Ask HN: What does Privacy by Design exactly mean? - albi_lander
======
detaro
It's a framework of ideas, so the "exactly" is hard to pin down if you're
asking about how to do it. At the core, the idea that Privacy (like security
and many other concerns) should be considered from the first steps of a
product instead of being retrofitted after the design process. The latter
leads to questions like "How can we make practice X more secure/more
private?", when the better answer might be "X isn't a good idea, how can we
achieve the same goal differently"

I quite liked Heather Burn's article fro Smashing about it:
[https://www.smashingmagazine.com/2017/07/privacy-by-
design-f...](https://www.smashingmagazine.com/2017/07/privacy-by-design-
framework/) (written in the context of GDPR)

~~~
albi_lander
Thanks for the reference. I'm wondering how this principle may be applied in
the field of AI where user data is often an essential asset. In particular,
what are the AI companies that can legitimately claim to be private by design?

------
lewisflude
To me, it means that the thing being designed is private in a way that can not
be meddled with.

I.e. encrypted messages, that a company couldn't give to the government even
if they wanted to.

In practical terms, this might look like building a system where you purposely
don't store or give the ability to access personal content, instead relying on
systems that are either local (i.e. not online), encrypted or otherwise fully
obfuscated.

