General Data Protection Regulation (GDPR) Article 25: Data Protection by Design and Default – The full text of the three points covered under Article 25 of the General Data Protection Regulation (GDPR) which discusses Data Protection by Design and By Default.

Professor Solove’s Blog Posts and Interviews

Daniel J. Solove, What is Privacy? – In this blog post, Professor Daniel Solove examines the question “What is privacy?” He believes that this is a central question to answer, because a conception of privacy underpins every attempt to address it and protect it.

Daniel J. Solove, Privacy by Design: 4 Key Points – In this post, Professor Solove adds four points to the Privacy by Design discussion, points that he hopes emphasize the importance of understanding Privacy by Design as well as respecting how challenging it can be.

Daniel J. Solove, Strategic Privacy by Design: An Interview with Jason Cronk – In this blog post, Professor Daniel Solove interviews R. Jason Cronk about his views about privacy by design and his approach to it. Cronk is the author of the book Strategic Privacy by Design and has been working in the fields of privacy and information security since 2004.

Daniel J. Solove, Should Privacy Law Regulate Technological Design? An Interview with Woodrow Hartzog – In this post, Daniel Solove conducts a short interview with Professor Woodrow Hartzog. They just scratch the surface of the many great issues Hartzog tackles in his book, Privacy’s Blueprint: The Battle to Control the Design of New Technologies (Harvard Univ. Press 2018), which examines a very important and controversial topic: Should privacy law regulate technological design?

Daniel J. Solove, Privacy by Design with Passion and Pizazz: A Review of The Privacy Engineer’s Manifesto – In this post, Professor Solove shares his reflections about The Privacy Engineer’s Manifesto, a book by Michelle Finneran Dennedy, Jonathan Fox, and Thomas Finneran.

Daniel J. Solove, Cartoon About Connected Devices – This cartoon by Daniel Solove depicts the potential future of the Internet of Things.

Training Courses

privacy by design courses

Privacy by Design – This 15-minute privacy awareness training course will be helpful to engineers and designers of programs, software, websites, and other products or services that could implicate privacy. The course is also useful for the entire privacy compliance team. The privacy training course provides a roadmap and framework to help people spot privacy issues and understand their implications.

Vignette – The Rude Refrigerator – This Privacy by Design training vignette contains a video (~4 minutes) that demonstrates in a humorous way why it is essential to consider privacy issues when designing products and services. The video explains the types of issues that can arise and the importance of addressing them early on in the design process.

Vignette – The App from Hell – This vignette, a video (~2 minutes), demonstrates the importance of privacy when designing apps (or other products or services). Far too often, apps are not designed with privacy in mind, and people install apps without considering the privacy implications.


Privacy by Design Books

JC Cannon, Privacy in Technology: Standards and Practices for Engineers and Security 

Ann Cavoukian, Privacy by Design: Take the Challenge

R. Jason Cronk, Strategic Privacy by Design

Michelle Finneran Dennedy, Jonathan Fox, & Thomas Finneran, The Privacy Engineer’s Manifesto

Woodrow Hartzog, Privacy’s Blueprint: The Battle to Control the Design of New Technologies

Scholarly Articles

Julie E. Cohen, Turning Privacy Inside Out

Woodrow Hartzog & Frederic D. Stutzman, Obscurity by Design

Deirdre K. Mulligan &  Jennifer King, Bridging the Gap between Privacy and Design

Ira Rubinstein, Regulating Privacy by Design

Ira Rubinstein & Nathan Good, Privacy by Design: A Counterfactual Analysis of Google and Facebook Privacy Incidents

Ari Ezra Waldman, Designing Without Privacy

Ari Ezra Waldman, A Statistical Analysis of Privacy Policy Design

Other Writings and Resources

Ann Cavoukian, Privacy by Design: The 7 Foundational Principles

European Commission, What Does Data Protection ‘By Design’ and ‘By Default’ Mean?

European Data Protection Supervisor, Opinion 5/2018, Preliminary Opinion on Privacy By Design 

MITRE, Privacy Engineering

FTC, Protecting Consumer Privacy in an Era of Rapid Change

ICO, Data Protection by Design and Default

Divider 02

About Professor Solove and TeachPrivacy

Daniel Solove Data Security Training Professor Daniel J. Solove is a law professor at George Washington University Law School and the leading expert on privacy and data security law. He has taught privacy law every year since 2000, has published 10 books and more than 50 articles, including the leading textbook on information privacy law and a short guidebook on the subject. His LinkedIn blog has more than 1 million followers. Click here for more information about Professor Solove.

TeachPrivacy provides HIPAA training, privacy awareness training, information security awareness training, phishing training, FERPA training, PCI training, as well as training on many other privacy and security topics.  TeachPrivacy was founded by Professor Solove, who is deeply involved in the creation of all training programs because he believes that training works best when made by subject-matter experts and by people with extensive teaching experience.

Divider 02

Please Contact Us If You Are Interested In
Privacy or Security Training

We can provide you with a login so you can evaluate the programs. Click here for our catalog.

    First Name

    Last Name




    Phone No.


    Please tell us about your training needs

    Professor Solove’s newsletter covers his latest writings, events, and training. It is sent weekly.
    You can unsubscribe at any time. Click to see a sample issue.
    Would you be interested in subscribing?
    YesNoAlready Subscribed