Privacy Tech and Privacy By Design

Privacy Tech and Privacy By Design

Here, you can find the IAPP’s collection of coverage, analysis and resources related to privacy technology and privacy by design. The IAPP Resource Center includes separate topic pages for Artificial Intelligence and Cloud Computing, as well as a “Privacy Engineering Section,” which offers a range of programs, events, content and networking opportunities through which privacy pros working in IT and related fields can connect and advance.

Featured Resources

Strategic Privacy by Design

Designed for both the individual who knows privacy by design and the individual who is just starting on their privacy journey, Strategic Privacy by Design, Second Edition presents a methodology for building privacy into a product, service, or business process. This book takes an unconventional approach to privacy by design, challenges your traditional thought, and teaches you a new way to think of and build up privacy.
Read More

Privacy Tech Vendor Report

Twice a year, the IAPP updates its “Privacy Tech Vendor Report,” offering insight into the market and a directory of vendors, large and small, that offer various types of privacy technology solutions.
Read More

Privacy and responsible AI

Government authorities around the world are increasing their enforcement, rulemaking and legislating in the areas of artificial intelligence and machine learning. This article outlines recent developments, considerations, challenges and case studies that should be on privacy pros’ radars as they grapple with compliance.
Read More


Latest News and Resources

Cybersecurity Law Fundamentals

Almost as swiftly as cybersecurity has emerged as a major corporate and public policy concern, a body of cybersecurity law has developed. The purpose of Cybersecurity Law Fundamentals is to give a coherent summary of this incoherent body of law. Read More

Talking Strategic Privacy by Design with R. Jason Cronk

The concept of privacy and data protection by design is not new in the privacy world. We know privacy should be integrated in the foundational design of a product or service; that is should be baked in, not bolted on. But what that means in practice is often elusive. In 2018, Enterprivacy Consulting Group founder R. Jason Cronk, CIPP/US, CIPM, CIPT, FIP, wrote the book "Strategic Privacy by Design," which was published by the IAPP. In it, Cronk offered insights for building processes, products a... Read More

Standardization landscape for privacy: Part 2 — ISO/IEC

What if there was a formula describing the best methods, techniques and guidelines for privacy? In the face of rapid evolution of information technology and regulations for privacy and data protection, working along the lines of clearly defined controls, concepts and principles is a necessity to tackle the complexity of this constant change. A pathway to best privacy practices In the domain of information and communication technology, the International Organization for Standardization provides... Read More

Standardization landscape for privacy: Part 1 — The NIST Privacy Framework

Standards and frameworks provide real benefits for privacy management. Standards are established norms to be applied consistently across organizations, while frameworks are a set of basic guidelines to be adapted to an organization's needs. Both can help to fulfill compliance obligations, build trust, benchmark against industry best practices, support strategic planning and evaluation, enable global interoperability, and strengthen an organization's market position. Just as in information secur... Read More

Web Conference: Privacy Engineer Your Operations for Excellence
(IAPP, May 2022)
Exceptions in new US state privacy laws leave data without security coverage
(IAPP, May 2022)
Talking Strategic Privacy by Design with R. Jason Cronk
(IAPP, March 2022)
Successful adoption of mobile ID hinges largely on protection of citizen privacy
(IAPP, March 2022)
Information Security Management – An Executive View
(Marcos Sêmola, March 2022)
Perkins Coie – 2022 Emerging Technology Trends
(Perkins Coie, February 2022)
LinkedIn Live: ‘How To Build An Effective Privacy Engineering Team’
(IAPP, February 2022)
CDT — Responsible Technology Training Series for Education Practitioners
(CDT, January 2022)
iOS App Report: Surveillance Marketing Still Going Strong
(URL Genius, January 2022)
Age verification and data protection: Far more difficult than it looks
(IAPP, January 2022)
2022’s top-10 legal technology job market predictions
(IAPP, January 2022)
A look inside the robust privacy tech vendor market
(IAPP, January 2022)
Privacy as code: A new taxonomy for privacy
(IAPP, November 2021)
Brookings Glossary: Artificial intelligence and emerging technology
(Brookings Institution, October 2021)
The Privacy and Equity Implications of Using Self-Harm Monitoring Technologies: Recommendations for Schools
(Future of Privacy Forum, August 2021)
The Privacy and Equity Implications of Using Self-Harm Monitoring Technologies: Recommendations for Schools
(Future of Privacy Forum, August 2021)
Web Conference: More than Face Value: Facial Recognition Technology & Privacy
(IAPP, July 2021)
Web Conference: Understanding Machine Learning Technology and Developing A Risk-Based Approach
(IAPP, June 2021)
Web Conference: LBS — IAPP CIPT: Technology Innovation and the Need for the Privacy Technologist
(IAPP, June 2021)
KPMG — Privacy Technology: What’s next?
(KPMG, May 2021)
Privacy Tech’s Third Generation: A Review of the Emerging Privacy Tech Sector
(Future of Privacy Forum, Privacy Tech Alliance, May 2021)
Web Conference: Marketing Technology 101 for Privacy Officers
(IAPP, February 2021)
World Economic Forum — Future Series: Cybersecurity, emerging technology and systemic risk
(World Economic Forum, November 2020)
EY-NASCIO Report — How will the power of emerging technology help reframe your future?
(EY-NASCIO, October 2020)
White Paper – The Skill Set Technologists Need to Implement a Privacy Risk Management Framework
(IAPP, October 2020)
Infographic – How to get started in privacy engineering
(IAPP, August 2020)
White Paper – The Skill Set Needed to Implement the NIST Privacy Framework
(IAPP, August 2020)
ePrivacy and Data Protection: The Complex Web of Data Privacy and its Influence on AI Ethics, Competition and Tech Evolution
(Citi GPS, July 2020)
Privacy 2020: 10 Privacy Risks and 10 Privacy-Enhancing Technologies to Watch in the Next Decade
(Future of Privacy Forum, March 2020)
White Paper – Talking Tech for Privacy Pros: The Organic Chemistry of Computer Science
(IAPP, February 2020)
Enhancing Privacy Education with a Technical Emphasis in IT Curriculum
(Kennesaw State University, February 2020)
White Paper – The Skill Set Needed to Implement a Global Privacy Standard: ISO/IEC 27701 alignment with IAPP CIPM and CIPP/E certifications
(IAPP, November 2019)
White Paper – Talking Tech for Privacy Pros: Coming Down from the Cloud
(IAPP, October 2019)
How Privacy Tech Is Bought and Deployed
(IAPP, June 2019)
White Paper – Check or Mate? Strategic Privacy by Design
(IAPP, October 2017)
The ransomware epidemic – Article Series
(IAPP, September 2016)
Infographic: How IT and Infosec Value Privacy
(IAPP, March 2016)
View More Resources

Privacy Engineering

Web Conference: Privacy Engineer Your Operations for Excellence

Original broadcast date: 12 May 2022 In this web conference, panelists explain how to avoid ripple effects from immature privacy practices, but also clearly show how privacy controls can contribute to better data quality, lower storage costs, and an overall business strategy of trust. Founders, product managers, engineers, and legal privacy professionals alike will walk away from this web conference with a better understanding of the essential building blocks of applying privacy principles in practice, why it makes sense to invest in privacy-by-design when building and maintaining products and systems, and how to get one’s team up to speed. Read More

Infographic – How to get started in privacy engineering

Published: August 2020 Click To View (PDF) Privacy engineering is a rapidly growing field in our increasingly data driven world. This infographic offers advice on how to jump start a career in this dynamic profession. It offers tips for pursuing a cross-disciplinary education, searching for career opportunities beyond Big Tech, writing about privacy issues, networking with other professionals, becoming an expert in your own privacy, earning privacy credentials, staying informed about privacy... Read More

Privacy engineering is evolving daily: Join the conversation about its future

Regulations and policies alone won’t get us to a world that effectively respects privacy. To get there, we need multiple things: (1) systems we can trust to robustly implement policy, (2) technology that enables better choices than the ones we have today and (3) a deep understanding of the wide spectrum of humans who interact with our systems. In short, we need privacy engineering. Organizations’ understanding of privacy engineering and their need for it is evolving rapidly alongside new techno... Read More

Privacy engineering: Comprehensible access control lists

When a user is taking an action, they need to know who, what and where. But what happens once they’ve taken that action? When a user shares something with another user, like a photo or a document, they need to know who, why and how to make it stop. First, let me differentiate sharing and sending. Sending is when someone transmits data to another entity and that data passes into the possession of that entity. For example, if you were to send me an email, that email goes into my inbox. You can’t ... Read More