Since General Law of Data Protection It came into effect and began applying sanctions, and much has been heard about it. There is worldwide concern about the data privacy landscape and about ways to protect data subjects from potential leaks.

According to a Mastercard study, 99% of Brazilians consider data privacy very important.

However, according to a consultancy firm, the German company Roland Berger, Brazil was the 5th country most affected by cybercrimes in 2021., accounting for more cases in the first quarter alone than the entire year of 2020, with 9,1 million occurrences.

There is no magic formula that solves all possible problems related to privacyHowever, complying with the law is already half the battle.

The Privacy by Design guidelines can be very helpful in this process. Learn how.

What is Privacy by Design?

The concept of "Privacy by Design"It emerged in the 90s, by the specialist in..." data privacyAccording to Canadian Ph.D. Ann Cavoukian, and in short, it means prioritizing privacy issues from the project's inception.

The concept has become essential in matters related to LGPD and GDPR.

According to Yasodara Córdova, Principal Privacy Researcher at unico: In practice, the principles of Privacy by Design can be applied to the entire information ecosystem, including specific technologies, business operations, physical architectures, and network infrastructures. The business must adopt a proactive stance, incorporate privacy into the design, ensure full functionality, end-to-end security, visibility and transparency, and ultimately, respect the user. The concept has already given rise to a new technology industry, PrivacyTech, a market expected to grow by more than 40% by 2028, according to Fortune Business Insight.

Privacy by Design has 7 basic principles, whose objective is: To guarantee users control over the privacy of their data through best practices that are followed from the project's inception, including compliance with the regulations of each country.

The 7 basic principles of Privacy by Design are:

• Proactive, not reactive; preventive, not corrective.

The goal of this principle is to anticipate problems and deliver solutions, in order to prevent them from happening.

• Privacy as a rule.

Privacy as a priority from the project design stage.

• Privacy built into the design.

This refers to the idea that the user has a way to change the default settings and the possibility to choose whether or not to provide their data. being able to use the service regardless of his decision.

• Full functionality.

According to this principle, the product or service must be fully usable, regardless of the privacy settings the user chooses. There should be no additional benefit of any kind if the user decides to provide their data.

• End-to-end security.

It means that, when it exists user consent When collecting any data, the security of its processing must be prioritized, from collection to its complete deletion.

• Visibility and transparency.

The company must provide transparency in how it handles its data, demonstrating consistency between what it says it does and what it actually does. All information must be accessible for both public consultation and audits.

• Respect for user privacy.

This principle refers to guaranteeing the user privacy securityEnsuring the user's right to confidentiality, integrity, and availability of data and information, from collection to deletion.

Brazilian Privacy Landscape

Companies that are just starting their projects in the design phase can and should use Privacy by Design methodologies from the outset. Although it's not yet part of how Brazilian companies have been seeking compliance, it's worth highlighting that companies with... focus on data protection and their customers' privacy, in addition to having a higher level of accuracy regarding the LGPD (Brazilian General Data Protection Law), possess a strong competitive advantage in the market.

“Privacy and security are now part of any business, beyond just a legal obligation. Those who don't seek knowledge and innovation in this area will gradually be replaced. Large companies are already researching and developing technologies for greater user privacy. Furthermore, a silent revolution is underway, driven by startups, the Privacy Techs, which are developing cutting-edge privacy solutions and offering them to large companies.” Yasodara concludes.