From Privacy by Design to Data Protection by Design - The Challenges of Turning Good Practice into a Legal Obligation

This course aims to explore the challenges of transitioning from Privacy by Design to Data Protection by Design as a legal obligation under the GDPR. The learning outcomes include understanding the requirements for implementing data protection principles effectively, integrating necessary safeguards, and assessing data processing operations for compliance. The course covers topics such as the GDPR's impact on the entire data processing life cycle, the role of privacy engineers in developing new technologies, and the tools and methods available to address these challenges. The intended audience includes privacy engineers, controllers processing personal data, supervisory authorities, courts, and regulatory actors involved in data protection compliance. The teaching method involves lectures, discussions on tools and instruments like design patterns and checklists, and exploring the GDPR's implications on technology and organizational contexts.