Data Privacy: A runbook for engineers
- Length: 384 pages
- Edition: 1
- Language: English
- Publisher: Manning
- Publication Date: 2022-02-08
- ISBN-10: 1617298999
- ISBN-13: 9781617298998
- Sales Rank: #439253 (See Top 100 Books)
Engineer privacy into your systems with these hands-on techniques for data governance, legal compliance, and surviving security audits.
In Data Privacy you will learn how to:
- Classify data based on privacy risk
- Build technical tools to catalog and discover data in your systems
- Share data with technical privacy controls to measure reidentification risk
- Implement technical privacy architectures to delete data
- Set up technical capabilities for data export to meet legal requirements like Data Subject Asset Requests (DSAR)
- Establish a technical privacy review process to help accelerate the legal Privacy Impact Assessment (PIA)
- Design a Consent Management Platform (CMP) to capture user consent
- Implement security tooling to help optimize privacy
- Build a holistic program that will get support and funding from the C-Level and board
Data Privacy teaches you to design, develop, and measure the effectiveness of privacy programs. You’ll learn from author Nishant Bhajaria, an industry-renowned expert who has overseen privacy at Google, Netflix, and Uber. The terminology and legal requirements of privacy are all explained in clear, jargon-free language. The book’s constant awareness of business requirements will help you balance trade-offs, and ensure your user’s privacy can be improved without spiraling time and resource costs.
About the technology
Data privacy is essential for any business. Data breaches, vague policies, and poor communication all erode a user’s trust in your applications. You may also face substantial legal consequences for failing to protect user data. Fortunately, there are clear practices and guidelines to keep your data secure and your users happy.
About the book
Data Privacy: A runbook for engineers teaches you how to navigate the trade-off s between strict data security and real world business needs. In this practical book, you’ll learn how to design and implement privacy programs that are easy to scale and automate. There’s no bureaucratic process—just workable solutions and smart repurposing of existing security tools to help set and achieve your privacy goals.
What’s inside
- Classify data based on privacy risk
- Set up capabilities for data export that meet legal requirements
- Establish a review process to accelerate privacy impact assessment
- Design a consent management platform to capture user consent
About the reader
For engineers and business leaders looking to deliver better privacy.
About the author
Nishant Bhajaria leads the Technical Privacy and Strategy teams for Uber. His previous roles include head of privacy engineering at Netflix, and data security and privacy at Google.
inside front cover Data Privacy Copyright brief contents contents front matter foreword preface acknowledgments about this book Who should read this book How this book is organized: A roadmap About the code liveBook discussion forum about the author about the cover illustration Part 1. Privacy, data, and your business 1 Privacy engineering: Why it’s needed, how to scale it 1.1 What is privacy? 1.2 How data flows into and within your company 1.3 Why privacy matters 1.3.1 The fines are real 1.3.2 Early-stage efficiency wins can cause late-stage privacy headaches 1.3.3 Privacy investigations could be more than a speed bump 1.3.4 Privacy process can unlock business opportunities: A real-life example 1.4 Privacy: A mental model 1.5 How privacy affects your business at a macro level 1.5.1 Privacy and safety: The COVID edition 1.5.2 Privacy and regulations: A cyclical process 1.6 Privacy tech and tooling: Your options and your choices 1.6.1 The “build vs. buy” question 1.6.2 Third-party privacy tools: Do they really work and scale? 1.6.3 The risks in buying third-party privacy tools 1.7 What this book will not do 1.8 How the role of engineers has changed, and how that has affected privacy Summary 2 Understanding data and privacy 2.1 Privacy and what it entails 2.1.1 Why privacy is hard 2.1.2 Privacy engineering on the ground: What you have to accomplish 2.1.3 Privacy, data systems, and policy enforcement 2.2 This could be your company 2.3 Data, your business growth strategy, and privacy 2.4 Examples: When privacy is violated 2.4.1 Equifax 2.4.2 The Office of Personnel Management (OPM) breach 2.4.3 LabCorp and Quest Diagnostics 2.5 Privacy and the regulatory landscape 2.5.1 How regulations impact your product and their users 2.5.2 How your program should help prepare for changing privacy law 2.6 Privacy and the user 2.6.1 Becoming an American, and privacy 2.6.2 Today’s users and their privacy concerns 2.7 After building the tools comes the hard part: Building a program 2.8 As you build a program, build a privacy-first culture Summary Part 2. A proactive privacy program: Data governance 3 Data classification 3.1 Data classification and customer context 3.2 Why data classification is necessary 3.2.1 Data classification as part of data governance 3.2.2 Data classification: How it helps align priorities 3.2.3 Industry benchmarking around data classification 3.2.4 Unstructured data and governance 3.2.5 Data classification as part of your maturity journey 3.3 How you can implement data classification to improve privacy 3.3.1 Data classification and access options 3.3.2 Data classification, access management, and privacy: Example 1 3.3.3 Data classification, access management, and privacy: Example 2 3.4 How to classify data with a focus on privacy laws 3.4.1 Data classification as an abstraction of privacy laws 3.4.2 Data classification to resolve tension between interpretations of privacy laws 3.5 The data classification process 3.5.1 Working with cross-functional stakeholders on your data classification 3.5.2 Formalizing and refactoring your data classification 3.5.3 The data classification process: A Microsoft template 3.6 Data classification: An example Summary 4 Data inventory 4.1 Data inventory: What it is and why you need it 4.2 Machine-readable tags 4.2.1 What are data inventory tags? 4.2.2 Data inventory tags: A specific example 4.3 Creating a baseline 4.4 The technical architecture 4.4.1 Structured and unstructured data 4.4.2 Data inventory architectural capabilities 4.4.3 Data inventory workflow 4.5 Understanding the data 4.5.1 The metadata definition process 4.5.2 The metadata discovery process 4.6 When should you start the data inventory process? 4.6.1 Why is the data inventory process so hard? 4.6.2 Data inventory: Sooner is better than later 4.7 A data inventory is not a binary process 4.7.1 Data inventory level 1 4.7.2 Data inventory level 2 4.7.3 Data inventory level 3 4.8 What does a successful data inventory process look like? 4.8.1 Data inventory objective success metrics 4.8.2 Data inventory subjective success metrics Summary 5 Data sharing 5.1 Data sharing: Why companies need to share data 5.1.1 Data sharing: Taxicab companies 5.1.2 Data sharing: Online advertising 5.1.3 Privacy in advertising 5.2 How to share data safely: Security as an ally of privacy 5.2.1 Tracking President Trump 5.2.2 Protecting data in motion 5.2.3 Protecting data at rest 5.3 Obfuscation techniques for privacy-safe data sharing 5.3.1 Data sharing and US national security 5.3.2 Data anonymization: The relationship between precision and retention 5.3.3 Data anonymization: The relationship between precision and access 5.3.4 Data anonymization: Mapping universal IDs to internal IDs 5.4 Sharing internal IDs with third parties 5.4.1 Use case 1: Minimal session (no linking of user activity is needed) 5.4.2 Use case 2: Single session per dataset (linking of the same user’s activity within a dataset) 5.4.3 Use case 3: Session spanning datasets (linking across datasets) 5.4.4 Recovering pseudonymized values 5.5 Measuring privacy impact 5.5.1 K-anonymity 5.5.2 L-diversity 5.6 Privacy harms: This is not a drill 5.6.1 Facebook and Cambridge Analytica 5.6.2 Sharing data and weaknesses Summary Part 3. Building tools and processes 6 The technical privacy review 6.1 What are privacy reviews? 6.1.1 The privacy impact assessment (PIA) 6.1.2 The data protection impact assessment (DPIA) 6.2 Implementing the legal privacy review process 6.3 Making the case for a technical privacy review 6.3.1 Timing and scope 6.3.2 What the technical review covers that the legal review does not 6.4 Integrating technical privacy reviews into the innovation pipeline 6.4.1 Where does the technical privacy review belong? 6.4.2 How to implement a technical privacy intake? 6.5 Scaling the technical privacy review process 6.5.1 Data sharing 6.5.2 Machine-learning models 6.6 Sample technical privacy reviews 6.6.1 Messaging apps and engagement apps: Do they connect? 6.6.2 Masks and contact tracing Summary 7 Data deletion 7.1 Why must a company delete data? 7.2 What does a modern data collection architecture look like? 7.2.1 Distributed architecture and microservices: How companies collect data 7.2.2 How real-time data is stored and accessed 7.2.3 Archival data storage 7.2.4 Other data storage locations 7.2.5 How data storage grows from collection to archival 7.3 How the data collection architecture works 7.4 Deleting account-level data: A starting point 7.4.1 Account deletion: Building the tooling and process 7.4.2 Scaling account deletion 7.5 Deleting account-level data: Automation and scaling for distributed services 7.5.1 Registering services and data fields for deletion 7.5.2 Scheduling data deletion 7.6 Sensitive data deletion 7.7 Who should own data deletion? Summary 8 Exporting user data: Data Subject Access Requests 8.1 What are DSARs? 8.1.1 What rights do DSAR regulations give to users? 8.1.2 An overview of the DSAR request fulfillment process 8.2 Setting up the DSAR process 8.2.1 The key steps in creating a DSAR system 8.2.2 Building a DSAR status dashboard 8.3 DSAR automation, data structures, and data flows 8.3.1 DSAR components 8.3.2 Cuboids: A subset of DSAR data 8.3.3 DSAR templates 8.3.4 Data sources for DSAR templates 8.4 Internal-facing screens and dashboards Summary Part 4. Security, scaling, and staffing 9 Building a consent management platform 9.1 Why consent management is important 9.1.1 Consent management and privacy-related regulation 9.1.2 Consent management and tech industry changes 9.1.3 Consent management and your business 9.2 A consent management platform 9.3 A data schema model for consent management 9.3.1 The entity relationships that help structure a CMP 9.3.2 Entity relationship schemas: A CMP database 9.4 Consent code: Objects 9.4.1 API to check consent status 9.4.2 API to retrieve disclosures 9.4.3 API to update the consent status for a disclosure 9.4.4 API to process multiple disclosures 9.4.5 API to register with the consents service 9.4.6 Useful definitions for the consents service 9.5 Other useful capabilities in a CMP 9.6 Integrating consent management into product workflow Summary 10 Closing security vulnerabilities 10.1 Protecting privacy by reducing the attack surface 10.1.1 Managing the attack surface 10.1.2 How testing can cause security and privacy risks 10.1.3 An enterprise risk model for security and privacy 10.2 Protecting privacy by managing perimeter access 10.2.1 The Target breach 10.2.2 MongoDB security weaknesses 10.2.3 Authorization best practices 10.2.4 Why continuous monitoring of accounts and credentials is important 10.2.5 Remote work and privacy risk 10.3 Protecting privacy by closing access-control gaps 10.3.1 How an IDOR vulnerability works 10.3.2 IDOR testing and mitigation Summary 11 Scaling, hiring, and considering regulations 11.1 A maturity model for privacy engineering 11.1.1 Identification 11.1.2 Protection 11.1.3 Detection 11.1.4 Remediation 11.2 The privacy engineering domain and skills 11.3 Privacy and the regulatory climate Summary index inside back cover
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.