CIPT Onl ResourcesandBoKMapping v2.0 PDF
CIPT Onl ResourcesandBoKMapping v2.0 PDF
Many resources linked from this training are available to IAPP members only. Reviewing the
supplemental, linked content provides the user with additional depth and detail but is not
required for completing the course. To learn more about IAPP membership, click here.
PRIMARY RESOURCES
Breaux, Travis. An Introduction to Privacy for Technology Professionals. Portsmouth, NH:
IAPP, 2020.
Cronk, R. Jason. Strategic Privacy by Design. Portsmouth, NH: IAPP, 2018.
ADDITIONAL RESOURCES
Module 1
Cavoukian, Ann. “Privacy by Design: The 7 Foundational Principles.” Toronto: Information
and Privacy Commissioner of Ontario, 2011 (revised). https://www.ipc.on.ca/wp-
content/uploads/Resources/pbd-implement-7found-principles.pdf.
Friedman, B., D.G. Hendry and A. Borning. “A Survey of Value Sensitive Design Methods.”
Edited by Desney Tan and Youn-kyung Lim. In Foundations and Trends® in Human-
Computer Interaction 11, no. 23 (2017): 63-125. Hanover, MA: Now Publishers,
2017.
Friedman, Hendry and Borning. “Value Sensitive Design and Information Systems.” Edited
by Ping Zhang and Dennis Galletta. In Human-Computer Interaction in Management
Information Systems. Abingdon, UK: Routledge, 2006.
https://link.springer.com/article/10.1007/s10676-021-09579-x
Intersoft Consulting. “Art. 20 GDPR: Right to Data Portability.” https://gdpr-info.eu/art-20-
gdpr/.
Regenscheid, Andrew, Larry Feldman, and Gregory White. NIST Special Publication 800-88,
Revision 1: Guidelines for Media Sanitization. U.S. Department of Commerce,
National Institute of Standards and Technology. 2015.
https://www.nist.gov/publications/nist-special-publication-800-88-revision-1-
guidelines-media-sanitization.
Module 3
API2CART. “5 Differences Between Open Source and Closed Source Software.” Sept. 18,
2019 (updated). https://api2cart.com/business/5-differences-between-open-source-
and-closed-source-software/.
Brandeis, Louis and Samuel Warren. “The Right to Privacy.” Harvard Law Review 4, no. 5
(1890): 193-220.
https://www.jstor.org/stable/1321160?seq=1#metadata_info_tab_contents.
Intersoft Consulting. “Art. 17 GDPR: Right to Erasure (‘Right to be Forgotten’).”
https://gdpr-info.eu/art-17-gdpr/.
National Institute of Standards and Technology (NIST). NIST Special Publication 800-53,
Revision 4: Security and Privacy Controls for Federal Information Systems and
Organizations. Appendix J, Privacy Control Catalog, Privacy Control IP. U.S.
Department of Commerce/NIST. 2013.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf.
Tiwari, Aditya. “What’s the Difference Between Update and Upgrade?” Fossbytes, July 21,
2017. https://fossbytes.com/whats-the-difference-between-update-and-upgrade/.
Module 5
Brooks, Sean, Michael Garcia, Naomi Lefkovitz, Suzanne Lightman, and Ellen Nadeau
(NIST). NISTIR 8062: An Introduction to Privacy Engineering and Risk Management
in Federal Systems. U.S. Department of Commerce/NIST. 2017.
https://iapp.org/media/pdf/resource_center/NIST.IR.8062.pdf.
https://www.darkpatterns.org/types-of-dark-pattern
https://privacypatterns.org/.
Institute of Distributed Systems at Ulm University, Germany.
https://dark.privacypatterns.eu/#/?limit=6&offset=0.
NIST. Privacy Engineering Program. https://www.nist.gov/itl/applied-cybersecurity/privacy-
engineering.
Module 6
Covey, Stephen. The 7 Habits of Highly Effective People. New York: Simon & Schuster,
1989.
Module 7
“A Comprehensive Guide to Natural Language Generation.” Sciforce (blog). Medium, July 4,
2019.
https://medium.com/sciforce/a-comprehensive-guide-to-natural-language-
generation-dd63a4b6e548.
Bentley, Jennifer. “Policing the Police: Balancing the Right to Privacy Against the Beneficial
Use of Drone Technology.” Hastings Law Journal 70, no. 249 (December 2018): 249-
295. http://www.hastingslawjournal.org/wp-content/uploads/70.1-Bentley.pdf.
Calo, Ryan. “Robots and Privacy.” Edited by Patrick Lin, George Bekey, and Keith Abney. In
Robot Ethics: The Ethical and Social Implications of Robotics. Cambridge: MIT Press,
2014. https://cyberlaw.stanford.edu/files/publication/files/ssrn-id1599189.pdf.
I. Foundational Principles
d. FIPPs Module 1
C. Value-Sensitive Design
a. Collection Module 1
c. Disclosure Module 1
d. Retention Module 1
e. Destruction Module 1
A. Fundamentals of Privacy-related IT
c. Organization security policies, including data classification policies and schema, Module 2
data retention and data deletion
d. Other commitments made by the organization (contracts, agreements) Module 2
B. Information Security
a. Transactions which collect confidential data for use in later processing activities Module 2
b. Surveillance Module 3
B. During Use
a. Insecurity Module 3
b. Identification Module 3
c. Aggregation Module 3
e. Exclusion Module 3
C. During Dissemination
a. Disclosure Module 3
b. Distortion Module 3
c. Exposure Module 3
f. Blackmail Module 3
g. Appropriation Module 3
b. Cyberbullying Module 3
c. Patches Module 3
d. Upgrades Module 3
A. Data-Oriented Strategies
a. Separate Module 4
i. Distribute Module 4
b. Minimize Module 4
i. Exclude Module 4
c. Abstract Module 4
i. Group Module 4
d. Hide Module 4
i. Restrict Module 4
v. Masking Module 4
B. Techniques
a. Aggregation Module 4
b. De-identification Module 4
i. Anonymize Module 4
c. Encryption Module 4
e. Authentication Module 4
C. Process-Oriented Strategies
i. Supply Module 4
i. Consent Module 4
i. Create Module 4
i. Log Module 4
V. Privacy Engineering
a. Predictability Module 5
b. Manageability Module 5
c. Dissociability Module 5
a. Risks Modules 3, 5, 6
b. Countermeasures Modules 3, 5, 6
1. Architect Module 6
2. Secure Module 6
3. Supervise Module 6
4. Balance Module 6
B. Ongoing Vigilance
A. Automated Decision-making
e. Drones Module 7
C. Anthropomorphism
e. Robots Module 7
a. Geo-tagging Module 7