§ 57 BlnDSG
Data Protection by Design and by Default
(1)The controller shall, both at the time of the determination of the means for processing and at the time of the processing itself, take appropriate measures that are suitable for effectively implementing data protection principles and that ensure compliance with legal requirements and protection of the rights of data subjects. The controller shall take into account the state of the art, the cost of implementation, the nature, scope, context and purposes of the processing, and the varying likelihood and severity of the risks to the rights of data subjects associated with the processing. In particular, the processing of personal data and the selection and design of data processing systems shall be guided by the objective of processing as little personal data as possible (data minimisation). Personal data shall be anonymised or pseudonymised at the earliest possible point, insofar as this is possible in view of the purpose of the processing.
(2)The controller shall take appropriate technical and organisational measures to ensure that, by default, only such personal data can be processed as are necessary for the specific processing purpose. This relates to the amount of data collected, the extent of their processing, their storage period and their accessibility. The measures must in particular ensure that the data are not, by default, made accessible automatically to an indefinite number of persons. zur Einzelansicht § 57