Lilly Tech Systems
AI Privacy Engineering
Master AI privacy engineering as a first-class discipline. 50 deep dives across 300 lessons covering privacy foundations (privacy threat modeling, principles, classification, PIA/DPIA, PII taxonomy), privacy by design (PbD principles, requirements, data minimisation, purpose limitation, architecture, design review), data protection & anonymization (pseudonymisation, anonymisation, k-anonymity, differential privacy, synthetic data, tokenisation, re-identification risk), privacy-preserving ML (federated learning, DP-SGD, MPC, homomorphic encryption, TEEs, membership inference), identity / access / consent (CMPs, preference centers, DSAR, deletion, privacy-aware access, privacy-preserving auth), privacy operations (data flow / ROPA, retention, incident response, breach notification, monitoring, ML-pipeline privacy), privacy compliance & governance (GDPR, CCPA/CPRA, HIPAA, COPPA, cross-border, DPO program), and advanced AI privacy (EU AI Act, LLM memorisation, RAG privacy, prompt data, training-data provenance, privacy evaluation).
AI privacy engineering is the discipline of making AI systems handle personal data the way users, regulators, and your own privacy policy say they will — and proving it. It sits at the intersection of data protection law (GDPR, CCPA/CPRA, HIPAA, COPPA, the EU AI Act), classical security engineering (encryption, key management, access control, audit), formal privacy science (k-anonymity, differential privacy, membership inference, federated learning, MPC, HE, TEEs), and the operational machinery that actually runs in production (consent platforms, DSAR pipelines, retention engines, breach response, ROPA, transfer impact assessments). Over the last few years it has stopped being a back-office compliance function and has become an operating commitment for any organisation deploying AI at scale: privacy reviews block launches, DPIAs gate model releases, regulators issue multi-million-euro fines, customer RFPs require evidence, and incident clocks run in hours not weeks.
This track is written for the practitioners doing this work day to day: privacy engineers, ML engineers integrating privacy controls into pipelines, security engineers extending their remit, DPOs / privacy counsel collaborating with engineering, platform leads building privacy primitives, incident-response commanders running breach playbooks, and product managers shipping AI features that touch personal data. Every topic explains the underlying privacy-engineering discipline (drawing on the GDPR, CCPA/CPRA, HIPAA, the EU AI Act, ISO/IEC 27701 and 27018, NIST PE Framework, and the privacy-tech literature), the practical artefacts and rituals that operationalise it (DPIAs, threat models, ROPAs, runbooks, evaluations, dashboards), and the failure modes where privacy engineering quietly breaks down in practice. The aim is that a reader can stand up a credible AI privacy-engineering function, integrate it with engineering and governance, and defend it to boards, regulators, customers, and users.
All Topics
50 AI privacy engineering topics organized into 8 categories. Each has 6 detailed lessons with frameworks, templates, and operational patterns.
Privacy Foundations
Privacy Engineering Overview
Master what privacy engineering is. Learn the scope, the lineage from security and data protection law, the deliverables, and the operating model most mature teams end up with.
6 LessonsPrivacy Threat Modeling (LINDDUN)
Run privacy threat modeling on AI systems. Learn LINDDUN (Linkability, Identifiability, Non-repudiation, Detectability, Disclosure of information, Unawareness, Non-compliance), data flow diagrams, and how to attach mitigations.
6 LessonsPrivacy Principles (FIPPs, OECD, GDPR)
Translate privacy principles into engineering decisions. Learn the FIPPs, OECD principles, and the GDPR Article 5 principles (lawfulness, purpose limitation, minimisation, accuracy, storage limitation, integrity, accountability).
6 LessonsData Classification & Sensitivity
Classify data by sensitivity so controls follow the data. Learn classification schemes, sensitive-personal-data handling, data tagging, and the link from classification to control selection.
6 LessonsPrivacy Risk Assessment (PIA / DPIA)
Run privacy impact and DPIA assessments that engineers can act on. Learn the PIA/DPIA workflow, severity / likelihood scoring, residual-risk discipline, and the integration with engineering reviews.
6 LessonsPII / SPI / Quasi-Identifier Taxonomy
Build a working taxonomy of personal data. Learn PII vs SPI vs quasi-identifiers, jurisdictional differences, the special-category list, and how to attach handling rules to each tier.
6 LessonsPrivacy by Design
Privacy by Design (7 Principles)
Operationalise Privacy by Design. Learn Cavoukian's 7 principles (proactive, default, embedded, full functionality, end-to-end security, visibility, user-centric) and how each lands as a build-time decision.
6 LessonsPrivacy Requirements Engineering
Write privacy requirements engineers can actually implement. Learn SMART privacy requirements, allocation to components, verification per requirement, and traceability from regulation to code.
6 LessonsData Minimization Patterns
Collect only what you need. Learn data-minimisation patterns at ingest, in pipelines, and at storage, and the engineering trade-offs that make minimisation actually stick in production.
6 LessonsPurpose Limitation & Use Restrictions
Bind data to its declared purpose. Learn purpose binding at the data layer, secondary-use governance, purpose drift detection, and the regulator-facing audit trail.
6 LessonsPrivacy-Aware Architecture Patterns
Architect AI systems for privacy. Learn segmentation, data-localisation patterns, privacy-preserving service-to-service contracts, and the central-vs-distributed privacy trade-off.
6 LessonsPrivacy Design Review Process
Run privacy design reviews engineers actually pass. Learn the trigger criteria, the review packet, the reviewer panel, the decision rights, and the link to launch readiness.
6 LessonsData Protection & Anonymization
Pseudonymization Techniques
Pseudonymise personal data the right way. Learn deterministic vs randomised pseudonymisation, key management, reversibility trade-offs, and the GDPR-compliant pseudonymisation pattern.
6 LessonsAnonymization & De-identification
Anonymise and de-identify data without breaking utility. Learn the anonymisation taxonomy, suppression/generalisation/perturbation, HIPAA Safe Harbor vs Expert Determination, and validation.
6 Lessonsk-Anonymity, l-Diversity, t-Closeness
Apply formal anonymisation models to real datasets. Learn k-anonymity, l-diversity, t-closeness, the attacks each defends against, and the practical bounds for utility-preserving k.
6 LessonsDifferential Privacy Foundations
Use differential privacy as a privacy guarantee. Learn epsilon/delta, Laplace and Gaussian mechanisms, sequential and parallel composition, the privacy budget, and the engineering pitfalls.
6 LessonsSynthetic Data Generation
Generate synthetic data that preserves utility without leaking privacy. Learn statistical, ML, and DP-synthetic methods, fidelity vs privacy trade-offs, and the validation regime.
6 LessonsTokenization & Encryption Patterns
Apply tokenisation and encryption as engineering controls. Learn vault vs vaultless tokenisation, format-preserving encryption, key management, envelope encryption, and field-level patterns.
6 LessonsRe-identification Risk & Mitigation
Quantify and mitigate re-identification risk. Learn the linkage / inference / singling-out attack model, motivated-intruder testing, the residual-risk threshold, and the release-decision framework.
6 LessonsPrivacy-Preserving ML & AI
Privacy-Preserving ML Overview
Get a working map of privacy-preserving ML. Learn the families (federated, DP, MPC, HE, TEEs, synthetic data) and the practical decision tree for picking the right tool per use case.
6 LessonsFederated Learning
Train models without centralising data. Learn cross-silo vs cross-device FL, FedAvg and friends, secure aggregation, FL+DP composition, and the FL operational stack.
6 LessonsDP-SGD & Differentially Private Training
Train ML with formal differential privacy. Learn DP-SGD, gradient clipping and noise calibration, privacy accounting, utility-vs-epsilon trade-offs, and the production-grade DP training stack.
6 LessonsSecure Multi-party Computation (MPC)
Compute over private data jointly. Learn secret-sharing, garbled circuits, MPC for ML inference and training, threat models, performance, and the practical deployment patterns.
6 LessonsHomomorphic Encryption for ML
Compute on encrypted data. Learn partial vs somewhat vs fully homomorphic encryption, CKKS for ML, performance limits, and the use cases where HE actually pays off.
6 LessonsTEEs & Confidential Computing for ML
Use TEEs and confidential computing to protect ML data and weights at runtime. Learn enclaves (SGX, TDX, SEV), attestation, confidential VMs, and the threat-model fine print.
6 LessonsMembership & Attribute Inference Attacks
Defend ML models against membership and attribute inference attacks. Learn the attack zoo, evaluation protocols, the link to overfitting and data duplication, and the mitigation playbook.
6 LessonsIdentity, Access & Consent
Consent Management Platforms
Build or operate a consent management platform. Learn consent records, granularity, withdrawability, IAB TCF / GPC integration, and the link from CMP to downstream data systems.
6 LessonsPreference Centers & User Controls
Design preference centres users can actually use. Learn UX standards, granular toggles vs bundled choices, accessibility, multi-property propagation, and the dark-pattern guard rails.
6 LessonsDSAR & Data Subject Rights Engineering
Engineer the data-subject-rights pipeline. Learn DSAR intake, identity verification, data discovery across systems, redaction, response packaging, and the SLA discipline.
6 LessonsRight to Erasure / Deletion Engineering
Engineer real deletion. Learn deletion vs anonymisation, deletion across replicas / backups / caches / ML models, the unlearning frontier, and the proof-of-deletion artefact.
6 LessonsPrivacy-Aware Access Control
Design access control with privacy as a first-class constraint. Learn purpose-based access, ABAC + privacy attributes, just-in-time access, break-glass discipline, and audit.
6 LessonsPrivacy-Preserving Authentication
Authenticate users without over-collecting identity data. Learn pseudonymous IDs, OIDC scopes, anonymous credentials, attribute-based auth, and the data-minimised auth pattern.
6 LessonsPrivacy Engineering Operations
Data Flow Mapping & ROPA
Map data flows you can actually defend. Learn DFD construction, third-country transfers, ROPA (Article 30) requirements, automated discovery, and the living-map operating model.
6 LessonsData Retention & Deletion Schedules
Run retention as engineering, not policy. Learn retention schedules per data class, automated deletion, soft vs hard delete, retention-window enforcement, and audit.
6 LessonsPrivacy Incident Response
Run privacy incident response without surprises. Learn the IR phases, command structure, data-subject impact assessment, regulator-notification calculus, and the handoff to PIR.
6 LessonsBreach Detection & Notification
Detect breaches and notify on time. Learn the detection sources, the 72-hour GDPR clock, multi-jurisdiction notification matrices, regulator-portal mechanics, and individual notification.
6 LessonsPrivacy Monitoring & Auditing
Monitor privacy controls in production. Learn the privacy KPI set, drift in retention / consent / access patterns, automated control testing, and dashboards for engineering, legal, and the board.
6 LessonsPrivacy in the ML Pipeline
Embed privacy into the ML pipeline. Learn data-source clearance, feature-store privacy tags, training-data minimisation, model artefacts as personal data, and CI/CD privacy gates.
6 LessonsPrivacy Compliance & Governance
GDPR for Engineers
Translate the GDPR into engineering controls. Learn the lawful bases, data subject rights, controller / processor split, DPIAs, transfers, and the GDPR-to-control mapping.
6 LessonsCCPA / CPRA for Engineers
Engineer for CCPA / CPRA. Learn the consumer rights, sale / share / sensitive-PI definitions, opt-out mechanics, GPC, contractor / service-provider obligations, and the regulator landscape.
6 LessonsHIPAA Privacy Engineering
Engineer for HIPAA. Learn covered entities and business associates, PHI handling, the Privacy / Security / Breach Notification Rules, BAA mechanics, and HIPAA-aware AI controls.
6 LessonsCOPPA & Children's Privacy
Engineer for children's privacy. Learn COPPA's rules, age-screening, verifiable parental consent, the GDPR Article 8 child-specific rules, and the AI / advertising restrictions.
6 LessonsCross-Border Data Transfer Engineering
Engineer cross-border data transfers. Learn adequacy decisions, SCCs, BCRs, the EU-US Data Privacy Framework, transfer impact assessments, and data-residency architectures.
6 LessonsDPO Office & Privacy Program
Stand up a privacy engineering program. Learn the DPO mandate, the privacy operating model, RACI across legal / engineering / security, metrics, and the board-level privacy report.
6 LessonsAdvanced AI Privacy Topics
EU AI Act Privacy Implications
Engineer for the EU AI Act's privacy implications. Learn the GDPR / AI Act overlap, high-risk-system data governance, transparency duties, and the GPAI obligations.
6 LessonsLLM Privacy: Memorization & Leakage
Defend LLMs against memorisation and leakage. Learn extraction attacks, memorisation evals, training-data deduplication, DP fine-tuning, and the inference-time leak-prevention stack.
6 LessonsRAG Privacy Patterns
Build RAG systems with privacy guardrails. Learn document-level access control, query-time filtering, embedding privacy, prompt-injection-as-data-leak, and the RAG privacy review.
6 LessonsPrompt Data Privacy & Logging
Treat prompts and completions as personal data. Learn prompt-log scrubbing, retention, training-on-prompt opt-outs, vendor terms, and the cross-border prompt-routing question.
6 LessonsTraining Data Provenance & Licensing
Track training-data provenance for privacy. Learn dataset cards, source-permission tracking, web-scrape privacy, deletion-request honour, and the data-statement disclosure pattern.
6 LessonsPrivacy Evaluation Frameworks
Evaluate privacy claims, not just assert them. Learn the privacy eval taxonomy, MIA / extraction / inversion benchmarks, DP audit, third-party privacy testing, and reporting.
6 Lessons