The concept of privacy and data protection by design is not new in the privacy world. We know privacy should be integrated in the foundational design of a product or service; that is should be baked in, not bolted on. But what that means in practice is often elusive. In 2018, Enterprivacy Consulting Group founder R. Jason Cronk, CIPP/US, CIPM, CIPT, FIP, wrote the book "Strategic Privacy by Design," which was published by the IAPP. In it, Cronk offered insights for building processes, products and services that consider an individual’s privacy interests as a requirement. In the four years since, law and technology have continued to evolve, prompting Jason to write a second edition of the book. The IAPP's Jedidiah Bracy, CIPP, recently caught up with Cronk to discuss his work in designing for privacy and what’s new in his second edition.
This book takes an unconventional approach to privacy by design, challenges your traditional thought, and teaches you a new way to think of and build up privacy. It is intended for readers with varying levels of experience with privacy by design. The book also presents a comprehensive threat modeling and diagraming method to systematically approach the identification and mitigation of threats.
If you want to comment on this post, you need to login.