Carnegie Mellon University

Privacy Engineering Certificate: Program Details

Program Content and Structure

The certificate program is organized around 8 weekly modules designed to give students a practical, hands-on understanding of the disciplines required for privacy engineers to succeed. Modules combine mini tutorials with class discussions and practical, hands-on exercises with instruction offered remotely over the weekend. Students are expected to devote a few weekday evening hours each week to review materials covered over the previous weekend and read material in preparation for the following weekend. The following describes each of the 8 weekly modules.

Module 1 - Introduction to Privacy

This module introduces students to the conceptual and philosophical underpinnings of privacy. The term “privacy” has an array of meanings depending on culture, context, and personal preference and there are a variety of viewpoints and frameworks which may help practitioners make sense of this complicated area. We will review the major schools of thought, history, and controversies in the field of privacy. Students will come away from this session with the mental models needed to reason through complex definitions of privacy in order to decide on sound courses of action.

Module 2 - Privacy Policy: Understanding the Regulatory Landscape

This module focuses on policy issues related to privacy from the perspectives of governments, organizations, and individuals. We will examine the privacy protections provided by laws and regulations, as well as the way technology can be used to protect privacy. We will emphasize technology-related privacy concerns and mitigation, for example: social networks, smartphones, behavioral advertising (and tools to prevent targeted advertising and tracking), anonymous communication systems, and other topics

Module 3 - Information Security

This module introduces students to the concepts, technologies, practices and challenges associated with Information Security. The module takes a broad view of Information Security, which includes looking at relevant business, organizational, human, legal and policy issues. In the process, students will learn what it takes to design, develop, deploy and maintain information systems, services and software products that are secure and comply with applicable regulations. They will develop an appreciation for the multifaceted challenges associated with this space and the complex trade-offs that are often entailed in addressing these challenges in practice. This module in particular will provide students with a foundation of security concepts, techniques and tools that include threat models, applied cryptography, network security, web security, mobile and IoT security. The module includes discussions and hands-on exercises intended to give students a practical appreciation of these topics.

Module 4 - Algorithms and Models for Privacy and Fairness

This module will discuss quantitative techniques for enforcing and measuring privacy and fairness in complex software systems and algorithms. The module will start by discussing different privacy metrics and definitions, including statistical definitions (e.g., differential privacy) and logical ones. We will discuss tradeoffs between these definitions, techniques for implementing privacy protections in algorithms, and how to choose between privacy techniques. In the second portion of the unit, we will discuss algorithmic fairness and bias. We will discuss different approaches for measuring bias in algorithms, as well as techniques for mitigating it. Students will gain experience working with open-source privacy (Tensorflow Privacy) and fairness libraries (Fairlearn).

Module 5 - Privacy Engineering: Principles, Methodologies, and Tools

With the advent of the EU’s General Data Protection Regulation, so-called “Privacy by Design” (PbD) approaches to software systems development have moved from theoretical best-practice to pressing legal requirement. However, despite new requirements to follow PbD, there is no one-size-fits-all approach to engineering privacy-respecting software systems. In this session we will explain how implementing privacy controls in software architecture differs from policy approaches, identify privacy threats emerging from software system design, use personas and goals to develop privacy requirements for high-risk groups, explore the challenges in designing Subject Access Request systems, and how to conduct Privacy Impact Assessments during the software development process.

Module 6 - Usable Privacy Design

This course will motivate and introduce students to user-centered privacy design. We will discuss users’ privacy-related behaviors and concerns and how they make decisions related to privacy. We will talk about several types of privacy interfaces — including privacy notices, consent interfaces, privacy settings, and privacy dashboards — and common usability problems with those interfaces. We will provide a brief introduction to usability and privacy design principles and processes. Finally, we will introduce several common user study methods and show how they have been used in privacy studies. Students will work in groups on a privacy interface design exercise and discuss approaches to conducting user studies to evaluate their solutions.

Module 7 and 8 - Capstone Projects

Captone projects are designed to help reinforce the material covered in the earlier modules and give students the opportunity to apply their knowledge in a more holistic format while working in small teams under the supervision of program faculty. Capstone projects will vary from one cohort to the next and typically revolve around privacy-by-design projects. They will often involve privacy impact assessments along with the design or redesign of technologies.

Module 7 and 8 also include guest lectures on advanced topics in privacy by experts from industry and/or academia as well as a review of program materials and preparation for the IAPP CIPT exam.

Certificate Program Prerequisites

Students who enroll inthe certificate program are expected to have a basic understanding of computersand the Internet and some prior exposure to programming. Minimally, studentsshould be able to read short code snippets in languages such as java, HTML andjavascript. Students are also expected to have a basic understanding ofstatistics. Reading material will be made available to students who are notsure they fully satisfy these requirements or feel they might need a briefrefresher. Students are responsible for making sure they meet theprogram's requirements. We will not be testing them. All instruction is inEnglish. Accordingly a good command of the English language is necessary totake this program - this includes reading, writing as well as speaking.