From Privacy Engineering by Nishant Bhajaria

This article series explores incorporating privacy into your design from the beginning using automation.


Take 40% off Privacy Engineering by entering fccbhajaria into the discount code box at checkout at manning.com.


I first started conceiving the idea of a book on privacy in the spring of 2020. I had just completed recording two privacy courses. This was in the days when the novel Coronavirus was a side story in the news; I had predicted that, much like H1N1, SARS and Ebola, this novel Coronavirus would exit from the news cycle once a new story surfaced.

As I write this several weeks in, besides my prediction lying buried in a rubble of ruined plans, there is another lesson to be learned from the global disruption precipitated by this virus.

The Coronavirus changed how we lived our lives. Bustling streets, teeming sports centers, overflowing conference halls, glowing wedding venues–all of them went silent. Human connectivity has historically been a symbol of comfort and aspiration. In the times of Coronavirus, it became a threat vector, an ingestion point for contagion.

Physical human mobility, and the commerce that stems from it, builds on a foundation of trust and safety, When those components disappear, our economic engines stop moving, atrophy and start receding.

In much the same way, the lives we live online are also built on trust and safety.

When I first moved to the United States in 2000 as a teenager, I’d call my parents using expensive phone cards. Besides the cost, the process was painful: a toll-free number followed by a long pin which was then followed by a potentially unreliable connection. Adding funds to the card and procuring a new one was not trivial either.

Two decades hence, reaching my parents in Mumbai has gotten easier and cheaper. WhatsApp, Skype and Google Meet allow data-driven connectivity that is reliable, fast and cheap. It is ubiquitous and personal. I can see them, send them information mid-chat and connect that conversation to other media.

That connectivity and intimacy occurs on the foundation of safety.

As does all my other online activity: ordering groceries, getting food delivered, hailing a rideshare, booking tickets. Online commerce relies on trust and safety.

If you are an executive whose business thrives on the exchange of goods, ideas, money and information online, you benefit from this trust, and as such are responsible for its safe upkeep. Just as habits of a lifetime were paused by fear of a virus, online commerce is similarly vulnerable to a deficit of trust.

Privacy is a component of this trust. If your customers feel like their data and their identity is not safe in your custody, their patronage will go elsewhere. That is why you as an executive need to care about privacy.

Then there is the matter of your reputation and legal compliance.

Newly-passed laws offer regulators the tools to peek into your privacy practices like never before. The ensuing scrutiny is likely to shed light on past decisions made based on a very different set of data, but in the present circumstances make for suboptimal privacy outcomes.

Privacy is no longer an altruistic endeavor that companies can optionally partake in; public awareness and concern with privacy is keener than it has ever been, and subsequently businesses are under ever-increasing scrutiny with regard to how they handle and protect their customers’ data. Mistakes and bad decisions that companies make are more likely than ever to be brought to light. You should look at your privacy program as an investment that will enable you to protect your customers, and will promote your business as one that is worthy of trust.

Part 2 discusses why accomplished companies have trouble satisfying privacy concerns.

If you want to learn more about the book, you can check it out on our browser-based liveBook platform here.