ACIT4280 Privacy by design Course description

Privacy by Design is a fundamental requirement of the General Data Protection Regulation (GDPR) for all systems operating on personal information. This course provides an introduction to privacy and data protection including the legislation such as the GDPR, privacy enhancing technologies, privacy management, designing for privacy, and privacy patterns in software design. It enables the students to understand regulation, to identify privacy risk and consequences of data breaches, introduces them to privacy controls and builds skills in their application in a structured privacy engineering process. 

A student who has completed this course should have the following learning outcomes defined in terms of knowledge, skills and general competence:

Knowledge

On successful completion of this course the student:

• has thorough knowledge of writing in research processes
• has advanced knowledge of forums and channels in which research results are published
• has an introductory knowledge of the philosophy of science related to falsificationism, paradigms and research programs
• has thorough knowledge of the ethical basis for professional codes of conduct
• has advanced knowledge of writing styles related to research
• has thorough knowledge of structural templates for essay texts
• has thorough knowledge of the Toulmin model and its applications

Skills

On successful completion of this course the student:

• can find research literature in literature databases
• can analyse and critically evaluate various information sources
• can write summaries using his/her own words
• can use electronic reference tools
• can identify the research method used in a scientific text
• can explain the application of a research method in a research project
• can organize research literature in such a way as to identify patterns and commonalities
• can communicate a research-related topic using digital media
• can write texts using classic style

General competence

On successful completion of this course the student:

• can reflect and discuss plagiarism
• has a thorough knowledge of responsibility for author and co-authorship in accordance with the Vancouver Convention

No formal requirements over and above the admission requirements. 

Knowledge 

On successful completion of this course the student has:   

• knowledge of basic legal privacy concepts and data protection regulations and will be able to apply them in systems analysis and design 
• knowledge of concepts of privacy by design and privacy impact assessment and the ability to compare different assessment methods  
• applicable knowledge of principles of architectural tactics for privacy and privacy patterns. 

Skills

On successful completion of this course the student can:  

• map legal privacy principles to technical privacy concepts 
• design and plan solutions that map security and privacy goals to mitigation mechanisms and technologies 
•  apply privacy by design and analyze software architectures using privacy impact assessments 
• apply appropriate architectural tactics for privacy and privacy patterns in order to derive and create solutions that mitigate privacy risks 

General competence

On successful completion of this course the student can:  

• explain and apply their knowledge of security and privacy enhancing technologies 

• Online course material for preparatory reading (flipped classroom approach) 
• Bi-weekly lecture and case discussions 
• Bi-weekly presentations of student home assignment cases 

The following required coursework must be approved before the student can take the exam:   

One group assignment (2-5 students) consisting two parts: a report and a presentation. 

Individual written exam, 3 hours. The exam result can be appealed. 

New/postponed exam: In case of failed exam or legal absence, the student may apply for a new or postponed exam. New or postponed exams are offered within a reasonable time span following the regular exam. The student is responsible for registering for a new/postponed exam within the time limits set by OsloMet. The Regulations for new or postponed examinations are available in Regulations relating to studies and examinations at OsloMet. 

None.

This course offers an introduction to the practice of writing and reading academic literature. Communicating properly, both in written and oral form, is a cornerstone of research. This course therefore also contains an element of rhetoric and writing techniques. The course will cover common concepts from research methods, such as qualitative and quantitative methods. A brief introduction of the philosophy of science helps us put the vast variations of research in context. Finally, the course introduces research and professional ethics.

No formal requirements over and above the admission requirements.