M14: Privacy engineering Flashcards
What is ENISA?
The European Union Agency for Cybersecurity… focused on enhancing cybersecurity across Europe.
What is the main goal of data protection engineering?
To support the selection… deployment… and configuration of measures to protect data.
What does GDPR stand for?
General Data Protection Regulation.
What is ‘Data Protection by Design’?
Integrating data protection measures into the processing of personal data from the start.
What is anonymisation?
Altering data to prevent identification of individuals.
What is pseudonymisation?
Replacing private identifiers with fake identifiers to protect personal data.
What is k-anonymity?
A method to anonymize data by ensuring each data point is indistinguishable from at least k- others.
What is differential privacy?
A technique that adds noise to data to protect individual privacy while allowing data analysis.
What is homomorphic encryption?
Encryption that allows computations on encrypted data without decrypting it.
What is secure multiparty computation?
A method where multiple parties compute a function without revealing their inputs to each other.
What is the purpose of data masking?
To hide the true values of data to protect privacy.
What are Privacy Enhancing Technologies (PETs)?
Technologies designed to protect privacy by minimizing personal data use.
What is the role of the European Data Protection Board (EDPB)?
To promote good practices and ensure consistent application of data protection rules.
What is a Data Protection Impact Assessment (DPIA)?
An assessment to identify and mitigate risks to personal data.
What is the main challenge of implementing GDPR principles?
Translating principles into tangible technical and organizational measures.
What is the difference between anonymisation and pseudonymisation?
Anonymisation removes all personal identifiers… while pseudonymisation replaces them with fake ones.
What is the purpose of privacy policies?
To inform users about how their data is collected… used… and protected.
What are privacy icons?
Visual symbols that help users understand privacy policies quickly.
What is a privacy dashboard?
A tool that allows users to manage their privacy settings and preferences.
What is consent management?
The process of obtaining and managing user consent for data processing.
What is the right to erasure?
The right of individuals to have their personal data deleted.
What is the right to rectification?
The right to have inaccurate personal data corrected.
What is end-to-end encryption?
Encryption that ensures data is only readable by the sender and the receiver.
What is proxy and onion routing?
Techniques to anonymize internet traffic by routing it through multiple servers.
What is the purpose of synthetic data?
To create artificial data that mimics real data for testing and analysis without privacy risks.
What is a trusted execution environment?
A secure area of a processor that ensures code and data are protected.
What is private information retrieval?
A method that allows users to retrieve data from a server without revealing what data is being retrieved.
What is the role of the European Data Protection Supervisor (EDPS)?
To ensure that EU institutions respect data protection laws.
What is the Cybersecurity Act?
An EU regulation that strengthens ENISA and establishes a cybersecurity certification framework.
What is the main focus of the document?
To provide practical guidance on implementing data protection by design and by default.