IMT4217 - Introduction to Data Privacy
Lessons are not given in the academic year 2017/2018
The course is structured in three parts:
- The socio-political drivers of privacy. Here we discuss ethical and political foundations for why privacy is needed and frame privacy in terms of a tradeoff between individual privacy and societal benefit. An introduction to principles, best practices, and current rules and regulations to address this balance is presented in the context of data.
- Organizational techniques for data privacy. Here we present techniques for preventing unwarranted access to individuals data in the context of an organization. We will discuss access control mechanisms and their use for limiting unneeded access, data transport security, response to unwanted events such as breaches, as well as a process for identifying privacy requirements and connecting these with their implementations.
- Disclosure control. Here we discuss definitions of privacy in databases containing population data. In particular, we will contrast syntactic and differential privacy and their respective suitability for balancing privacy costs with information benefits, as well as present mechanisms for creating differentially private algorithms for data query.
- familiarity with ethical and political background of privacy
- familiarity with current rules and regulations governing data privacy
- familiarity with the information security management process as it pertains to data privacy
- familiarity withcommon definitions of privacy in the context of databases
- identify privacy related aspects of proposed data accesses
- research identified privacy aspects
- differentiate between different approaches to disclosure control
- design simple differentially private algorithms
- The candidate can analyze problems of data privacy and recognize legal requirements to be met
- The candidate can work independently and select appropriate classes of controls for addressing concerns regarding data privacy
- The candidate can acquire new knowledge and skills from research literature
Learning methods and activities
Further on evaluation
Re-sit in August.
Exam registration requires that class registration is approved in the same semester. Compulsory activities from previous semester may be approved by the department.
Admission to a programme of study is required:
Information Security (MIS)
Information Security (MISD)
Recommended previous knowledge
Basic calculus, basic probability theory and statistics
Books/legal text/standards, conference/journal papers and web resources including:
- Stanford Encyclopedia of Philosophy
- Regulations concerning privacy
- Select online papers on disclosure control and information security
- * The location (room) for a written examination is published 3 days before examination date.