{"id":2611,"date":"2022-10-25T11:43:00","date_gmt":"2022-10-25T17:43:00","guid":{"rendered":"https:\/\/trustarc.com\/?post_type=resource&p=2611"},"modified":"2024-10-10T13:19:59","modified_gmt":"2024-10-10T19:19:59","slug":"7-privacy-by-design-guidelines","status":"publish","type":"resource","link":"https:\/\/trustarc.com\/resource\/7-privacy-by-design-guidelines\/","title":{"rendered":"7 Priceless Privacy by Design Guidelines"},"content":{"rendered":"\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t\tArticles<\/strong>\n\t\t\t\t\t\t\t\t\t\t

7 Priceless Privacy by Design Guidelines<\/h1>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\n\n\t
\n\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\"\"\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\tAnnie Greenley-Giudici<\/strong>\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/span>\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

The concept of privacy by design was first introduced by the Canadian Privacy Commissioner\u00a0Ann Cavoukian<\/a>\u00a0as early as the 1990s. Since then, the importance of privacy by design in business has only increased.<\/p>\n

Lately, companies of all sizes are in the news because of data privacy violations. As a result, these brands often suffer reputation damage, even if the news got it wrong.<\/p>\n

Assuming most companies are not intentionally doing things wrong, what is happening?<\/strong><\/p>\n

The data privacy landscape is changing<\/h2>\n

A combination of governmental, media, and academic pressure is changing the way privacy is monitored by the community at large.<\/p>\n

There are now experts that are proactively looking for violations and using the mainstream media to get their message out quickly in a way to evoke change. It is no longer the average consumer you must consider in your risk calculation.<\/p>\n

So what is needed to achieve privacy by design? TrustArc has been helping companies to do it since 1997.<\/p>\n

Seven principles to incorporate privacy by design into your product design process<\/h2>\n

1. Proactive approach<\/h3>\n

Consider privacy at the design stage by examining how much information you are collecting and assessing whether you are collecting more information than what\u2019s necessary to achieve your business goals.<\/p>\n

Incorporating data privacy at the design stage will reap benefits down the road in terms of earning the trust of your consumers, and potentially keeping your company from incurring the unexpected costs associated with not taking privacy into account.<\/p>\n

Ringleader was a company with a promising future but didn\u2019t take data privacy into account at the design stage.\u00a0They were forced to shut down<\/a>\u00a0because they didn\u2019t incorporate privacy into their, otherwise very promising, MediaStamp advertising tech.<\/p>\n

2. Transparency<\/h3>\n

Be clear with consumers about your practices. Explain your information and collection processes in an easy to understand notice.<\/p>\n

Most companies typically do this through a\u00a0privacy policy<\/strong>\u00a0explaining what information you collect, how it is used, and to what third parties information is disclosed.<\/p>\n

The privacy policy should be easy to find.\u00a0<\/strong>Make it accessible where information is requested such as on an order form. And it should be formatted so it\u2019s easy to read on any device.<\/p>\n

For example, if the consumer is accessing your policy through a mobile app, the policy should be optimized for viewing through a mobile device.<\/p>\n

3. Control<\/h3>\n

Provide consumers mechanisms to express their preferences about how their information is used, and how to access that information to correct, updated, and\/or delete it.<\/p>\n

Examples of some of the types of controls you can provide to consumers:<\/strong><\/p>\n