Privacy by design
At Karlstad University, we have developed advanced level academic courses addressing critical aspects of the EU General Data Protection Regulation (GDPR).
The courses are open for public access, to address the general interest, aid businesses competence development and their implementation of the regulation.
The course material ranges a broad spectrum and provides an introduction to privacy and data protection legislation including the GDPR, privacy enhancing technologies, privacy management, designing for privacy, and privacy patterns in software design.
The course consists of online lectures, and course material selected and produced by the course team. Moreover, it shows interviews with a series of privacy experts that were conducted for the course, including Amelia Andersdotter (Swedish privacy activist), Conny Claesson (DPO - Karlstad University), Marit Hansen (Data Protection Commissioner of the state Schleswig Holstein - ULD), Jonas Persson (security consultant), Steven Murdoch (UCL & Tor Project), Albin Zuccato (ATEA), Harald Zwingelberg (ULD).
The Privacy by Design course team: Stefan Alfredsson, Simone Fischer-Hübner, Lothar Fritsch, Sebastian Herold, Leonardo Iwaya, Leonardo Martucci, Tobias Pulls, Albin Zuccato
The five independent modules are:
- Introduction to Privacy and the GDPR: Privacy as a basic human right is increasingly at risk in our networked society. This module will introduce the concept and fundamental principles of privacy, discuss typical privacy risks that we are facing in context of Cloud Computing, IoT and Big Data, and will in particular introduce the legal principles of the Swedish Data Protection Legislation and of the upcoming EU General Data Protection Regulation (GDPR). It will present the measures and steps that organizations have to take for being compliant with the GDPR.
The free and open version of the course is available at https://kau.instructure.com/courses/5331
To apply for examination and academic credits, see https://www.kau.se/en/education/programmes-and-courses/courses/DVAD31 - Privacy Enhancing Technologies (PET)
The PET module first builds a foundation with an introduction to security and privacy mechanisms and technologies. On this foundation, the course focuses on the how security and privacy mechanisms can be used to solve practical (and theoretical) problems, and discuss their pros and cons. Upon completion of the module, students will be able to give an account of the basic security and privacy enhancing technologies; to relate security and privacy goals to mechanisms and technologies; and to explain when and how to apply different privacy enhancing technologies.
The free and open version of the course is available at https://kau.instructure.com/courses/5333
To apply for examination and academic credits, see https://www.kau.se/en/education/programmes-and-courses/courses/DVAD32 - Designing for Privacy: Data protection by design and default is mandatory in the GDPR. Looking at data protection in the broader context of privacy, this module covers how privacy-friendly systems are designed. We look at the relationship between data protection and privacy to better understand the requirements from the GDPR and different types of ethos around privacy-friendly design, such as privacy by design by Cavoukian. On this foundation, the module presents how to effectively perform privacy and data protection impact assessments, introducing common methods and lessons learnt from the literature.
The free and open version of the course is available at https://kau.instructure.com/courses/5335
To apply for examination and academic credits, see https://www.kau.se/en/education/programmes-and-courses/courses/DVAD33 - Privacy Management is a continuous process that assesses privacy risks and privacy impact of the business case and data collection in question. It selects controls, ensures that privacy policies and systems are in harmony, and produces documentation for audit. The privacy management module will present the overall privacy management process as part of the organizational security management process. Case studies and assignments for asset inventory, privacy risk analysis and exercises for the selection of privacy controls will complement the course content.
The free and open version of the course is available at https://kau.instructure.com/courses/5337
To apply for examination and academic credits, see https://www.kau.se/en/education/programmes-and-courses/courses/DVAD34 - Privacy Patterns for Software Design: "The ability of a software system to meet any desired quality attribute is manifested in its architecture and design. This is also true for privacy, a quality attribute that software engineers will need to pay particular attention to with the new GDPR of the EU becoming operative in 2018. In this module, we will elaborate on strategies that software architects and software designers can apply to address privacy requirements. We will focus on privacy-related patterns for software design as reusable solutions to reoccurring privacy challenges. The module consists of pre-recorded lectures and podcasts, instructions for further readings and exercises."
The free and open version of the course is available at https://kau.instructure.com/courses/5339
To apply for examination and academic credits, see https://www.kau.se/en/education/programmes-and-courses/courses/DVAD35
Interested in more information?
Sign up to our e-maillist for updates and information about the course!