Document Actions

No section

"Privacy by Design": Nice-to-have or a Necessary Principle of Data Protection Law?

  1. David Krebs


Privacy by Design is a term that was coined in 1997 by the Canadian privacy expert and Commissioner for Ontario, Dr Ann Cavoukin, but one that has recently been receiving more attention in terms of its inclusion as a positive requirement into EU, US and Canadian data protection frameworks. This paper argues that the right to personal privacy is a fundamental right that deserves utmost protection by society and law. Taking privacy into consideration at the design stage of a system may today be an implicit requirement of Canadian federal and EU legislation, but any such mention is not sufficiently concrete to protect privacy rights with respect to contemporary technology. Effective privacy legislation ought to include an explicit privacy-by- design requirement, including mandating specific technological requirements for those technologies that have the most privacy-intrusive potential. This paper discusses three such applications and how privacy considerations were applied at the design stages. The recent proposal to amend the EU data protection framework includes an explicit privacy-by- design requirement and presents a viable benchmark that Canadian lawmakers would be well-advised to take into consideration.




Any party may pass on this Work by electronic means and make it available for download under the terms and conditions of the Digital Peer Publishing License. The text of the license may be accessed and retrieved at

Number of citations

Visit Google Scholar to find out, how often this paper is cited.

JIPITEC – Journal of Intellectual Property, Information Technology and E-Commerce Law
Article search
Extended article search
Subscribe to our newsletter
Follow Us