Written by Haim Ravia and Dotan Hammer
On February 8, 2023, the International Organization for Standardization (ISO) is expected to adopt “Privacy by Design” (PbD) as an international privacy standard for the protection of consumer products and services. The new standard will be numbered ISO 31700 and will have about 30 requirements spanning over 30 pages. Along with the high-level requirements of the standard, a supplementary document will outline possible use cases.
The standard will include instructions on designing capabilities through which data subjects can exercise their privacy rights and receive details on the privacy practices related to their information. It will also include instructions on conducting privacy impact reviews, dealing with information security incidents, and additional privacy controls.
The principles of Privacy by Design were first published in 2009 and had since been adopted by the International Assembly of Privacy Commissioners and Data Protection Authorities. Since 2018, they are incorporated the European Union’s GDPR.
Click here to read about the standard on the ISO website.