Privacy by Design Review

What You'll Learn in Privacy by Design Review

• Evaluate product features against GDPR Article 25 requirements for data protection by design and by default
• Apply data minimization principles to reduce personal data collection to what is strictly necessary
• Identify privacy risks in system architecture before they become compliance liabilities in production
• Navigate tradeoffs between product functionality goals and privacy engineering constraints
• Recommend technical and organizational measures that satisfy both legal obligations and business objectives

Privacy by Design Review Training Steps

1. Introduction

   You are Alice, a Privacy Analyst at InnovateTech Labs. Your role is to review new features for GDPR compliance before they launch. Under Article 25 of GDPR, data protection must be built into systems from the design phase - not bolted on as an afterthought. This principle is called 'Privacy by Design.'

2. Feature Review Request

   You receive an email from the Product Manager requesting an urgent privacy review. The 'Customer Insights' feature is scheduled to launch next week, but it hasn't been reviewed for GDPR compliance yet. The email contains a link to the feature specification document.

3. Accessing the Product Portal

   You need to log into the Product Portal to review the feature specification. This portal contains all pending feature reviews and documentation.

4. Opening the Feature Spec

   The Feature Reviews queue shows one pending review - the Customer Insights feature. You need to open the specification document to assess its privacy compliance.

5. Data Collection Issue

   The feature specification reveals the first privacy issue: the feature collects GPS location and full device fingerprints. For a customer feedback feature, this data is excessive. GDPR's data minimization principle requires collecting only what is strictly necessary for the stated purpose.

6. Retention Problem

   The second issue is even more concerning: the specification states that collected data will be 'stored indefinitely for future analysis.' GDPR requires defined retention periods. Data cannot be kept forever without a lawful basis.

7. Default Settings Issue

   The third issue is a classic dark pattern: 'Share anonymized data with partners' is pre-checked by default. Under GDPR, privacy-protective settings must be the default. Pre-checked consent boxes do not constitute valid consent - users must take affirmative action to opt in.

8. Access Control Issue

   The final technical issue: the specification grants access to feedback data to 'All Customer Support teams across all regions.' This is far too broad. Under Privacy by Default, data should not be accessible to an indefinite number of people. Access should be limited to those who genuinely need it.

9. Additional Technical Issues

   You notice two more concerning items in the technical implementation section: 1. The analytics ID is directly linked to user accounts - no pseudonymization 2. There's no mention of user rights: no data export, no deletion capability These are fundamental GDPR requirements that cannot be retrofitted easily.

10. Filing the Privacy Review

    You've identified six major privacy issues that must be resolved before launch. Now you need to formally document these findings in a Privacy Impact Assessment form. This official review will be shared with the Product Manager and Engineering team.