L3 - Development

To know more about this phase of the DPI life cycle, click here.

Click on any process listed below to learn about illustrative practices that can be implemented.

Process	Principle	Risk
F4.12 Ensure accountability through records controls	F4: Reinforce transparency and accountability	SV4 Technical shortcomings, RS4 Lack of recourse
F6.5 Implement optional features for user control over personal data	F6: Promote autonomy and agency	RI4 Disempowerment, RS1 Privacy vulnerability
O2.5 Implement rigorous testing protocols	O2: Evolve with evidence	SV4 Technical Shortcomings
O3.21 Establish mechanisms to ensure a right to opt-out whenever appropriate	O3: Ensure data privacy by design	RI4 Disempowerment, RS1 Privacy vulnerability
O3.4 Provide features to protect users against tracking and profiling	O3: Ensure data privacy by design	SV1 Digital distrust, RI4 Disempowerment
O4.4 Establish a trusted—unique, secure, and accurate—identity. Make more specific to this process	O4: Assure data security by design	SV1 Digital distrust, RI4 Disempowerment
O4.5 Implement data validation, completeness, and consistency checks	O4: Assure data security by design	RS2 Digital insecurity
O4.6 Use an established cybersecurity framework	O4: Assure data security by design	RS2 Digital insecurity
O5.3 Ensure digital presevation of records	O5: Ensure data protection during use	SV4 Technical shortcomings, RS2 Digital insecurity
O6.7 Ensure that DPI are linguistically appropriate for the whole population	O6: Respond to gender, ability or age	RI3 Exclusion, SV4 Technical shortcoming
O9.1 Ensure modularity and reusability across sectors, enabling evolution with society by unbundling DPI into core components (e.g., digital identity, payments, data sharing)	O9: Build and share open assets	SV4 Technical shortcomings