Engineer privacy into software, systems, and applications. This book is a resource for developers, engineers, architects, and coders. It provides tools, methodologies, templates, worksheets, and guidance on engineering privacy into software-from ideation to release and beyond-for technologies, products, systems, solutions, and applications.
This book can be used in conjunction with the ApressOpen bestseller, The Privacy Engineer's Manifesto. This book trains and equips users to engage in their own privacy scoping requirements workshops, write privacy use cases or "stories" for agile development, document UI privacy patterns, conduct assessments, and align with product and information security teams. And, perhaps most importantly, the book brings clarity to a vitally important need-the protection of personal information-that is often shrouded in mystery during the engineering process. Go from policy to code to QA to value, all within these pages.
What You Will Learn
Think of the Fair Information Principles as actionable, normative statements
Decode privacy into functional requirements that can be designed and coded
Prepare and conduct a privacy scoping requirements workshop
Translate privacy requirements into usable stories for agile development
Guide user interface designers in creating privacy controls and interfaces
Access software, systems, applications, and apps to see if the necessary privacy controls are in place
Create privacy engineering documentation (such as data flow diagrams and privacy impact assessments) so that tribal lore is translated into institutional knowledge
Access and ready the enterprise to support privacy engineering
Who This Book Is For
Serves multiple stakeholders, including those involved in architecting, designing, developing, deploying, and reviewing systems, products, processes, applications, and apps that process personal information. This workbook will appeal to software/hardware engineers, technical program and product managers, support and sales engineers, system integrators, IT professionals, lawyers, and information privacy and security professionals.