The GDPR’s ‘Data Protection By Design and By Default’

The General Data Protection Regulation 2016/679 (‘GDPR’) has introduced the concept of ‘Data Protection by Design and by Default’ (‘DPbDD’) into the data protection framework.[1] ‘Privacy by Design’ is not a new concept; it was formulated by the Information and Privacy Commissioner of Ontario in the 1990’s and is based on seven foundational principles[2]. Whilst […]