; Birnstill, Pascal; Krempel, Erik; Vagts, Hauke; Beyerer, Jürgen: 

Enhancing privacy by design from a developer's perspective. In: Preneel, Bart; European Network and Information Security Agency, Heraklion: Privacy technologies and policy. First Annual Privacy Forum: Limassol, Cyprus, October 10-11, 2012.


Department Interactive Analysis and Diagnosis of Fraunhofer IOSB

You want to learn more about our projects and products? Then visit the page of our department.