The Shifting Privacy Left Podcast cover image

The Shifting Privacy Left Podcast

S2E5 - What's New in Privacy-by-Design with R. Jason Cronk (IOPD)

Feb 7, 2023
58:32
Creator website

R. Jason Cronk is the Founder of the Institute of Operational Privacy Design (IOPD) and CEO of Enterprivacy Consulting Group, as well as the author of Strategic Privacy by Design. I recently caught up with Jason at the annual Privacy Law Salon event and had a conversation about the socio-technical challenges of privacy, different privacy-by-design frameworks that he’s worked on, and his thoughts on some hot topics in the web privacy space.

---------
Thank you to our sponsor, Privado, the developer-friendly privacy platform
---------

We start off discussing updates to  Strategic Privacy by Design, now in it's 2nd edition. We chat about the brand new ISO 31700 Privacy by Design for Consumer Goods and Services standard and consensus process and  compare it to the NIST Privacy Framework, IEEE 7002 Standard for Data Privacy, and Jason's work with the Institute of Operational Privacy Design (IOPD) and it's newly-published Design Process Standard v1. 


Jason and I also explore risk tolerance through the lens of privacy using FAIR. There’s a lot of room for subjective interpretation, particularly of non-monetary harm, and Jason provides many thought-provoking examples of how this plays out in our society. We round out our conversation by talking about the challenges of Global Privacy Control (GPC) and what deceptive design strategies to look out for.


Topics Covered:

  • Why we should think of privacy beyond "digital privacy"
  • What readers can expect from Jason’s book,  Strategic Privacy by Design, and what’s included in the 2nd edition
  • IOPD’s B2B third-party privacy audit
  • Why you should leverage the FAIR quantitative risk analysis model to define address effective privacy risk management programs
  • The NIST Privacy Framework and developments of its Privacy Workforce Working Group
  • Dark patterns & why just asking the wrong question can be a privacy harm (interrogation)
  • How there are 15 privacy harms & only 1 of them is about security

Resources Mentioned:

Guest Info:

Send us a text



Privado.ai
Privacy assurance at the speed of product development. Get instant visibility w/ privacy code scans.

Shifting Privacy Left Media
Where privacy engineers gather, share, & learn

Buzzsprout - Launch your podcast


Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.

Copyright © 2022 - 2024 Principled LLC. All rights reserved.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode