Privacy by design is the principle that privacy protections should be built into systems from the beginning of their design — not added as an afterthought when problems emerge or regulations require it. In education technology, this principle matters enormously because the data being collected involves children, is sensitive in nature and has long-term implications.
The Seven Principles of Privacy by Design
The framework, developed by Ann Cavoukian, identifies seven foundational principles. Proactive not reactive: anticipate and prevent privacy invasions before they occur. Privacy as the default: require opt-in rather than opt-out; the most privacy-protective setting should be the default. Privacy embedded: privacy should be a core function, not an add-on. Full functionality: privacy and functionality are not zero-sum; both can be achieved. End-to-end security: data is protected throughout its lifecycle, from collection to deletion. Visibility and transparency: stakeholders can verify that privacy practices are what they claim to be. Respect for user privacy: design is centered on the interests of the individual.
What This Means in Practice for EdTech
For education technology vendors, privacy by design means: collecting only the data needed for the stated educational purpose (data minimization), not using student data for advertising or commercial profiling, providing schools with control over what data is collected and how it is used, making data deletion straightforward and complete, and documenting data practices in clear, non-technical language that educators can actually understand.
For School Procurement
Schools and districts can apply privacy-by-design criteria in vendor evaluation by asking: What data does this system collect by default? Can we reduce what is collected? What is the vendor's data retention schedule? Does the vendor's privacy policy allow student data to be used for non-educational purposes?
See the data privacy checklist and vendor privacy questions guide for structured evaluation tools.