Data protection by design and by default

06.06.2022
Alternate Text

To ensure that privacy and personal data protection are taken into account early on in the development of products and services, newly developed EN 17529 ‘Data protection and privacy by design and by default’ provides manufacturers and service providers with requirements before, or independently of, any specific application integration.

EN 17529 was developed in response to a request from the European Commission and is a perfect example of how European standards can be developed to complement international adoptions to address European values. Under this same mandate, there are also two Technical Reports that are currently being finalised which contain recommendations on how to integrate the principle of ‘data protection and privacy by design’ during the entire lifecycle of biometric access-control products and services, in order to achieve ‘data protection and privacy by default’.

EN 17529 was developed by CEN-CLC/JTC 13 ‘Cybersecurity and Data Protection’. JTC 13 is currently working on more standards to address similar issues, notably through its Working Group 5 ‘Data Protection, Privacy and Identity Management’.

This standard can be purchased from our e-shop.