How Data Teams Can Contribute to Data Privacy

The world of privacy laws has grown in complexity over the past few years. From GDPR to a dozen US states with their own privacy laws to more specific laws like Washington’s My Heath My Data laws, a company with a global footprint may be subject to dozens of different regulations based on the geography of its customers.

As data practitioners, our decisions about what to store, where to store it, and how to model have a direct impact on our users’ privacy and our companies’ compliance posture. But, most data leaders receive no formal training in privacy, leading teams to make decisions often based only on their own opinions and best efforts. In this talk, we’ll try to change that. Amongst other topics, we’ll cover:

- The basic privacy rights and requirements enshrined in laws like Europe’s GDPR and California’s CPRA

- Misconceptions and anti-patterns in data engineering like mistaking pseudonymization for anonymization

- Advanced yet practical techniques in privacy, such as local computation and differential privacy

- Resources for continued learning and to get help designing privacy-aware systems

The talk will be heavy on practical examples and stories of things gone right and wrong.