Privacy Tools and Techniques for Developers -Amber Welch - - PowerPoint PPT Presentation

privacy tools and techniques for developers
SMART_READER_LITE
LIVE PREVIEW

Privacy Tools and Techniques for Developers -Amber Welch - - PowerPoint PPT Presentation

Oct 01, 2023 208 likes •781 views

Privacy Tools and Techniques for Developers -Amber Welch bit.ly/2x1UXWX Amber Welch MA, CISSP, CISA, CIPP/E, CIPM, FIP, CCSK, and ISO 27001 Lead Auditor linkedin.com/in/amberwelch1 github.com/msamberwelch @MsAmberWelch bit.ly/2WRAGh8

slide-1
SLIDE 1

Privacy Tools and Techniques for Developers

  • Amber Welch

bit.ly/2x1UXWX

slide-2
SLIDE 2

Amber Welch

MA, CISSP, CISA, CIPP/E, CIPM, FIP, CCSK, and ISO 27001 Lead Auditor linkedin.com/in/amberwelch1 github.com/msamberwelch @MsAmberWelch

bit.ly/2WRAGh8

slide-3
SLIDE 3
  • Privacy Engineering Intro
  • Privacy by Design
  • Privacy Enhancing Technologies

bit.ly/2WXJTcR

slide-4
SLIDE 4

First, an apology.

bit.ly/2x1UXWX

slide-5
SLIDE 5

Legal teams have often kept tech out of privacy.

bit.ly/2ZBiEBz

slide-6
SLIDE 6

Developers don’t know privacy concepts. Privacy teams haven’t taught them.

bit.ly/2J3yEWn

slide-7
SLIDE 7

Privacy Impact Assessment

bit.ly/2x1UXWX

slide-8
SLIDE 8

Description

A Privacy Impact Assessment (PIA) is a method to:

  • Identify privacy risk
  • Map personal data flows
  • Document privacy risk mitigations
  • Fulfill regulatory requirements

bit.ly/2KmuLyI

slide-9
SLIDE 9

bit.ly/2x7BlRh

slide-10
SLIDE 10

Use Cases

  • New applications
  • Adding functions and features
  • Collecting new sensitive personal data
  • Annual reviews or audits
slide-11
SLIDE 11

Tasting Notes

Benefits

  • Legal compliance
  • Identify and reduce

privacy risks

  • Catch privacy errors

bit.ly/2qbrnu5

slide-12
SLIDE 12

Tasting Notes

Benefits

  • Legal compliance
  • Identify and reduce

privacy risks

  • Catch privacy errors

Limitations

  • High time investment
  • Ineffective if not

completed well

  • Not a security risk

assessment

bit.ly/2qbrnu5

slide-13
SLIDE 13

Data Minimization and Retention

bit.ly/2x1UXWX

slide-14
SLIDE 14

Description

Data minimization is:

  • Collecting only necessary data
  • Maintaining and updating data
  • Deleting old data that isn’t needed

bit.ly/2KmuLyI

slide-15
SLIDE 15

Use Cases

  • New applications
  • API integrations
  • Adding functions and features
  • Collecting new personal data
  • Customer termination
slide-16
SLIDE 16

Tasting Notes

Benefits

  • Legal compliance
  • Minimize volume of data

to be breached

  • Improve data quality

bit.ly/2qbrnu5

slide-17
SLIDE 17

Tasting Notes

Benefits

  • Legal compliance
  • Minimize volume of data

to be breached

  • Improve data quality

Limitations

  • Users may be frustrated
  • Companies like to keep

all the data

bit.ly/2qbrnu5

slide-18
SLIDE 18

Default Settings

bit.ly/2x1UXWX

slide-19
SLIDE 19

Description

Default settings for privacy should:

  • Minimize personal data collected
  • Prevent default data sharing
  • Require enabling of intrusive settings
  • Avoid making data public by default

bit.ly/2KmuLyI

slide-20
SLIDE 20

Less than 5% of general users change any default settings, while programmers change 40% of settings.

bit.ly/2UmLXEP

slide-21
SLIDE 21

bit.ly/2Hic0qm

slide-22
SLIDE 22

bit.ly/2Yg4i9D

slide-23
SLIDE 23

Tasting Notes

Benefits

  • Reputation for privacy
  • Reduce user frustration
  • Protect less educated

users

bit.ly/2qbrnu5

slide-24
SLIDE 24

Tasting Notes

Benefits

  • Legal compliance
  • Reputation for privacy
  • Reduce user frustration
  • Protect less educated

users Limitations

  • Companies may want to

monetize intrusive apps

  • Requires privacy

awareness at design

bit.ly/2qbrnu5

slide-25
SLIDE 25

Encryption

bit.ly/2x1UXWX

slide-26
SLIDE 26

Encrypt these:

bit.ly/2qbrnu5

  • TLS
  • Email and messaging
  • Databases
  • Cloud storage
  • Backups
  • Password management
  • Endpoint devices
slide-27
SLIDE 27

Don’t:

bit.ly/2qbrnu5

  • Make your own crypto
  • Use deprecated crypto (i.e., SHA1)
  • Hard code keys
  • Store keys on the same server as the data
  • Use one key for everything
  • Skip password hash and salt
  • Forget to restore certificates after testing
  • Use old crypto libraries
slide-28
SLIDE 28

Differential Privacy

bit.ly/2x1UXWX

slide-29
SLIDE 29

Description

Differential privacy:

  • Adds statistical noise to a data set
  • Prevents identification of one

individual’s record

  • Provides the same results as the raw

data would, with or without one record

bit.ly/2KmuLyI

slide-30
SLIDE 30

bit.ly/2IwDufR

slide-31
SLIDE 31

bit.ly/2Pk7fEG

slide-32
SLIDE 32

bit.ly/2Pk7fEG

slide-33
SLIDE 33

Tasting Notes

Benefits

  • Limit insider threats
  • Increase data usability
  • Allows for collaboration

without exposing data

bit.ly/2qbrnu5

slide-34
SLIDE 34

Tasting Notes

Benefits

  • Legal compliance
  • Limit exposure from

security incidents

  • Limit insider threats

Limitations

  • Works best on large

databases

  • Must be tuned well

bit.ly/2qbrnu5

slide-35
SLIDE 35

Privacy Preserving Ad Click Attribution

bit.ly/2x1UXWX

slide-36
SLIDE 36

Description

Privacy preserving ad click attribution:

  • Allows ad attribution monetization
  • Prevents user ad click tracking
  • Uses the browser to mediate ad clicks

bit.ly/2KmuLyI

slide-37
SLIDE 37

bit.ly/30FFBoj

slide-38
SLIDE 38

bit.ly/30FFBoj

slide-39
SLIDE 39

bit.ly/30FFBoj

Available now as an experimental feature

slide-40
SLIDE 40

Tasting Notes

Benefits

  • Allows websites to still

monetize content

  • Could become a W3C

web standard

bit.ly/2qbrnu5

slide-41
SLIDE 41

Tasting Notes

Benefits

  • Allows websites to still

monetize content

  • Could become a W3C

web standard Limitations

  • Needs widespread

adoption to be effective

  • Users may not believe

any ads respect privacy

bit.ly/2qbrnu5

slide-42
SLIDE 42

Federated Learning

bit.ly/2x1UXWX

slide-43
SLIDE 43

Description

Federated learning:

  • Trains a central model on

decentralized data

  • Never transmits device data
  • Sends iterative model updates to

devices which return new results

  • Uses secure aggregation to decrypt
  • nly the aggregate and no user data

bit.ly/2KmuLyI

slide-44
SLIDE 44

bit.ly/2J4Fx9H

slide-45
SLIDE 45

bit.ly/2J4Fx9H

slide-46
SLIDE 46

Use Cases

  • Android’s Gboard prediction model
  • Health diagnostics
  • Behavioral preference learning
  • Driver behavior
slide-47
SLIDE 47

Tasting Notes

Benefits

  • Speeds up modeling

and testing

  • Minimally intrusive
  • Individual data is not

accessible to the central model

bit.ly/2qbrnu5

slide-48
SLIDE 48

Tasting Notes

Benefits

  • Speeds up modeling

and testing

  • Minimally intrusive
  • Individual data is not

accessible to the central model Limitations

  • Errors could cause

private data leakage

  • Requires a large user

base

bit.ly/2qbrnu5

slide-49
SLIDE 49

Homomorphic Encryption

bit.ly/2x1UXWX

slide-50
SLIDE 50

Description

Homomorphic encryption:

  • Allows computation on ciphertext
  • Enables collaboration without

disclosing confidential data

  • Only the calculation results can be

decrypted

bit.ly/2KmuLyI

slide-51
SLIDE 51

bit.ly/2WWvkB4

slide-52
SLIDE 52

Use Cases

  • Computations on data shared across organizations
  • Research using highly sensitive records
  • Processing by employees with a lower clearance
  • Google’s open source Private Join and Compute
slide-53
SLIDE 53

Tasting Notes

Benefits

  • Reduces insider threat
  • Increases collaboration
  • Increases data usability

bit.ly/2qbrnu5

slide-54
SLIDE 54

Tasting Notes

Benefits

  • Reduces insider threat
  • Increases collaboration
  • Increases data usability

Limitations

  • Resource-intensive
  • Limited functions
  • No fully homomorphic

encryption available yet

bit.ly/2qbrnu5

slide-55
SLIDE 55

Becoming a Privacy Champion

bit.ly/2x1UXWX

slide-56
SLIDE 56

Amber Welch

MA, CISSP, CISA, CIPP/E, CIPM, FIP, CCSK, and ISO 27001 Lead Auditor

linkedin.com/in/amberwelch1 github.com/msamberwelch @MsAmberWelch

bit.ly/2WRAGh8