|English: The logo of the Organisation for Economic Co-operation and Development (OECD). (Photo credit: Wikipedia)|
This is the part 2 of my preparation notes for CIPT certification exam from the International Association of Privacy Professionals. There is very limited free preparation material and practice test quizzes are hard to find, so this cheat sheet should help you a lot. Its content comes from my reading of several reference books and trainings, etc.
The pass rate for CIPP and CIPT is not that high; so, I advise you to have a look to following textbooks:
- For CIPP: Certified Information Privacy Professional (CIPP/US) Study Guide: Pass the IAPP's CIPP/US Exam with Ease!
- For CIPT: Introduction to IT Privacy: A Handbook for Technologist
PS: have a look to part 1 to have a complete overview of what you need to remember to succeed in the exams.
Basics You Must Know About Privacy in Technology
- For CIPT in particular, you need a good technical culture on web related technologies: bring your own device, social media, cloud-based services (SaaS, PaaS, IaaS) that kind of things.
- A data breach costs about 200 USD per customer record leaked
- To stay safe, you need company-wide processes & privacy / security policies, covering suppliers & customers too.
- Security measures to be taken include encryption of data, software protection, access controls, physical protection, auditing, social engineering prevention...
- You should be familiar with the information lifecycle: collection, Use, Retention, Disclosure, Destruction
- You must be familiar with the Fair Information Practices (FIPs) and the OECD guidelines: collection limitation, data quality, purpose specification, use limitation, security safeguards, openness, individual participation, accountability.
Concrete Actions to Preserve Privacy
- You need a data classification plan: associates policies to a class of data. For example, HR data must be deleted after 6 months. Or simple: public, vs internal, vs secret data.
- You need a data inventory: repository context & purpose, owner, location, size, data classification (types of data), data format, data purpose and use, data accesses & cross-border data flows.
- Data flow diagrams help to show who does what with the data and where (important to determine the legal obligations).
- Whenever there is a change in your data flows / inventory you should conduct a Privacy Impact Assessment (PIA)
What You Should Know About Privacy by Design
- Privacy by design is an approach to implement FIPs / OECD guidelines depending on tolerance for risks.
- Principles of privacy by design: proactive not reactive, privacy as default setting, privacy embedded into design, full functionality, end-to-end security during full lifecycle, visibility & transparency, user-centric/ friendly privacy features.
- As usual for change management, you need to communicate a top-level commitment and to create a privacy standard.
- It's important to implement your industry-specific standards, such as Basel III for financial institutions, payment card industry (PCI) standard for merchants and payment processing actors, or Internet Advertising Bureau (IAB) rules for advertising.
- Data duplication is often required to guarantee that a person has access to only the information he or she is allowed to access.
Identifiability and Privacy
- Personally identifiable data (PII): pieces of information that permit identifying a single person (or the person's device).
- Anonymous data: impossible to come back to the person identify
- Pseudonymous: you can link several pieces of information related to the same person, but not to come back to that person identity.
- De-identified data: data that has been processed to remove PII.
- IP addresses are considered PII in the USA and many other countries.
- Mechanisms to de-identify data: truncation of data or accuracy limitation, obfuscation & encryption, randomization, aggregation, K-filtering, extrapolation... HiPAA provides several concrete methods to de-identifying data.
- Beware the combination of several data sources: it could lead to re-identification based on your data. So be careful. And concretely: run re-identification tests to ensure that your de-identification method works!
Other Elements From the Study Guide For IAPP Certifications
- You must be super careful with personal data related to children. Age limit for this specific protection depends on the country: 13 for USA, 14 for South Korea, 18 for most of the other countries. There are several guidelines to protect children and avoid cyber-bullying, sexual crimes, etc.
- Beware of all the non-nominal cases for data access: remote work, backup systems, former employees, network transfers, personal devices (bring your own devices - BYOD policies) and their theft, printers, co-location in data-centers, mergers and acquisitions... All these cases introduce specific vulnerabilities that must be addressed.
- Authentication factors: something you know / you are / where you are / something you have.
- Important principles for security: least privilege access, segmentation of duties.
- Beware of location tracking it's not possible to prevent tracking of GPS signal in some situations.
- Internet ads:
- Types of ads: inventory ads (not personalized), premium (on prestigious websites), contextual (based on the page content), demographic (tuned based on age / gender), psychographic (interest / intend based) & behavioral (based on the what the web history).
- Sources of ads: search, display from the publisher (ads of the publisher of the page you are visiting) & third party (from third parties other than the publisher).
- Right to be forgotten (European data protection Article 17 / 19 working party)
- Tracking technologies: cookies, beacons, locally shared objects, browser fingerprinting, history sniffing, super cookies
- Threats: phishing, SQL injection, cross-site scripting, spam
- Machine learning policies: security assertion markup language (SAML) used for single sign on by many internet companies (Google etc).
- HTTP Strict Transport Security (HSTS): mechanism to force the use of HTTPS instead of HTTP
- Differential privacy: an approach for analyzing database content without disclosing information about the user. Not sure if it works: there is criticism around this method.
- Encryption levels: disk > file > record > field.
These notes should help you get your certification. Read my other posts in this series (part 1) to prepare even better. These post cover the basics only, so go ahead an work on the textbooks too!