Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

International: ISO publishes 31700-1 and 31700-2 standards on consumer protection and Privacy by Design for consumer goods and services

The International Standards Organization ('ISO') published, on 31 January 2023, its standards ISO 31700-1:2023 and ISO/TR 31700-2:2023 on consumer protection and Privacy by Design for consumer goods and services, after approval of the project in 2019. In particular, ISO 31700-1 provides high level requirements for Privacy by Design to protect privacy throughout the lifecycle of a consumer product, including data processed by the consumer. In this regard, ISO explains that ISO 31700-1 does not contain specific requirements for the privacy assurances and commitments that organisations can offer consumers, nor does it specify particular methodologies that an organisation can adopt to design and implement privacy controls, or the technology that can be used to operate such controls.

Accordingly, ISO 31700-2 provides illustrative use cases, with associated analysis, chosen to assist in understanding the requirements of the ISO 31700-1. Furthermore, ISO explained that the intended audience includes engineers and practitioners who are involved in the development, implementation, or operation of digitally enabled consumer goods and services. In addition, according to its introduction, ISO 31700-2 is grounded in a consumer-focused approach, in which consumer privacy rights and preferences are placed at the heart of product development and operation, with use cases specifically for online retailing, a fitness company, and smart locks to help identify, clarify, and organise system requirements related to a set of goals, by illustrating a series of possible sequences of interactions between stakeholders and systems in a particular ecosystem.

Lastly, ISO 31700-1 defines Privacy by Design as design methodologies in which privacy is considered and integrated into the initial design stage and throughout the complete lifecycle of products, processes or services that involve processing of personally identifiable information, including product retirement and the eventual deletion of any associated personally identifiable information.

You can access ISO 31700-1 here, and its preview here, and ISO 31700-2 here, and its preview here.