Data Privacy : A runbook for engineers (Paperback)
Usually arrives at our store within 4-7 days
Engineer privacy into your systems with these hands-on techniques for data governance, legal compliance, and surviving security audits.
"I wish I had had this text in 2015 or 2016 at Netflix, and it would have been very helpful in 2008–2012 in a time of significant architectural evolution of our technology."
Neil Hunt, Former CPO, Netflix
In Data Privacy you will learn how to:
Classify data based on privacy risk
Build technical tools to catalog and discover data in your systems
Share data with technical privacy controls to measure reidentification risk
Implement technical privacy architectures to delete data
Set up technical capabilities for data export to meet legal requirements like Data Subject Asset Requests (DSAR)
Establish a technical privacy review process to help accelerate the legal Privacy Impact Assessment (PIA)
Design a Consent Management Platform (CMP) to capture user consent
Implement security tooling to help optimize privacy
Build a holistic program that will get support and funding from the C-Level and board
Data Privacy teaches you to design, develop, and measure the effectiveness of privacy programs. You’ll learn from author Nishant Bhajaria, an industry-renowned expert who has overseen privacy at Google, Netflix, and Uber. The terminology and legal requirements of privacy are all explained in clear, jargon-free language. The book’s constant awareness of business requirements will help you balance trade-offs, and ensure your user’s privacy can be improved without spiraling time and resource costs.
Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.
About the technology
Data privacy is essential for any business. Data breaches, vague policies, and poor communication all erode a user’s trust in your applications. You may also face substantial legal consequences for failing to protect user data. Fortunately, there are clear practices and guidelines to keep your data secure and your users happy.
About the book
Data Privacy: A runbook for engineers teaches you how to navigate the trade-off s between strict data security and real world business needs. In this practical book, you’ll learn how to design and implement privacy programs that are easy to scale and automate. There’s no bureaucratic process—just workable solutions and smart repurposing of existing security tools to help set and achieve your privacy goals.
Classify data based on privacy risk
Set up capabilities for data export that meet legal requirements
Establish a review process to accelerate privacy impact assessment
Design a consent management platform to capture user consent
About the reader
For engineers and business leaders looking to deliver better privacy.
About the author
Nishant Bhajaria leads the Technical Privacy and Strategy teams for Uber. His previous roles include head of privacy engineering at Netflix, and data security and privacy at Google.
Table of Contents
PART 1 PRIVACY, DATA, AND YOUR BUSINESS
1 Privacy engineering: Why it’s needed, how to scale it
2 Understanding data and privacy
PART 2 A PROACTIVE PRIVACY PROGRAM: DATA GOVERNANCE
3 Data classification
4 Data inventory
5 Data sharing
PART 3 BUILDING TOOLS AND PROCESSES
6 The technical privacy review
7 Data deletion
8 Exporting user data: Data Subject Access Requests
PART 4 SECURITY, SCALING, AND STAFFING
9 Building a consent management platform
10 Closing security vulnerabilities
11 Scaling, hiring, and considering regulations
About the Author
Nishant Bhajaria leads the Technical Privacy and Strategy teams for Uber. He heads a large team that includes data scientists, engineers, privacy experts and others as they seek to improve data privacy for the customers and the company. His role has significant levels of cross-functional visibility and impact. Previously he worked in compliance, data protection, security, and privacy at Google. He was also the head of privacy engineering at Netflix. He is a well-known expert in the field of data privacy, has developed numerous courses on the topic, and has spoken extensively at conferences and podcasts.