Beyond the technical measures required for organizations to comply with data protection regulations, there are further legal aspects that must be understood. In this, legal professionals must work closely with technical professionals to ensure that legal mandates are translated into actionable items. In this chapter, we introduce important legal concepts related to the process of privacy compliance, many of which are rooted in today's most prominent privacy regulations.
Privacy by Design was created as a framework to encourage the proactive integration of privacy principles in the design of IT systems. Essentially, Privacy by Design promotes the idea that with proper considerations regarding privacy in the design and implementation of systems, privacy is cared for by default, reducing the need for post hoc technical measures down the road. Here, we introduce the seven primary principles of Privacy by Design, as well as demonstrate how prominent Privacy-Enhancing Technologies directly support these tenets.