Abstract
Privacy by Design (PbD) is an approach to protect privacy by embedding it into the design specifications of technologies, business practices, and physical infrastructures. However, despite its many advantages, many organizations struggle with incorporating these practices in their existing software engineering processes. This paper evaluates the current state-of-the-art related to PbD in software engineering and analyzes the impact of the proposed European data protection legislation on this process. We propose four key viewpoints of PbD and discuss how these can be applied in a software engineering process. We then translate these viewpoints into a self-assessment method that can be used to evaluate to what degree an organization has managed to adopt the PbD mindset in their software engineering projects.