Strategic Privacy by Design, Second Edition

Author: R. Jason Cronk, CIPP/US, CIPM, CIPT, FIP, Enterprivacy Consulting Group

Designed for both the individual who knows privacy by design and the individual who is just starting on their privacy journey, Strategic Privacy by Design, Second Edition presents a methodology for building privacy into a product, service, or business process.

This book takes an unconventional approach to privacy by design, challenges your traditional thought, and teaches you a new way to think of and build up privacy. It is intended for readers with varying levels of experience with privacy by design. The book also presents a comprehensive threat modeling and diagraming method to systematically approach the identification and mitigation of threats.

New to this edition, Strategic Privacy by Design, Second Edition features: 

  • Expanded examples and exercises with detailed answers 
  • A glossary providing summary of defined terms 
  • A completely new chapter on threat modeling 
  • Factor analysis of information risk (FAIR) broken up more cleanly to define factors, with a separate appendix on quantification for those who want to dive into the numbers 
  • Controls (aka privacy design strategies and tactics) redrafted to incorporate controls effects outside of data processing, plus much more detail on several privacy design tactics 
  • New appendix, maps, chapters, and a section of the book dedicated to the CIPT Body of Knowledge

This book builds upon a series of established components to create an end-to-end method, including Solove taxonomy of privacy to identify privacy harms, modified to quantify privacy risks, the Hoepman privacy design strategies and tactics to mitigate the risk factors, and value sensitive design to incorporate other non-functional system requirements.

Official textbook for the CIPT program.

All IAPP textbooks can be found in the IAPP Store.