Privacy by default is a design principle: systems should protect personal data automatically, without requiring users to opt in, understand complex settings, or notice that anything special is happening.
Privacy should be the baseline behavior of a system — not a feature you must enable, negotiate, or retrofit after something goes wrong.
This idea is not merely philosophical. It is formalized in law, most notably in the European Union’s General Data Protection Regulation (GDPR), which requires that data protection be built into systems by design and by default.
For broader context and ongoing work in this space, the following organizations publish clear, accessible material on digital rights and privacy:
The EFF, in particular, has spent decades defending privacy, free expression, and civil liberties in technology and law. If their work matters to you, consider supporting them directly.