Privacy by Design
In many cases, organisations will not get a privacy expert involved in a project until the design has been completed and the organisation is ready to start developing the new product or service. In such cases, the privacy expert will assess the design for its compliance with relevant legislation after the development. This approach may end up unnecessarily costing your organisation time and money. By identifying potential privacy risks at the start of a project, you will be able to design your project correctly right from the start, thus preventing expensive adjustments at a later stage. Taking privacy protection into account at the design stage is called privacy by design.
Privacy by Design is considered a best practice these days. Starting from mid-2018, this best practice will become a legal requirement when the General Data Protection Regulation comes into force. Organisations, such as service providers, will then be required to incorporate privacy-friendly features into new products. If a company fails to do so, it may be subject to a considerable fine.
Privacy by Design: the benefits
Observing the privacy-by-design principle while designing your products or services, will not only cut the expenses associated with modifying a design at a later stage, but it will also prevent your organisation from being subjected to enforcement measures by the Dutch Data Protection Authority. Once the General Data Protection Regulation takes effect, the supervisory authority will be entitled to impose fines of up to €20 million or 4% of a company’s worldwide revenues per infraction.
What can Considerati do for you?
Considerati can provide you with legal advice from the design stage onwards, as well as carry out a privacy impact assessment which will identify the effects your product or service will have on people’s privacy. In this way, your organisation will obtain an understanding of the risks inherent in the early design and learn to prevent such risks from eventuating by redesigning the product in such a way that your organisation will satisfy the requirements of privacy by design and your service or product will satisfy the relevant legal requirements.
Want to know more?
Senior Legal Consultant