The International Organization for Standardization (ISO) has announced that it will adopt “Privacy by design”-or data protection by design-as the ISO 31700 standard on February 7, 2023.
Compliance assessment
Initially, ISO 31700 will not be a standard that can be used to certify compliance with the requirements of this principle, as it will merely contain guidelines on the matter.
Compliance assessment is the demonstration that specific requirements are met. A requirement is defined as an ‘expression, in the content of a document, that conveys objectively verifiable criteria to be met and from which no deviation is permitted if conformity with the document is to be claimed.’ ISO international standards that do not contain requirements (i.e., do not contain the verbal expression ‘shall’) are not intended to be used for conformity assessment. ISO international standards are voluntary; they do not replace national laws to which users are considered to be in compliance which prevail.
Regarding certifications under the GDPR and their legal value see below.