prSRPS EN 17529:2026

Data protection and privacy by design and by default

Scope

The scope of the proposed work item is to revise EN 17529:2022 'Data Protection and Privacy by Design and by Default' and to align it with the latest developments in ISO/IEC standards. The revision would also incorporate additional high-level requirements for privacy and data protection by design and by default and ensure that all relevant requirements of the GDPR are accurately reflected. The revised standard would provide a more comprehensive and up-to-date framework to assist organizations in complying with their data protection and privacy by design and by default requirements under the GDPR and other data protection laws. Additionally, the revised standard is expected to serve as the basis for the development of a specific GDPR Certification Scheme in accordance with art.25 (3) of the GDPR, in line with the European Data Protection Board guidelines.
During the revision of the EN 17529, it will be ensured that the mandate is preserved and that the technical reports are being developed in a consistent manner with this revision.

Related directives

NOTE: If the word "harmonized" (marked in green) is not found in the field with the name of the directive, it means that the European standard is not cited in the OJEU.