Privacy and personal data protection are essential in our current society as our offline and digital experiences are increasingly entwined. To ensure that these essential values are taken into account early on in the development of products and services, newly developed EN 17529 ‘Data protection and privacy by design and by default’ provides manufacturers and service providers with requirements before, or independently of, any specific application integration.
EN 17529 was developed in response to a request from the European Commission and is a perfect example of how European standards can be developed to complement international adoptions to address European values. Under this same mandate, there are also two Technical Reports that are currently being finalised which contain recommendations on how to integrate the principle of ‘data protection and privacy by design’ during the entire lifecycle of biometric access-control products and services, in order to achieve ‘data protection and privacy by default’.
EN 17529 was developed by CEN-CLC/JTC 13 ‘Cybersecurity and Data Protection’, the Secretariat of which is currently held by DIN. JTC 13 is currently working on more standards to address similar issues, notably through its Working Group 5 ‘Data Protection, Privacy and Identity Management’.
Lucia LANFRI
llanfri@cencenelec.eu