Fourteen years after being introduced by a Canadian privacy commissioner, Privacy by Design (PbD) is about to become an international privacy standard for the protection of consumer products and services.
On Feb. 8, the International Organization for Standardization (ISO) will adopt PbD as ISO 31700.
The ISO is a network of 167 national standards bodies. It sets over 24,000 standards, including ISO 27001 for information security management systems, some of which organizations can be certified for compliance with after passing a review by auditing firms like Deloitte, KPMG, and PwC.
Initially, however, ISO 31700 will not be a conformance standard.
“It’s amazing that ISO is doing this,” said PbD creator Ann Cavoukian, now executive director of the Toronto-based Global Privacy and Security by Design Centre. “It’s huge.”
“We think it will be a major milestone in privacy.”
Unveiled in 2009, Privacy by Design is a set of principles that calls for privacy to be taken into account throughout an organization’s data management process.
Since then it has been adopted by the International Assembly of Privacy Commissioners and Data Protection Authorities, and incorporated in the European General Data Protection Regulation (GDPR). However, only organizations that hold data of European residents are obliged to follow the GDPR. In 2018, the ISO formed a group to start planning for the inclusion of PbD in its standards.
Adoption by the ISO “gives life to…
Canada, U.S. sign international guidelines for safe AI development
Eighteen countries, including Canada, the U.S. and the U.K., today agreed on recommended g…
Schrems II Judgment Day
The Court of Justice of the European Union (“CJEU“) issued its judgment today in …
