Privacy Engineering in Practice
Data encryption and privacy — studied in structured depth, not skimmed over.
Published: 20.02.2026
What this covers
Session Outline
- Session 1: Where data goes wrong — collection, storage, and access patterns
- Session 2: Data minimization and retention as engineering decisions
- Session 3: Pseudonymization, anonymization, and re-identification risk
- Session 4: Consent systems, deletion workflows, and subject access requests
- Session 5: Privacy impact assessment exercise with group review
All sessions include a discussion segment. Questions submitted in advance get priority time.
Single payment covers all five sessions
About this program
Privacy compliance and privacy engineering are different things. One is paperwork. The other is decisions made at the schema level, the API layer, and the data retention policy before a single user signs up.
This program is for people who build things and want to understand where privacy problems actually originate in technical systems.
The gap this addresses
Teams often receive GDPR or privacy training aimed at legal staff. Developers get a policy document and a deadline. The practical questions, what data to collect, how long to store it, how to handle deletion requests at scale, go unanswered.
Sessions here work through those questions with concrete examples from product development contexts.
Core topics
Data minimization as a design constraint. Pseudonymization versus anonymization and why the difference matters legally and technically. Consent architecture and how to implement it without dark patterns.
Participants also work through a privacy impact assessment on a sample system. The exercise uses a realistic e-commerce data model, not a toy example.
Guest perspectives
Two sessions include practitioners, a backend engineer from a fintech background and a data protection officer who previously worked in software development. Both bring specific, grounded experience rather than general frameworks.
Format note
Five weeks, one session per week, roughly 90 minutes each. Written materials released before each session so participants can prepare questions.
Program size is kept small by design to allow real discussion. Registration closes when seats fill.