Course Release Date: June 4, 2021
D111- Privacy Design Strategies
Approximate Length – 15 Minutes
Intended Audience – Privacy Engineers and other Privacy Professionals, Security Engineers, Software Developers, Managers, Architects and Engineers.
NIST 800-53 rev 5 lists over a thousand security and privacy controls. Where to begin? Privacy by design mandates a strategic approach to mitigating privacy risks.
Professor Jaap-Henk Hoepman, of Radboud University, has identified eight privacy design strategies and an underlying 26 tactics to mitigate privacy and security risks. This lesson meticulously goes through each tactic with example of each.
- Hoepman Privacy Design Strategies
- Minimize: Exclude, Select, Strip, Destroy
- Separate: Isolate and Distribute
- Hide: Restrict, Obfuscate, Mix, and Dissociate
- Abstract: Group and Summarize
- Enforce: Create, Maintain, Uphold
- Demonstrate: Record, Audit, and Report
- Inform: Supply, Notify, Explain
- Control: Consent, Choose, Update, and Retract
Participants will learn the eight privacy design strategies:
- Four Technical Strategies: Minimize, Separate, Abstract, and Hide
- Four Process Oriented Strategies: Enforce, Demonstrate, Inform, and Control
Additional detail about the privacy notice design space for UI/UX developer in course U104.