Privacy by Design
7.5 ECTS creditsThe course comprises five modules.
Module 1 Introduction to Privacy and the GDPR
The module includes the definitions, history and foundations of privacy with an emphasis on the challenges in information and communication technology. The focus is on the European and national (Swedish) laws regulating privacy, data protection and cyber safety, including agreements on transferring personal information beyond the EU. Some important decisions of the EU court in this area are discussed.
Module 2 Privacy Enhancing Technologies
The module introduces security and privacy mechanisms and technologies and proceeds to focus on how security and privacy mechanisms can be used to solve practical and theoretical problems, along with discussions of their advantages and disadvantages.
Module 3 Designing for Privacy
The module introduces the foundations of privacy, data protection, and privacy enhancing technologies, and focuses on the concepts of privacy by design and privacy impact assessments by exploring the relevant background, their relationship to the foundation and fundamental human rights, and by introducing relevant methods.
Module 4 Privacy Management
The module deals with privacy management as part of an organization's information security management. It introduces approaches to privacy management, provides deepened insight into one management approach, and explains how privacy threats can be anticipated and mitigated. Privacy risk and impact analysis are included in the management cycle, as is the selection of privacy control mechanisms.
Module 5 Privacy Patterns for Software Design
The module deals with privacy aspects during software design. It particularly focuses on architectural tactics and patterns as reusable conceptual solutions to recurring privacy problems. It also outlines how to use these concepts in agile development settings in order to engineer privacy into software.
The following components are included:
- Fundamental concepts of architectural tactics and patterns
- Privacy as quality attribute of software systems
- Introduction to privacy patterns, privacy anti-patterns, and privacy dark patterns
- Applying privacy patterns in agile development.
Module 1 Introduction to Privacy and the GDPR
The module includes the definitions, history and foundations of privacy with an emphasis on the challenges in information and communication technology. The focus is on the European and national (Swedish) laws regulating privacy, data protection and cyber safety, including agreements on transferring personal information beyond the EU. Some important decisions of the EU court in this area are discussed.
Module 2 Privacy Enhancing Technologies
The module introduces security and privacy mechanisms and technologies and proceeds to focus on how security and privacy mechanisms can be used to solve practical and theoretical problems, along with discussions of their advantages and disadvantages.
Module 3 Designing for Privacy
The module introduces the foundations of privacy, data protection, and privacy enhancing technologies, and focuses on the concepts of privacy by design and privacy impact assessments by exploring the relevant background, their relationship to the foundation and fundamental human rights, and by introducing relevant methods.
Module 4 Privacy Management
The module deals with privacy management as part of an organization's information security management. It introduces approaches to privacy management, provides deepened insight into one management approach, and explains how privacy threats can be anticipated and mitigated. Privacy risk and impact analysis are included in the management cycle, as is the selection of privacy control mechanisms.
Module 5 Privacy Patterns for Software Design
The module deals with privacy aspects during software design. It particularly focuses on architectural tactics and patterns as reusable conceptual solutions to recurring privacy problems. It also outlines how to use these concepts in agile development settings in order to engineer privacy into software.
The following components are included:
- Fundamental concepts of architectural tactics and patterns
- Privacy as quality attribute of software systems
- Introduction to privacy patterns, privacy anti-patterns, and privacy dark patterns
- Applying privacy patterns in agile development.
Progressive specialisation:
A1N (has only first‐cycle course/s as entry requirements)
Education level:
Master's level
Admission requirements:
Upper secondary level English 6 or B. Computer Science 30 ECTS cr, or three years of work experience in the IT sector, or equivalent
Selection:
Selection is usually based on your grade point average from upper secondary school or the number of credit points from previous university studies, or both.
This course is included in the following programme
- Master of Science in Industrial Engineering and Management (studied during year 4)