Strategic Privacy by Design

Workshop by R. Jason Cronk CIPT, CIPM, CIPP/US, FIP by the IAPP, PbD Ambassador, author of the book «Strategic Privacy by Design»
from 18 November to 19 November2019
EUR (per group)
Minsk / Belarus


Strategic Privacy by Design is a unique workshop by world star in data privacy Jason Cronk (US). You will learn how to apply Privacy by Design method to your products and services.

Why a lack of knowledge about Privacy by Design can cost you much?

European companies are forbidden to buy any soft which violates the principles of Privacy by Design. Therefore, you can lose current and future customers if you don’t train employees in time.

Untrained employees aren’t capable to project privacy in software because:

  • business analysts don’t know what to ask the client;
  • system architects don't know which strategies and tactics to use;
  • programmers don’t know about existence of privacy enhancing technologies (PETs);
  • testers don’t know how to check whether the product complies with the principles of information privacy;
  • a risk-based approach isn’t used in management during the selection of use cases and user stories for the next sprint.

What is the benefit of developing software according to Privacy by Design?

Outsourcing companies may raise prices for developing. Customers are ready to overpay about 50% in case your product complies Privacy by Design.

Product companies can avoid fines of up to 10 million euros for violation of Article 25 GDPR “Data protection by design and by default”. In addition, Privacy by Design strengthens the trust of users due to the creating of better products and services.

Such an opportunity should not be missed. The event is held in CIS only once and no more events are planned.



R. Jason Cronk CIPP/US, CIPT, CIPM
R. Jason Cronk
CIPT (Certified Information Privacy Technologist), CIPM (Certified Information Privacy Manager), CIPP/US (Certified Information Privacy Professional/United States), Privacy by Design Ambassador, Juris Doctor, FIP (Fellow of Information Privacy) by the International Association of Privacy Professionals.

With more than twenty years of experience in the Information Technology industry and as a licensed attorney in Florida, Robert Jason Cronk is a creative and analytical thinker, able to traverse the realms of business, law, and technology.

In 2004, while working in the information security department of Verizon, Mr. Cronk decided to make his long standing personal interest in information privacy a career choice. In 2006, he entered Florida State University School of Law where he focused his research on privacy law issues, including authoring a white paper on the intersection of privacy and public records for the Florida First Amendment Foundation.

After graduating, with honors, he earned his CIPP/US, was admitted to practice in Florida and has become an active member of the privacy professional’s community through his involvement in the International Association of Privacy Professionals. He has since been awarded the CIPT, CIPM and FIP by the IAPP.

Mr. Cronk is a noted speaker and writer on the subject of Privacy, including presentations at multiple IAPP events, the Privacy and Security Forum, the Intel Security Conference and guest lectures at Florida State University and Indiana University.

Why do you need to learn from Jason?

Of course, you can try to find another trainer without resorting to the services of a leading specialist in the world but:

  1. It would be a great plus to your company’s image in the vision of your future  European customers from the EU and all users of your products.
  2. If your company has an INTERNATIONAL LEVEL, so your trainers should have the same level too.
  3. Your trained employees will receive 5.5 CPE credits for professional certifications Certified Information Privacy Technologist (CIPT) and Certified Information Privacy Manager (CIPM).
  4. And the main thing is that we took upon ourselves all the concerns of organizing and bringing Jason Cronk, negotiations with him and the solution of all issues.

This means that all you need to do is to send your employees and provide space for corporate training.

Interpretation by Siarhei Varankevich

Co-Founder & CEO of Data Privacy Office LLC. Data Protection Trainer and Principal Consultant
MBA, Certified Information Privacy Professional (CIPP/E), Certified Information Privacy Manager (CIPM). Started to work with the GDPR draft version, in 2015, in Munich. Defended his MBA thesis about the Regulation, in Bremen, in 2016

Siarhei delivered hundreds of consultations on GDPR issues to companies around the world. He helped to implement the GDPR program as an external project manager in over 50 companies.

After the course you can answer the following questions

privacy student
How to identify threatening actors?
How to construct a privacy model from scratch?
privacy student
privacy student
How to identify potential privacy invasions?
What strategies and practices can be used to mitigate privacy risks?
privacy student
privacy student
What are the consequences of privacy breaches for individuals?
How to develop a privacy risk model based on FAIR (Factor analysis of information risk)?
privacy student
privacy student
How to apply the design process to real-world examples?


This two days class turns privacy professionals into Privacy by Design professionals. Four sessions take you through the all the elements necessary for including Privacy by Design in your products, services and processes.

Session 1 – Building a model: Actors and violations
Participants will be introduced to the concept of Privacy by Design and will then learn how to identify threatening actors and potential privacy invasions.
Session 2 – Controls: Architecture, Strategies and Tactics
This session will examine the controls available to mitigate privacy risks. Participants will first examine the architecture of the system and its role in creating privacy-friendly processes. Then there will be a systematic review of the strategies and tactics that can be used.
Session 3 – Privacy Risk Analysis
Participants will discuss the consequences of privacy breaches for individuals. This will be used to develop a privacy risk model based on FAIR, the information risk factor analysis.
Session 4 – The Design Process
In this session, all the elements will be brought together in a cohesive process to design a privacy-friendly system, secure data, supervise data use and balance individual interests and organizational activities. Participants will have the opportunity to apply the design process to real-world examples.
The Privacy by Design Card game
As time and spacing permits we finish our course with the Privacy by Design Card game incorporates all the elements taught during the class. We will play several rounds of the game to help reinforce the concepts in a fun environment.


Mr. Cronk is an engaging and deeply knowledgeable speaker and was able to explain complicated concepts in terms that made them simple and resonated with his audience. His thought-provoking material helped people reframe their thoughts through the day. In addition, his card was really good tool and enjoyable.

– Simon Clark

The course chellenged our preconseptions, there were great insights into how technology brings both opportunities and threats to the privacy of our customers and internal users. The focus on real world examples in an interactive group environment meant we could share ideas with privacy professionals from different backgrounds and learn from Jason as well as each other.

– Richard Poole


Course in brief

4 interesting sessions
Practical cases
8 hours of turning into Privacy by Design professionals
Several rounds of the Privacy by Design card game
Risk based approach to product design


6000 EUR (per group) *
*Payments in EUR, BYN and USD are accepted.

Why now?

Such an opportunity should not be missed. The event is held in CIS only once and no more events are planned.

Lets count:

  • The cost of corporate training in Minsk will be 6OOO euros, with the opportunity to train up to 20 people. This is 300 euros per participant. In this case, you do not need to go anywhere and spend extra time on the flight.
  • All participants will recieve a copy of the book “STRATEGIC PRIVACY BY DESIGN” autographed by Jason Cronk himself.
  • The workshop lasts 2 DAYS and is in English, with a high-quality translation into Russian by a specialist certified in this field. Thereby, you can be sure that you will undersand all the material correctly, without misinterpreting any difficult points.

If your company will decide to train employees another time, keep in mind that NO MORE such workshops are planned. Further, you can get to Jason Cronk for training in the US, but without translation into Russian. And it is less profitable, as the cost of travel and accommodation will be added. Most likely, the total amount will grow by 3-4 times.


Certificate on completion

Training is an organizational measure, and is a duty reflected in the General Data Protection Regulation, Articles 24, 25, 28, 32, and 39 (1) b). So, the certificate will be as an approval that you get necessary information and practice in the sphere of Privacy by design.


Strategic Privacy by Design Book

Book «Strategic Privacy by Design»

The first IAPP book to get into the details of how privacy by design works, with dozens of sample scenarios, workflows, charts, and tables. Use it as a standalone text to inform your work, or pair it with our CIPM and CIPT textbooks to create a fuller picture of how managing a global privacy program today requires mix of legal knowledge, management skills, and technical acumen.


“Jason Cronk’s Strategic Privacy by Design sets forth a clear, comprehensive, and highly practical blueprint for incorporating privacy into design. Cronk deftly explains the dimensions of privacy in a sophisticated way that is enlightening not just to novices but also to seasoned experts. Cronk’s copious use of concrete examples is some of the very best I’ve seen. Well organized and accessible, this book has numerous helpful charts and illustrations. This book is an essential resource for engineers as well as privacy professionals.”

– Prof. Daniel Solove, George Washington University Law School and President of TeachPrivacy.

 “Having created Privacy by Design so many years ago, it is truly heartwarming to see a book dedicated to exploring its application and breadth! Jason has done an excellent job in outlining the value of proactively embedding privacy into the design of one’s operations, in an effort to prevent the privacy harms from arising. Jason’s book will no doubt become a welcome addition in many jurisdictions.”

– Ann Cavoukian, Ph.D., Three-term Information and Privacy Commissioner of Ontario, Canada, Distinguished Expert-in-Residence, Privacy by Design Centre of Excellence, Ryerson University.


The book costs $50 at the IAPP website. You will get a copy signed by the author!

Additional present

Privacy by Design card game

Full Tournament Deck (up to 8 players)

Your goal as a team is to end up with as few privacy violations and consequences as possible. It’s not a game you could mindlessly play you have to keep your wits with you and think strategically about your moves in order to have the upper hand.

  • 122 Playable Cards
  • 47 Information Cards
  • 26 Tactics
  • 33 Violations
  • 16 Consequences
    • 4 non-playable cards (126 total)
    • Dealer card
    • PbD training card


Sign up