ANN CAVOUKIAN, PH.D.

Information & Privacy Commissioner, Ontario, Canada

PURPOSE:

This document provides readers with additional information, clarification and guidance on applying the 7 Foundational Principles of Privacy by Design (PbD).

This guidance is intended to serve as a reference framework and may be used for developing more detailed criteria for application and audit/verification purposes.

SCOPE:

These information management principles − and the philosophy and methodology they express − can apply to specific technologies, business operations, physical architectures and networked infrastructure, and even to entire information ecosystems and governance models.

The universal principles of the Fair Information Practices (FIPs) are affirmed by those of Privacy by Design, but go beyond them to seek the highest global standard possible. Extending beyond FIPs, PbD represents a significant “raising” of the bar in the area of privacy protection.

CONTEXT:

With the shift from industrial manufacturing to knowledge creation and service delivery, the value of information and the need to manage it responsibly have grown dramatically. At the same time, rapid innovation, global competition and increasing system complexity present profound challenges for informational privacy.

While we would like to enjoy the benefits of innovation − new conveniences and efficiencies ...