PRIVACY IN TECHNOLOGY

RESOURCES AND BODY OF KNOWLEDGE

Many resources linked from this training are available to IAPP members only. Reviewing the
supplemental, linked content provides the user with additional depth and detail but is not
required for completing the course. To learn more about IAPP membership, click here.

PRIMARY RESOURCES
Breaux, Travis. An Introduction to Privacy for Technology Professionals. Portsmouth, NH:
IAPP, 2020.
Cronk, R. Jason. Strategic Privacy by Design. Portsmouth, NH: IAPP, 2018.

ADDITIONAL RESOURCES
Module 1
Cavoukian, Ann. “Privacy by Design: The 7 Foundational Principles.” Toronto: Information
and Privacy Commissioner of Ontario, 2011 (revised). https://www.ipc.on.ca/wp-
content/uploads/Resources/pbd-implement-7found-principles.pdf.
Friedman, B., D.G. Hendry and A. Borning. “A Survey of Value Sensitive Design Methods.”
Edited by Desney Tan and Youn-kyung Lim. In Foundations and Trends® in Human-
Computer Interaction 11, no. 23 (2017): 63-125. Hanover, MA: Now Publishers,
2017.
Friedman, Hendry and Borning. “Value Sensitive Design and Information Systems.” Edited
by Ping Zhang and Dennis Galletta. In Human-Computer Interaction in Management
Information Systems. Abingdon, UK: Routledge, 2006.
https://link.springer.com/article/10.1007/s10676-021-09579-x
Intersoft Consulting. “Art. 20 GDPR: Right to Data Portability.” https://gdpr-info.eu/art-20-
gdpr/.
Regenscheid, Andrew, Larry Feldman, and Gregory White. NIST Special Publication 800-88,
Revision 1: Guidelines for Media Sanitization. U.S. Department of Commerce,
National Institute of Standards and Technology. 2015.
https://www.nist.gov/publications/nist-special-publication-800-88-revision-1-
guidelines-media-sanitization.

©2022, International Association of Privacy Professionals, Inc. (IAPP)

Module 2
Axelos. “What is ITIL?” Accessed Oct. 17, 2019. https://www.axelos.com/best-practice-
solutions/itil/what-is-itil.
https://iapp.org/media/pdf/resource_center/dpia_in_a_nutshell_edps_infographic.pdf;
https://iapp.org/resources/article/edps-infographic-data-protection-impact-
assessment-in-a-nutshell/
Intersoft Consulting. “Art. 28 GDPR: Processor.” https://gdpr-info.eu/art-28-gdpr/.

Module 3
API2CART. “5 Differences Between Open Source and Closed Source Software.” Sept. 18,
2019 (updated). https://api2cart.com/business/5-differences-between-open-source-
and-closed-source-software/.
Brandeis, Louis and Samuel Warren. “The Right to Privacy.” Harvard Law Review 4, no. 5
(1890): 193-220.
https://www.jstor.org/stable/1321160?seq=1#metadata_info_tab_contents.
Intersoft Consulting. “Art. 17 GDPR: Right to Erasure (‘Right to be Forgotten’).”
https://gdpr-info.eu/art-17-gdpr/.
National Institute of Standards and Technology (NIST). NIST Special Publication 800-53,
Revision 4: Security and Privacy Controls for Federal Information Systems and
Organizations. Appendix J, Privacy Control Catalog, Privacy Control IP. U.S.
Department of Commerce/NIST. 2013.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf.
Tiwari, Aditya. “What’s the Difference Between Update and Upgrade?” Fossbytes, July 21,
2017. https://fossbytes.com/whats-the-difference-between-update-and-upgrade/.

Module 5
Brooks, Sean, Michael Garcia, Naomi Lefkovitz, Suzanne Lightman, and Ellen Nadeau
(NIST). NISTIR 8062: An Introduction to Privacy Engineering and Risk Management
in Federal Systems. U.S. Department of Commerce/NIST. 2017.
https://iapp.org/media/pdf/resource_center/NIST.IR.8062.pdf.
https://www.darkpatterns.org/types-of-dark-pattern

https://privacypatterns.org/.
Institute of Distributed Systems at Ulm University, Germany.
https://dark.privacypatterns.eu/#/?limit=6&offset=0.
NIST. Privacy Engineering Program. https://www.nist.gov/itl/applied-cybersecurity/privacy-
engineering.

©2022, International Association of Privacy Professionals, Inc. (IAPP)

NIST. Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk
Management, Version 1.0, January 16, 2020, pages 33–34 (Determining Privacy
Capabilities). https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.01162020.pdf

Module 6
Covey, Stephen. The 7 Habits of Highly Effective People. New York: Simon & Schuster,
1989.

Module 7
“A Comprehensive Guide to Natural Language Generation.” Sciforce (blog). Medium, July 4,
2019.
https://medium.com/sciforce/a-comprehensive-guide-to-natural-language-
generation-dd63a4b6e548.
Bentley, Jennifer. “Policing the Police: Balancing the Right to Privacy Against the Beneficial
Use of Drone Technology.” Hastings Law Journal 70, no. 249 (December 2018): 249-
295. http://www.hastingslawjournal.org/wp-content/uploads/70.1-Bentley.pdf.
Calo, Ryan. “Robots and Privacy.” Edited by Patrick Lin, George Bekey, and Keith Abney. In
Robot Ethics: The Ethical and Social Implications of Robotics. Cambridge: MIT Press,
2014. https://cyberlaw.stanford.edu/files/publication/files/ssrn-id1599189.pdf.

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 BODY OF KNOWLEDGE TOPIC MODULE #

I. Foundational Principles

A. Privacy Risk Models and Frameworks

a. Nissenbaum’s Contextual Integrity Module 1

b. Calo’s Harms Dimensions Module 1

c. Legal compliance Module 1

d. FIPPs Module 1

e. NIST/NICE frameworks Module 1

f. FAIR (Factors Analysis in Information Risk) Module 1

B. Privacy by Design Foundational Principles

a. Full Life Cycle Protection Module 1

b. Embedded into Design Module 1

c. Full Functionality Module 1

d. Visibility and Transparency Module 1

e. Proactive not Reactive Module 1

f. Privacy by Default Module 1

g. Respect for Users Module 1

C. Value-Sensitive Design

a. How design affects users Module 1

b. Strategies for skillful practice Module 1

D. The Data Life Cycle

a. Collection Module 1

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 b. Use Module 1

c. Disclosure Module 1

d. Retention Module 1

e. Destruction Module 1

II. IT’s Role in Protecting Privacy

A. Fundamentals of Privacy-related IT

a. Organization privacy notice Module 2

b. Organization internal privacy policies Module 2

c. Organization security policies, including data classification policies and schema, Module 2
data retention and data deletion
d. Other commitments made by the organization (contracts, agreements) Module 2

e. Common IT frameworks (COBIT, ITIL, etc.) Module 2

f. Data inventories, classification and records of processing Module 2

g. Enterprise architecture and data flows, including cross-border transfers Module 2

h. Data protection and Privacy impact assessments (DPIAs/PIAs) Module 2

B. Information Security

a. Transactions which collect confidential data for use in later processing activities Module 2

b. Breach/disclosure incident investigations and responses—security and privacy Module 2

perspectives
c. Security and privacy in the systems development life cycle (SDLC) process Module 2

d. Privacy and security regulations with specific IT requirements Module 2

C. The Privacy Responsibilities of the IT Professional

a. Consultation on internal and external policies Module 2

b. Consultation on contractual and regulatory requirements Module 2

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 c. Understanding how IT supports information governance in an organization Module 2

III. Privacy Threats and Violations

A. During Data Collection

a. Asking people to reveal personal information Module 3

b. Surveillance Module 3

B. During Use

a. Insecurity Module 3

b. Identification Module 3

c. Aggregation Module 3

d. Secondary use Module 3

e. Exclusion Module 3

C. During Dissemination

a. Disclosure Module 3

b. Distortion Module 3

c. Exposure Module 3

d. Breach of confidentiality Module 3

e. Increased accessibility Module 3

f. Blackmail Module 3

g. Appropriation Module 3

D. Intrusion, Decisional Interference and Self Representation

a. Behavioral advertising Module 3

b. Cyberbullying Module 3

c. Social engineering Module 3

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 E. Software Security

a. Vulnerability management Module 3

b. Intrusion reports Module 3

c. Patches Module 3

d. Upgrades Module 3

e. Open-source vs. closed-source Module 3

IV. Technical Measures and Privacy-Enhancing Technologies

A. Data-Oriented Strategies

a. Separate Module 4

i. Distribute Module 4

ii. Isolate Module 4

b. Minimize Module 4

i. Exclude Module 4

ii. Select Module 4

iii. Strip Module 4

iv. Destroy Module 4

c. Abstract Module 4

i. Group Module 4

ii. Summarize Module 4

iii. Perturb Module 4

d. Hide Module 4

i. Restrict Module 4

ii. Mix Module 4

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 iii. Obfuscate Module 4

iv. Dissociate Module 4

v. Masking Module 4

B. Techniques

a. Aggregation Module 4

i. Frequency and magnitude data Module 4

ii. Noise addition through differential privacy Module 4

iii. Differential identifiability Module 4

b. De-identification Module 4

i. Anonymize Module 4

ii. Pseudonymize Module 4

iii. Labels that point to individuals Module 4

iv. Strong and weak identifiers Module 4

v. Degrees of identifiability Module 4

vi. k-anonymity, l-diversity, t-closeness Module 4

vii. Tokenization Module 4

viii. Irreversible masking Module 4

c. Encryption Module 4

i. Algorithms and keys Module 4

ii. Symmetric and asymmetric Module 4

iii. Crypto design and implementation considerations Module 4

iv. Application or field encryption Module 4

v. Quantum encryption Module 4

vi. Public key infrastructure Module 4

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 vii. Homomorphic Module 4

viii. Polymorphic Module 4

ix. Mix networks Module 4

x. Secure multiparty computation Module 4

xi. Private information retrieval Module 4

d. Identity and access management Module 4

i. Limitations of access management as a privacy tool Module 4

ii. Principle of least-privilege required Module 4

iii. User and role-based access controls (RBAC) Module 4

iv. Privileged Access Management (PAM) …

v. Context of authority Module 4

vi. Cross-enterprise authentication and authorization models Module 4

vii. Federated identity and centralized identity inventory Module 4

viii. Bring your own device (BYOD) concerns Module 4

ix. Dynamic Masking based on identities Module 4

e. Authentication Module 4

i. Single/multifactor authentication Module 4

ii. Something you know (usernames, passwords) Module 4

iii. Something you are (biometrics, facial recognition, location) Module 4

iv. Something you have (tokens, keys) Module 4

C. Process-Oriented Strategies

a. Informing the Individual Module 4

i. Supply Module 4

ii. Notify Module 4

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 iii. Explain Module 4

b. User Control Module 4

i. Consent Module 4

ii. Choice Module 4

iii. Amend Module 4

iv. Delete Module 4

c. Policy and process enforcement Module 4

i. Create Module 4

ii. Maintain Module 4

iii. Uphold Module 4

d. Demonstrate compliance Module 4

i. Log Module 4

ii. Audit Module 4

iii. Report Module 4

V. Privacy Engineering

A. The Privacy Engineering Role in the Organization

a. Effective implementation Module 5

b. Technological controls Module 5

c. Protecting privacy during the development life cycle Module 5

B. Privacy Engineering Objectives

a. Predictability Module 5

b. Manageability Module 5

c. Dissociability Module 5

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 C. Privacy Design Patterns

a. Design patterns to emulate Module 5

b. Dark patterns to avoid Module 5

D. Privacy Risks in Software

a. Risks Modules 3, 5, 6

b. Countermeasures Modules 3, 5, 6

VI. Privacy by Design Methodology

A. The Privacy-by-Design Process

a. Goal setting Module 6

b. Documenting requirements Module 6

c. Understanding quality attributes Module 6

d. Identify information needs Module 6

e. Privacy risk assessment and analysis …

f. High-level design Module 6

g. Low-level design and implementation Module 6

h. Impose controls Module 6

1. Architect Module 6

2. Secure Module 6

3. Supervise Module 6

4. Balance Module 6

h. Testing and validation Module 6

B. Ongoing Vigilance

a. Privacy audits and IT control reviews Module 6

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 b. Code reviews Module 6

c. Code audits Module 6

d. Runtime behavior monitoring Module 6

e. Software evolution Module 6

f. Data cleansing in production and non-production environments …

VII. Technology Challenges for Privacy

A. Automated Decision-making

a. Machine learning Module 7

b. Deep learning Module 7

c. Artificial Intelligence (AI) Module 7

d. Context aware computing Module 7

B. Tracking and Surveillance

a. Internet monitoring Module 7

b. Adtech, cookies and other web tracking Module 7

c. Location tracking Module 7

d. Audio and video surveillance Module 7

e. Drones Module 7

C. Anthropomorphism

a. Speech recognition Module 7

b. Natural language understanding Module 7

c. Natural language generation Module 7

d. Chat bots Module 7

e. Robots Module 7

©2022, International Association of Privacy Professionals, Inc. (IAPP)

 D. Ubiquitous Computing

a. Mobile phones and apps Module 7

b. Internet of Things (IoT) and Edge Computing Module 7

c. Smart cities Module 7

d. Vehicular automation/Smart vehicles Module 7

e. Wearable devices Module 7

f. Blockchain and NFTs …

g. Virtual Reality, Augmented Reality and Mixed Reality Module 7

E. Mobile Social Computing

a. Geo-tagging Module 7

b. Geo-social patterns Module 7

©2022, International Association of Privacy Professionals, Inc. (IAPP)