30-07-2024

Guidelines for DSE/GE: Data Privacy

Topic Hours Ch(s) and Section(s) Ref(s)
Introduction to Data Privacy
and Privacy Regulations: Ch-1 upto Sec 1.2 [3]
• Notion of data privacy, 20
• Historical context of data Ch-1 upto pg 8 [4]
privacy,
• Types of sensitive data, Ch-2: 2.1 upto pg 33, Ch 3: 3.4, [2]
• Privacy laws and regulations. Ch 14: 14.1-14.4

Ref [5] complete [5]

Data Privacy Attacks,
Cryptography and Data
Protection: 12 Ch-1 till Sec 1.11 [2]
• Type of Attacks/ Data
Breaches on Data Privacy,
• Impact of Data Breaches /
Attacks,
• Introduction to cryptography,
• Symmetric and asymmetric
encryption,
• Hashing and digital signatures.
Data Collection, Use and Reuse:
• Harms Associated with Data
collections, use and reuse, Ch-3: Sec II [1]
• Introduction to data 8
anonymization,
• Data Anonymization Ch-1: Section 1.4-1.7 [3]
Techniques for anonymizing
data,
• Challenges in anonymizing
data
Ethical considerations in Data
Privacy:
• Privacy and Surveillance, 5 Ch-3: Sec III, IV [1]
• Ethics of Data Collection and
Use,
• Bias and discrimination in data
analysis

References:
1. Ronald Leenes, Rosamunde van Brakel, and Serge Gutwirth: Data Protection and
Privacy: The Age of Intelligent Machines, Hart Publishing, 2017.
2. Stallings, William. Information privacy engineering and privacy by design: Understanding
privacy threats, technology, and regulations based on standards and best practices. Addison-
Wesley Professional, 2019.
3. Venkataramanan, Nataraj, and Ashwin Shriram. Data privacy: principles and practice.
Chapman and Hall/CRC, 2016.
4. Jarmul, Katharine. Practical Data Privacy. " O'Reilly Media, Inc.", 2023.
 Additional References

5. THE DIGITAL PERSONAL DATA PROTECTION ACT, 2023

(https://www.meity.gov.in/writereaddata/files/Digital%20Personal%20Data%20Protection%2
0Act%202023.pdf)
6. Ravinder Kumar Gaurav Goyal, The Right to Privacy in India: Concept and Evolution,
Publisher: Lightning Source, 2016.
7. https://onlinecourses.nptel.ac.in/noc22_cs37/preview
8. https://www.coursera.org/learn/northeastern-data-privacy/home/info
9. Naavi: Personal Data Protection Act of India (PDPA 2020): Be Aware, Be Ready and
Be Compliant, Notion Press, 2020.

Suggested Practical List (using Python):

1. Write a program to perform encryption and decryption using Caesar cipher

(substitutional cipher).
2. Write a program to perform encryption and decryption using Rail Fence Cipher
(transpositional cipher)
3. Write a Python program that defines a function and takes a password string as input and
returns its SHA-256 hashed representation as a hexadecimal string.
4. Write a Python program that reads a file containing a list of usernames and passwords,
one pair per line (separated by a comma). It checks each password to see if it has been
leaked in a data breach. You can use the "Have I Been Pwned" API
(https://haveibeenpwned.com/API/v3) to check if a password has been leaked.
5. Write a Python program that generates a password using a random combination of
words from a dictionary file.
6. Write a Python program that simulates a brute-force attack on a password by trying out
all possible character combinations.
7. Demonstrate the usage/sending of a digitally signed document.
8. Students needs to conduct a data privacy audit of an organization to identify potential
vulnerabilities and risks in their data privacy practices.
9. Students needs to explore the requirements of the Data Protection Regulations and
develop a plan for ensuring compliance with the regulation.
10. Students needs to explore ethical considerations in data privacy, such as the balance
between privacy and security, the impact of data collection and analysis on
marginalized communities, and the role of data ethics in technology development.

(Prof Neeraj Kumar Sharma) (Prof Vinita Jindal)