tietosuojabydesign

Privacy by design, sometimes referred to in Finnish contexts as tietosuoja by design or tietosuojaby design, is a design philosophy and engineering approach that seeks to embed privacy into the development and operation of information systems from the outset. The concept emphasizes proactive protection, rather than reactive measures, and argues that privacy should be the default setting for products, services, and processes. It has its origins in the work of privacy advocate Ann Cavoukian and has since been incorporated into European data protection thinking, including the GDPR principle of data protection by design and by default (Article 25).

Core ideas of privacy by design include embedding privacy into the entire system lifecycle, applying data minimization

In practice, privacy by design relies on technical and organizational measures such as data minimization, pseudonymization