Since the introduction of the GDPR we have dealt with many aspects of the regulation. What has emerged as one of the most interesting areas for me to work on is Privacy by Design (or “Data Protection by Design and by Default,” in the language of the GDPR). The simple requirement to implement privacy from the very beginning of the development of a product finds us in interesting situations where we are asked to consult companies in their product design process. Our team has experience in product development, both from the business and technical side, and is therefore perfectly placed to assist as privacy experts in such a process, especially if it is about blockchain or other revolutionary technologies.
The shift from quick fixes to caring about privacy
It is a pleasure to work with the continuously growing pool of companies who see privacy and data protection as a real priority. Some companies are even seeking to leverage it as a competitive advantage as customers begin to see the value in data privacy and seek products and services while taking data protection into consideration.
These thoughts became the base for my latest presentation “Privacy by Design for Blockchain”, which I gave at both the DWF Blockchain Meetup in Berlin, “GDPR & Blockchain,” and at the Data Natives Conference 2018, also in Berlin.
In my research for these presentations, I discovered that much of the work done on Privacy by Design dates back to the mid-1990’s, when Dr. Ann Cavoukian, then Privacy Commissioner of Ontario, Canada developed the Seven Foundational Principles of Privacy by Design. Dr. Cavoukian has been leading great work in this area ever since, currently leading the Privacy by Design Centre of Excellence at Ryerson University.
Blockchain, GDPR and Privacy by Design primer
As I have been investigating how blockchain, GDPR, and the Seven Foundational Principles of Privacy by Design correlate—and could be interpreted as in compliance with Article 25 of the GDPR—I have written a primer on the matter. I plan to develop this document into a more in-depth work in the future, but I thought it would be worth sharing my initial thoughts here. I welcome all comments and suggestions through email, Twitter, or LinkedIn.
Silvan Jongerius is the CEO of TechGDPR.