Privacy by Default
Data protection by default is the principle according to which an organisation (the data controller) ensures that only data strictly necessary for each specific purpose of the processing are processed by default (without the intervention of the user). To ensure that this key principle of the General Data Protection Regulation is applied in practice, the EDPS will issue guidance documents.
With this Opinion, issued pursuant to Article 42(1) of Regulation (EU) 2018/1725, the EDPS puts forward recommendations aiming at minimizing the impact of a Commission’s legislative proposal amending Directive 2011/16/EU on administrative cooperation in the field of taxation on the fundamental right to privacy and to the protection of personal data of individuals. These recommendations are intended to ensure compliance with the applicable data protection legal framework, while avoiding jeopardizing the efficacy and efficiency of the administrative action on the fight against tax evasion.
Formal Comments of the EDPS on the Proposal for a Regulation amending Council Regulation (EC) No 1224/2009, and amending Council Regulations (EC) No 768/2005, (EC) No 1967/2006, (EC) No 1005/2008, and Regulation (EU) No 2016/1139 of the European Parliament and of the Council as regards fisheries controls.
EDPS Preliminary Opinion on Privacy by Design.
Speech by Giovanni Buttarelli on privacy by design and privacy engineering given at the 11th International Computers, Privacy and Data Protection Conference (CPDP), Brussels, Belgium