Books & Videos

Table of Contents

  1. Getting Started

    1. Chapter 1 What Is Privacy?

      1. How to Think About Privacy
      2. Why Privacy Is Important
      3. Before You Get Started
    2. Chapter 2 Personal Data and Privacy

      1. Data Collection: Understanding Privacy’s First Frontier
      2. Policy Considerations
      3. Implementation Considerations
      4. Conclusion
    3. Chapter 3 Case Studies in Data Collection

      1. Google Street View WiFi: Inadvertent Over-Collection of Data
      2. iPhone Location Database
      3. Conclusion
    4. Chapter 4 Information Security: Protecting Data from Unauthorized Access

      1. InfoSec Best Practices for Privacy-Protected Systems
      2. Further Reading
      3. Conclusion
  2. Access and Control: Controlling Authorized Data Access

    1. Chapter 5 Security Architecture

      1. Overview
      2. Separating Roles, Separating Powers
      3. Making Roles Secure
      4. Conclusion
    2. Chapter 6 Access Controls

      1. Overview
      2. Access-Control Models
      3. Types of Access
      4. Managing Access
      5. Strengths and Weaknesses of Access Control
      6. Access Controls and the Fair Information Practice Principles (FIPPs)
      7. When to Use Access Controls
      8. Conclusion
    3. Chapter 7 Data Revelation

      1. Overview
      2. The Case for Data Revelation
      3. Requirements of Data Revelation
      4. Selective Revelation
      5. Purpose-Driven Revelation
      6. Scope-Driven Revelation
      7. Hybrid Revelation and Practical Scoping
      8. Designing for Data Revelation
      9. Strengths and Weaknesses of Data Revelation
      10. Data Revelation and the Fair Information Practice Principles (FIPPs)
      11. When to Use Data Revelation
      12. Conclusion
  3. Oversight: Holding Users and Systems Accountable

    1. Chapter 8 Federated Systems

      1. Overview
      2. “Always-On” Federation
      3. Asynchronous Federation
      4. Asking Out and Being Asked
      5. Strengths and Weaknesses of Federated Systems
      6. Federated Systems and the Fair Information Practice Principles (FIPPs)
      7. When to Use Federated Architecture
      8. Conclusion
    2. Chapter 9 Audit Logging

      1. Overview
      2. Why Are Audit Records Important?
      3. But Auditing Is Easy, Right?
      4. What Are the Challenges to Effective Auditing and How Do I Meet Them?
      5. Audit Logging and the Fair Information Practice Principles (FIPPs)
      6. Advanced Auditing Considerations
      7. Conclusion
    3. Chapter 10 Data Retention and Data Purging

      1. Overview
      2. What Is Data Retention?
      3. Why Is Data Retention Important?
      4. How to Set Retention and Purge Policies
      5. So You Want to Purge Data. Now What?
      6. Practical Steps of Data Retention
      7. Data Retention, Purging, and the FIPPs
      8. Conclusion
  4. Putting It All Together

    1. Chapter 11 Practical Applications and Use Cases

      1. Basic Framework
      2. Use Case #1: Social Media Analysis
      3. Use Case #2: Secure Messaging
      4. Use Case #3: Automated License Plate Readers (ALPR)
      5. Conclusion
    2. Chapter 12 Enter the Privacy Engineer

      1. The Role of the Privacy Engineer
      2. Avoiding Privacy Tunnel Vision
      3. Conclusion
    3. Chapter 13 The Future of Privacy

      1. The “Death” of Privacy
      2. Legal Reform
      3. Greater Transparency and Control
      4. Privacy in Plain Sight
      5. The Destiny of Data
      6. Anonymization Under Siege
      7. Expect the Unexpected