• Introduction to Privacy – Privacy is broad subject, a cultural issue, and has different meaning in different contexts. It varies from person to person, culture to culture and geography to geography. This particular topic details about privacy evolution globally, current trends, basic concepts and fundamentals, etc. for setting the context of and understanding privacy as a subject.

  • Drivers for Privacy Protection – The current era has significantly changed the concept of privacy as the imperatives driving privacy are rapidly evolving. PBoK introduces some of the key drivers like technology advancement, rising economic value of data, mass surveillance programs, globalization and trans border data flows, etc. that are driving privacy globally.

  • Privacy Principles – It is very important for a privacy professional to clearly understand the privacy principles as the whole edifice of privacy is erected on the foundation built from privacy principles. Privacy principles represent the core of privacy protection and form the underlying components around which data protection or privacy protection laws across the world are based. Apart from privacy principles and their usage in various geographies, PBoK also discusses about their history, rationale, developments, and mapping against various frameworks.

  • Privacy Laws and Regulations – Regulatory landscape, which includes Legal Frameworks, Laws, Rules & Regulations, Guidelines and Policies, is imperative for lawful and fair functioning of business and government activities, and protecting the rights of an individual. These can take many forms like legal restrictions promulgated by a government authority or self-regulation by an industry through trade association, social regulations like netiquettes, co-regulations, market regulations etc. PBoK under this topic deals with privacy laws and regulations from some key geographies along with their evolution, drivers, approach and a framework to understand legal structures.

  • Trans border Data Flows – The importance of trans-border data flows in the globalized economy has increased dramatically – whether it is between businesses or between individuals and businesses or involves governments. Trans-border data flow facilitates business process streamlining, improves market access, and maintains business relevance in a fast-evolving business landscape. This topic looks at this aspect of criticality and sensitivity of transfer of data from privacy point of view and the various approaches, models and frameworks followed to manage this.

  • Platforms for PI Transactions – With the advancements in computerization, the Internet and the opening up of markets, Business to Consumers (B2C) and Government to Citizens (G2C) transactions have grown exponentially. In all these transactions, one of the common aspect is collection of information, its distribution and its use. A significant portion of information transacted includes personal information, which raises privacy concerns. This topic under PBoK discusses different platforms where information transacted includes personal information, privacy concerns it raises, the technologies and tools that can be used to track online transactions, other online-offline mechanisms such as RFID technology, wearable computers, etc. which can compromise privacy.

  • Privacy Enhancing Tools and Technologies – Privacy Enhancing Technologies, or PETs, are usually not off-the-shelf programs or plug-and-play components that can just be installed and used. These are methodologies whose selection and application varies on case to case basis. Privacy Enhancing Tools, on the other hand, are components and techniques that can be deployed to address privacy specific needs. This topic covers various tools and technologies which can be used to protect and enhance privacy in online and offline transactions.

  • Information Life Cycle – Information Lifecycle refers to all the stages of information in general right from the time of its collection or generation to the time it is disposed of. Information Lifecycle Management (abbreviated as ILM) refers to a wide-ranging set of strategies, policies and mechanisms for administering information lifecycle. This topic looks at a typical information lifecycle and the privacy issues that crop up at each stage of that lifecycle.

  • Privacy in Organizations – Privacy program implementation in any organization includes consideration of lot of aspects such as privacy policies and processes, regulatory compliance and intelligence, geographical considerations, contracts management, usage and access policies, ensured security, training and awareness, incident management system, etc. In order to address complexities brought by these aspects in implementation of a privacy program, organizations refer various standards and frameworks such as DSCI Privacy Framework (DPF©), APEC Privacy Framework, GAPP, OECD, ISO 29100, BS 10012, etc.. PBoK under this topic discusses all these primary standards, framework, practices, privacy program requirements, etc. for understanding of a good privacy program and its implementation in any organization.

Competency Areas

  • Privacy Evolution
  • Contemporary global developments
  • Data Protection Laws & Regulations
  • Trans-border Data Flows
  • Privacy Concepts & Vocabulary
  • Privacy Principles
  • Technology Trends
  • Drivers for Privacy Protection
  • Standards and Frameworks


  • Become part of growing privacy fraternity
  • Become a distinguished privacy professional
  • Get access to Body of Knowledge (BoK) and regular updates
  • Demonstrate your privacy credentials and enhance your employability
  • Get recognition by peers and employers
  • Get engaged in DSCI activities