The International Organization for Standardization (ISO) will adopt Privacy By Design (PbD) as ISO 31700.
The International Organization for Standardization (ISO) will adopt Privacy By Design (PbD) as ISO 31700. In 2018, the ISO formed the group, consumer protection: privacy by design for consumer goods and services, to start planning for the inclusion of PbD in its standards.
Privacy by Design is a set of principles that calls for privacy to be taken into account throughout an organization, encompassing IT systems, accountable business practices and physical design and networked infrastructure.
The 7 foundational principles are:
1. Proactive not Reactive; Preventative not Remedial
2. Privacy as the Default Setting
3. Privacy Embedded into Design
4. Full Functionality — Positive-Sum, not Zero-Sum
5. End-to-End Security — Full Lifecycle Protection
6. Visibility and Transparency — Keep it Open
7. Respect for User Privacy — Keep it User-Centric
The final ISO 31700 standard is more detailed, providing high-level requirements for ensuring consumer privacy is embedded into the design of a product or service, offering protection throughout the whole life cycle.
Two publications covering the high level requirements and use cases are scheduled to be published on January 31, 2023.
Comments