. PbD states that relying on an after-the-fact regulatory framework that simply enforces privacy protection after a data breach or privacy infraction has taken place is too little, too late. It establishes a pro-active model of prevention, tasking businesses with enshrining pro-active privacy measures as their default organizational protocol by building them into their policies, procedures, design processes and products.
It is critical for this pro-active approach to be underscored by a commitment to visibility and transparency, with organizations providing insight to customers about what information is being collected, why, and for how long. Proving that you employ a user-centric approach to privacy will promote trust among your customers, and will reassure them that you are seeking to accommodate all legitimate interests and objectives while avoiding trade-offs and false dichotomies such as “privacy vs.