S2E5 - What's New in Privacy-by-Design with R. Jason Cronk (IOPD)

R. Jason Cronk is the Founder of the Institute of Operational Privacy Design (IOPD) and CEO of Enterprivacy Consulting Group, as well as the author of Strategic Privacy by Design. I recently caught up with Jason at the annual Privacy Law Salon event and had a conversation about the socio-technical challenges of privacy, different privacy-by-design frameworks that he’s worked on, and his thoughts on some hot topics in the web privacy space.

---------
Thank you to our sponsor, Privado, the developer-friendly privacy platform
---------

We start off discussing updates to  Strategic Privacy by Design, now in it's 2nd edition. We chat about the brand new ISO 31700 Privacy by Design for Consumer Goods and Services standard and consensus process and  compare it to the NIST Privacy Framework, IEEE 7002 Standard for Data Privacy, and Jason's work with the Institute of Operational Privacy Design (IOPD) and it's newly-published Design Process Standard v1. 

Jason and I also explore risk tolerance through the lens of privacy using FAIR. There’s a lot of room for subjective interpretation, particularly of non-monetary harm, and Jason provides many thought-provoking examples of how this plays out in our society. We round out our conversation by talking about the challenges of Global Privacy Control (GPC) and what deceptive design strategies to look out for.

Topics Covered:

• Why we should think of privacy beyond "digital privacy"
• What readers can expect from Jason’s book,  Strategic Privacy by Design, and what’s included in the 2nd edition
• IOPD’s B2B third-party privacy audit
• Why you should leverage the FAIR quantitative risk analysis model to define address effective privacy risk management programs
• The NIST Privacy Framework and developments of its Privacy Workforce Working Group
• Dark patterns & why just asking the wrong question can be a privacy harm (interrogation)
• How there are 15 privacy harms & only 1 of them is about security

Resources Mentioned:

• Learn about the ISO 31700 Privacy by Design Standard
• Review the IOPD Design Process Standard v1

Guest Info:

• Follow Jason on LinkedIn
• Follow Enterprivacy Consulting Group on Twitter

Send us a text

Privado.ai
Privacy assurance at the speed of product development. Get instant visibility w/ privacy code scans.

Shifting Privacy Left Media
Where privacy engineers gather, share, & learn

Buzzsprout - Launch your podcast


Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.

Copyright © 2022 - 2024 Principled LLC. All rights reserved.