Data Privacy

Data Privacy

by Nishant Bhajaria
Released February 2022
Publisher(s): Manning Publications
ISBN: 9781617298998

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Engineer privacy into your systems with these hands-on techniques for data governance, legal compliance, and surviving security audits.

In Data Privacy you will learn how to:

  • Classify data based on privacy risk
  • Build technical tools to catalog and discover data in your systems
  • Share data with technical privacy controls to measure reidentification risk
  • Implement technical privacy architectures to delete data
  • Set up technical capabilities for data export to meet legal requirements like Data Subject Asset Requests (DSAR)
  • Establish a technical privacy review process to help accelerate the legal Privacy Impact Assessment (PIA)
  • Design a Consent Management Platform (CMP) to capture user consent
  • Implement security tooling to help optimize privacy
  • Build a holistic program that will get support and funding from the C-Level and board

Data Privacy teaches you to design, develop, and measure the effectiveness of privacy programs. You’ll learn from author Nishant Bhajaria, an industry-renowned expert who has overseen privacy at Google, Netflix, and Uber. The terminology and legal requirements of privacy are all explained in clear, jargon-free language. The book’s constant awareness of business requirements will help you balance trade-offs, and ensure your user’s privacy can be improved without spiraling time and resource costs.

About the Technology
Data privacy is essential for any business. Data breaches, vague policies, and poor communication all erode a user’s trust in your applications. You may also face substantial legal consequences for failing to protect user data. Fortunately, there are clear practices and guidelines to keep your data secure and your users happy.

About the Book
Data Privacy: A runbook for engineers teaches you how to navigate the trade-offs between strict data security and real world business needs. In this practical book, you’ll learn how to design and implement privacy programs that are easy to scale and automate. There’s no bureaucratic process—just workable solutions and smart repurposing of existing security tools to help set and achieve your privacy goals.

What's Inside
  • Classify data based on privacy risk
  • Set up capabilities for data export that meet legal requirements
  • Establish a review process to accelerate privacy impact assessment
  • Design a consent management platform to capture user consent


About the Reader
For engineers and business leaders looking to deliver better privacy.

About the Author
Nishant Bhajaria leads the Technical Privacy and Strategy teams for Uber. His previous roles include head of privacy engineering at Netflix, and data security and privacy at Google.

Quotes
I wish I had had this text in 2015 or 2016 at Netflix, and it would have been very helpful in 2008–2012 in a time of significant architectural evolution of our technology.
- From the Foreword by Neil Hunt, Former CPO, Netflix

Your guide to building privacy into the fabric of your organization.
- John Tyler, JPMorgan Chase

The most comprehensive resource you can find about privacy.
- Diego Casella, InvestSuite

Offers some valuable insights and direction for enterprises looking to improve the privacy of their data.
- Peter White, Charles Sturt University

Publisher resources

View/Submit Errata

Table of contents

  1. inside front cover
  2. Data Privacy
  3. Copyright
  4. brief contents
  5. contents
  6. front matter
    1. foreword
    2. preface
    3. acknowledgments
    4. about this book
      1. Who should read this book
      2. How this book is organized: A roadmap
      3. About the code
      4. liveBook discussion forum
    5. about the author
    6. about the cover illustration
  7. Part 1. Privacy, data, and your business
  8. 1 Privacy engineering: Why it’s needed, how to scale it
    1. 1.1 What is privacy?
    2. 1.2 How data flows into and within your company
    3. 1.3 Why privacy matters
      1. 1.3.1 The fines are real
      2. 1.3.2 Early-stage efficiency wins can cause late-stage privacy headaches
      3. 1.3.3 Privacy investigations could be more than a speed bump
      4. 1.3.4 Privacy process can unlock business opportunities: A real-life example
    4. 1.4 Privacy: A mental model
    5. 1.5 How privacy affects your business at a macro level
      1. 1.5.1 Privacy and safety: The COVID edition
      2. 1.5.2 Privacy and regulations: A cyclical process
    6. 1.6 Privacy tech and tooling: Your options and your choices
      1. 1.6.1 The “build vs. buy” question
      2. 1.6.2 Third-party privacy tools: Do they really work and scale?
      3. 1.6.3 The risks in buying third-party privacy tools
    7. 1.7 What this book will not do
    8. 1.8 How the role of engineers has changed, and how that has affected privacy
    9. Summary
  9. 2 Understanding data and privacy
    1. 2.1 Privacy and what it entails
      1. 2.1.1 Why privacy is hard
      2. 2.1.2 Privacy engineering on the ground: What you have to accomplish
      3. 2.1.3 Privacy, data systems, and policy enforcement
    2. 2.2 This could be your company
    3. 2.3 Data, your business growth strategy, and privacy
    4. 2.4 Examples: When privacy is violated
      1. 2.4.1 Equifax
      2. 2.4.2 The Office of Personnel Management (OPM) breach
      3. 2.4.3 LabCorp and Quest Diagnostics
    5. 2.5 Privacy and the regulatory landscape
      1. 2.5.1 How regulations impact your product and their users
      2. 2.5.2 How your program should help prepare for changing privacy law
    6. 2.6 Privacy and the user
      1. 2.6.1 Becoming an American, and privacy
      2. 2.6.2 Today’s users and their privacy concerns
    7. 2.7 After building the tools comes the hard part: Building a program
    8. 2.8 As you build a program, build a privacy-first culture
    9. Summary
  10. Part 2. A proactive privacy program: Data governance
  11. 3 Data classification
    1. 3.1 Data classification and customer context
    2. 3.2 Why data classification is necessary
      1. 3.2.1 Data classification as part of data governance
      2. 3.2.2 Data classification: How it helps align priorities
      3. 3.2.3 Industry benchmarking around data classification
      4. 3.2.4 Unstructured data and governance
      5. 3.2.5 Data classification as part of your maturity journey
    3. 3.3 How you can implement data classification to improve privacy
      1. 3.3.1 Data classification and access options
      2. 3.3.2 Data classification, access management, and privacy: Example 1
      3. 3.3.3 Data classification, access management, and privacy: Example 2
    4. 3.4 How to classify data with a focus on privacy laws
      1. 3.4.1 Data classification as an abstraction of privacy laws
      2. 3.4.2 Data classification to resolve tension between interpretations of privacy laws
    5. 3.5 The data classification process
      1. 3.5.1 Working with cross-functional stakeholders on your data classification
      2. 3.5.2 Formalizing and refactoring your data classification
      3. 3.5.3 The data classification process: A Microsoft template
    6. 3.6 Data classification: An example
    7. Summary
  12. 4 Data inventory
    1. 4.1 Data inventory: What it is and why you need it
    2. 4.2 Machine-readable tags
      1. 4.2.1 What are data inventory tags?
      2. 4.2.2 Data inventory tags: A specific example
    3. 4.3 Creating a baseline
    4. 4.4 The technical architecture
      1. 4.4.1 Structured and unstructured data
      2. 4.4.2 Data inventory architectural capabilities
      3. 4.4.3 Data inventory workflow
    5. 4.5 Understanding the data
      1. 4.5.1 The metadata definition process
      2. 4.5.2 The metadata discovery process
    6. 4.6 When should you start the data inventory process?
      1. 4.6.1 Why is the data inventory process so hard?
      2. 4.6.2 Data inventory: Sooner is better than later
    7. 4.7 A data inventory is not a binary process
      1. 4.7.1 Data inventory level 1
      2. 4.7.2 Data inventory level 2
      3. 4.7.3 Data inventory level 3
    8. 4.8 What does a successful data inventory process look like?
      1. 4.8.1 Data inventory objective success metrics
      2. 4.8.2 Data inventory subjective success metrics
    9. Summary
  13. 5 Data sharing
    1. 5.1 Data sharing: Why companies need to share data
      1. 5.1.1 Data sharing: Taxicab companies
      2. 5.1.2 Data sharing: Online advertising
      3. 5.1.3 Privacy in advertising
    2. 5.2 How to share data safely: Security as an ally of privacy
      1. 5.2.1 Tracking President Trump
      2. 5.2.2 Protecting data in motion
      3. 5.2.3 Protecting data at rest
    3. 5.3 Obfuscation techniques for privacy-safe data sharing
      1. 5.3.1 Data sharing and US national security
      2. 5.3.2 Data anonymization: The relationship between precision and retention
      3. 5.3.3 Data anonymization: The relationship between precision and access
      4. 5.3.4 Data anonymization: Mapping universal IDs to internal IDs
    4. 5.4 Sharing internal IDs with third parties
      1. 5.4.1 Use case 1: Minimal session (no linking of user activity is needed)
      2. 5.4.2 Use case 2: Single session per dataset (linking of the same user’s activity within a dataset)
      3. 5.4.3 Use case 3: Session spanning datasets (linking across datasets)
      4. 5.4.4 Recovering pseudonymized values
    5. 5.5 Measuring privacy impact
      1. 5.5.1 K-anonymity
      2. 5.5.2 L-diversity
    6. 5.6 Privacy harms: This is not a drill
      1. 5.6.1 Facebook and Cambridge Analytica
      2. 5.6.2 Sharing data and weaknesses
    7. Summary
  14. Part 3. Building tools and processes
  15. 6 The technical privacy review
    1. 6.1 What are privacy reviews?
      1. 6.1.1 The privacy impact assessment (PIA)
      2. 6.1.2 The data protection impact assessment (DPIA)
    2. 6.2 Implementing the legal privacy review process
    3. 6.3 Making the case for a technical privacy review
      1. 6.3.1 Timing and scope
      2. 6.3.2 What the technical review covers that the legal review does not
    4. 6.4 Integrating technical privacy reviews into the innovation pipeline
      1. 6.4.1 Where does the technical privacy review belong?
      2. 6.4.2 How to implement a technical privacy intake?
    5. 6.5 Scaling the technical privacy review process
      1. 6.5.1 Data sharing
      2. 6.5.2 Machine-learning models
    6. 6.6 Sample technical privacy reviews
      1. 6.6.1 Messaging apps and engagement apps: Do they connect?
      2. 6.6.2 Masks and contact tracing
    7. Summary
  16. 7 Data deletion
    1. 7.1 Why must a company delete data?
    2. 7.2 What does a modern data collection architecture look like?
      1. 7.2.1 Distributed architecture and microservices: How companies collect data
      2. 7.2.2 How real-time data is stored and accessed
      3. 7.2.3 Archival data storage
      4. 7.2.4 Other data storage locations
      5. 7.2.5 How data storage grows from collection to archival
    3. 7.3 How the data collection architecture works
    4. 7.4 Deleting account-level data: A starting point
      1. 7.4.1 Account deletion: Building the tooling and process
      2. 7.4.2 Scaling account deletion
    5. 7.5 Deleting account-level data: Automation and scaling for distributed services
      1. 7.5.1 Registering services and data fields for deletion
      2. 7.5.2 Scheduling data deletion
    6. 7.6 Sensitive data deletion
    7. 7.7 Who should own data deletion?
    8. Summary
  17. 8 Exporting user data: Data Subject Access Requests
    1. 8.1 What are DSARs?
      1. 8.1.1 What rights do DSAR regulations give to users?
      2. 8.1.2 An overview of the DSAR request fulfillment process
    2. 8.2 Setting up the DSAR process
      1. 8.2.1 The key steps in creating a DSAR system
      2. 8.2.2 Building a DSAR status dashboard
    3. 8.3 DSAR automation, data structures, and data flows
      1. 8.3.1 DSAR components
      2. 8.3.2 Cuboids: A subset of DSAR data
      3. 8.3.3 DSAR templates
      4. 8.3.4 Data sources for DSAR templates
    4. 8.4 Internal-facing screens and dashboards
    5. Summary
  18. Part 4. Security, scaling, and staffing
  19. 9 Building a consent management platform
    1. 9.1 Why consent management is important
      1. 9.1.1 Consent management and privacy-related regulation
      2. 9.1.2 Consent management and tech industry changes
      3. 9.1.3 Consent management and your business
    2. 9.2 A consent management platform
    3. 9.3 A data schema model for consent management
      1. 9.3.1 The entity relationships that help structure a CMP
      2. 9.3.2 Entity relationship schemas: A CMP database
    4. 9.4 Consent code: Objects
      1. 9.4.1 API to check consent status
      2. 9.4.2 API to retrieve disclosures
      3. 9.4.3 API to update the consent status for a disclosure
      4. 9.4.4 API to process multiple disclosures
      5. 9.4.5 API to register with the consents service
      6. 9.4.6 Useful definitions for the consents service
    5. 9.5 Other useful capabilities in a CMP
    6. 9.6 Integrating consent management into product workflow
    7. Summary
  20. 10 Closing security vulnerabilities
    1. 10.1 Protecting privacy by reducing the attack surface
      1. 10.1.1 Managing the attack surface
      2. 10.1.2 How testing can cause security and privacy risks
      3. 10.1.3 An enterprise risk model for security and privacy
    2. 10.2 Protecting privacy by managing perimeter access
      1. 10.2.1 The Target breach
      2. 10.2.2 MongoDB security weaknesses
      3. 10.2.3 Authorization best practices
      4. 10.2.4 Why continuous monitoring of accounts and credentials is important
      5. 10.2.5 Remote work and privacy risk
    3. 10.3 Protecting privacy by closing access-control gaps
      1. 10.3.1 How an IDOR vulnerability works
      2. 10.3.2 IDOR testing and mitigation
    4. Summary
  21. 11 Scaling, hiring, and considering regulations
    1. 11.1 A maturity model for privacy engineering
      1. 11.1.1 Identification
      2. 11.1.2 Protection
      3. 11.1.3 Detection
      4. 11.1.4 Remediation
    2. 11.2 The privacy engineering domain and skills
    3. 11.3 Privacy and the regulatory climate
    4. Summary
  22. index
  23. inside back cover

Product information

  • Title: Data Privacy
  • Author(s): Nishant Bhajaria
  • Release date: February 2022
  • Publisher(s): Manning Publications
  • ISBN: 9781617298998