技术隐私审查流程实战演练.pdf

《技术隐私审查流程实战演练.pdf》由会员分享，可在线阅读，更多相关《技术隐私审查流程实战演练.pdf（11页珍藏版）》请在三个皮匠报告上搜索。

1、Demystifying the Technical Privacy Review Process:A Simulated ExperienceI.Session Outline II.Welcome and Introductions(10 Mins)III.Differences between DPIA and Technical Privacy Review(5 Mins)IV.Mock Technical Privacy Review (30 Mins)V.Q&A(15 Mins)AGENDA OUTLINEJay Averitt,Microsoft,Senior Privacy P

2、roduct ManagerRoche Saje,Meta,Privacy Engineering ManagerNandita Rao Narla,DoorDash,Head of Technical Privacy and GovernanceEngin Bozdag,Uber,Senior Staff Privacy ArchitectWELCOME AND INTRODUCTIONSLegal vs.Technical Privacy Review Legal Privacy Review(PIA/DPIA)Technical Privacy ReviewObjectiveDemons

3、trate regulatory compliance Surface privacy defects ScopeTypically at the process/function levelTypically smaller scope,at the feature/app/system levelOwnershipLegal team and/or privacy program managers Technical privacy team and/or cybersecurity teamEngagement PhasePre-release or after release Befo

4、re dev work and after product specs definitionInput ArtifactsPrimarily interview driven,takes into account any available process narratives Technical design artifacts-PRD,ERD,Architecture designs,system design analysisOutputPIA/DPIA documentationTechnical recommendations to address design gapsILP(I

5、Love Privacy)Fitness App ReviewThe ILP Fitness App is an all-in-one fitness solution that harnesses the power of AI to create custom workouts to match your intended fitness goals.ILP will collect information about the user in order to use a third party LLM(Large Language Model)to generate a custom f

6、itness plan,give feedback about the progress,recommend new routines,etc.ILP(I Love Privacy)Fitness App ReviewWhat are the privacy risks?Which questions should we ask engineers?Which controls should we implement?System DesignScope of technical reviewQ&ARESOURCE