M/530 - Privacy Management

Abstract

[C(2015)102] Standardization request on privacy and personal data protection management in the design and development and in the production and service provision and process in the security technologies

General Information

Organization

CEN - CEN European Committee for Standardization

Resolution Reference

D148/029

Resolution Date

28-Oct-2014

Type Of Decision

(Dis-)Approval of mandate

Frequently Asked Questions

What is a European Standardization Mandate?

A European Standardization Mandate is a formal request from the European Commission to the European Standardization Organizations (CEN, CENELEC, and ETSI) to develop European standards (ENs) in support of EU legislation and policies. Mandates are issued under Regulation (EU) No 1025/2012 and help ensure that products and services meet the essential requirements set out in EU directives and regulations.

What does M/530 cover?

M/530 is a European Standardization Mandate titled "[C(2015)102] Standardization request on privacy and personal data protection management in the design and development and in the production and service provision and process in the security technologies". [C(2015)102] Standardization request on privacy and personal data protection management in the design and development and in the production and service provision and process in the security technologies There are 6 standards developed under this mandate.

How do mandates relate to harmonized standards?

Standards developed in response to a mandate and cited in the Official Journal of the European Union become "harmonized standards". Products manufactured in compliance with harmonized standards benefit from a presumption of conformity with the essential requirements of the corresponding EU directive or regulation, facilitating CE marking and market access across the European Economic Area.

Search Term

Standardization Organization

ICS

Technical Committee

Technical Committee Code

Directive

Project Code

Project Reference

Project Title

Project Scope

	Jan 2026
28	29	30	31	1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31
1	2	3	4	5	6	7

	Feb 2026
25	26	27	28	29	30	31
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
1	2	3	4	5	6	7

Publication Date

	Jan 2026
28	29	30	31	1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31
1	2	3	4	5	6	7

	Feb 2026
25	26	27	28	29	30	31
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
1	2	3	4	5	6	7

Withdrawal Date

	Jan 2026
28	29	30	31	1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31
1	2	3	4	5	6	7

	Feb 2026
25	26	27	28	29	30	31
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
1	2	3	4	5	6	7

Public Enquiry End Date

Page Size:

CEN

CEN/TR 18241:2025(Main)

Privacy management in products and services - Biometric access control products and services

SIST-TP CEN/TR 18241:2026

This document contains recommendations on how to integrate the principle of ‘data protection and privacy by design’
during the entire lifecycle of biometric access-control products and services, in order to achieve ‘data protection and
privacy by default’.
Biometric facial recognition for access control is covered by this document. Biometric facial recognition for surveillance is
covered by CEN/CLC/JTC 13 TR ‘Video surveillance’.
This document specifies recommendations for the management of data protection and privacy by design in biometricaccess-
control products and services. This document extends ISO/IEC 27552. This document applies to aspects of data
protection and privacy by design. This document is not applicable to non-biometric aspects of access control, or to aspects
not relating to data protection or privacy.

Draft
12 pages
English language
e-Library read for
AI-Chat
1 day

SIST

SIST-TP CEN/CLC/TR 17919:2023(Main)

Data protection and privacy by design and by default - Technical Report on applicability to the videosurveillance industry - State of the art

CEN/CLC/TR 17919:2023

This document contains recommendations on how to integrate the principle of ‘data protection and privacy by design’ during the entire lifecycle of video-surveillance products and services, in order to achieve ‘data protection and privacy by default’.

Technical report
15 pages
English language
e-Library read for
AI-Chat
1 day

CEN

CEN/CLC/TR 17919:2023(Main)

Data protection and privacy by design and by default - Technical Report on applicability to the video surveillance industry - State of the art

SIST-TP CEN/CLC/TR 17919:2023

Technical report
15 pages
English language
e-Library read for
AI-Chat
1 day

CEN

EN 17529:2022(Main)

Data protection and privacy by design and by default

SIST EN 17529:2022

This document provides requirements for manufacturers and/or service providers to implement Data protection and Privacy by Design and by Default (DPbDD) early in their development of their products and services, i.e. before (or independently of) any specific application integration, to make sure that they are as privacy ready as possible. The document will be applicable to all business sectors, including the security industry.

Standard
62 pages
English language
e-Library read for
AI-Chat
1 day

17-May-2022
29-Nov-2022
35.030
2016/679
95/46/EC
M/530
CEN/CLC/TC 13

SIST

SIST EN 17529:2022(Main)

Data protection and privacy by design and by default

EN 17529:2022

Standard
62 pages
English language
e-Library read for
AI-Chat
1 day

06-Sep-2020
16-Aug-2022
35.030
2016/679
95/46/EC
M/530
ITC

SIST

SIST-TP CEN/TR 18241:2026(Main)

Privacy management in products and services - Biometric access control products and services

CEN/TR 18241:2025

Draft
12 pages
English language
e-Library read for
AI-Chat
1 day

Page Size: