Plan of study
The MSIT Privacy Engineering program is now available both as a full-time, on-campus program and a part-time distance education program. The requirements of both programs are identical and the degree awarded to students is exactly the same.
Program Requirements - Full Time
- 66 units of core courses
- (17-631) Information Security, Privacy, and Policy - 12 units
- (17-562) Law of Computer Technology - 6 units
- (17-731) Foundations of Privacy – 12 units
- (17-733) Privacy Policy, Law, and Technology – 12 units
- (17-734) Usable Privacy and Security – 12 units
- (17-735) Engineering Privacy in Software – 12 units
- Current Topics in Privacy Seminar (17-702) - 3 units each in spring and fall semester
- 12 units of approved technical electives
- 30 units of approved general electives
- 48 unit privacy-by-design project: Includes 6-unit Privacy-by-design Workshop course and 42 unit Privacy-by-design Practicum project
- GPA requirement: Student must maintain a 3.0 GPA in courses used for the requirements above.
Students may take additional electives or substitute electives when they have previously taken equivalent courses, if approved by the program director.
Electives. All electives that count towards unit requirements must be approved by the program directors. The program directors will prepare a list of recommended electives each semester that includes a variety of courses that complement the required courses and expose students to material in other relevant disciplines (e.g. biometrics, decision sciences, economics, public policy, statistics, security). Students may propose additional courses for approval. Students may also work on research projects for independent study credits that can be counted towards the elective requirement with the approval of the student’s advisor. A subset of approved electives will be designated as “technical electives.” These electives provide in depth instruction related to a computer science area such as networking, machine learning, or databases.
Extra courses. Some students may need to take extra non-qualifying classes to address weaknesses in their background, to fulfill prerequisites, or take extra classes simply because they are interested. Such courses will not count toward the unit requirement, except possibly the free elective.
Place-out Opportunities. Courses taken while students are enrolled as a CMU undergraduate or in another CMU graduate program can be used to satisfy a requirement. Students may replace these courses with additional electives based on consultation with the Program Directors. Students who have taken equivalent courses at other universities may petition the program directors to use these courses in place of required courses and take additional electives instead.
Grade requirement. Students must earn a "B-" or better in a course for it to satisfy any requirement.
Privacy Engineering 12 month track Sample schedule
Fall (57 or 63 units)
17-702 Current Topics in Privacy Seminar (3 units)
17-562 Law of Computer Technology (6 units, Mini 1) (*17-762 12 Units)
17-631 Information Security, Privacy and Policy (12 units)
17-733 Privacy Policy, Law and Technology (12 units)
17-731 Foundations of Privacy (12 units)
General elective (12 units)
*Optionally, students taking the 12 unit version of this course insted of the 6 unit version can count the extra 6 units towards general elective credits.
Spring (57 units)
17-702 Current Topics in Privacy Seminar (3 units)
17-734 Usable Privacy and Security (12 units)
17-735 Engineering Privacy in Software (12 units)
General electives (18 units)
Technical elective (12 units)
Summer (48 units)
17-606 Privacy-by-design Workshop (6 units)
17-607 Privacy-by-design Practicum (42 units)
(Optional, one additional elective)
Privacy Engineering Practice 16 month track sample schedule
Courses taken in the fall and spring semesters will remain the same as listed above with the following exceptions:
Summer (3 units)
17-609 Internship for Privacy Engineering (3 units)
Fall (51 units)
17-606 Privacy-by-design Workshop (6 units)
17-607 Privacy By Design Practicum (42 units)
17-702 Current Topics in Privacy Seminar (3 units)
(Optional, one additional elective)
Program Requirements - Part Time
The following details the 2-year sequence of courses students enrolled in the part-time Master's Program in Privacy Engineering are required to take. Students in the part-time Program have to take a total 159 units. In particular, the part-time Program requires the exact same 66 units of core courses and an equivalent practicum experience as the full-time program. Part-time students who find this tempo to be too demanding have the option of dialing it down to one 12-unit course per semester + 3 units of privacy seminar during some semesters. All students are required to enroll in the privacy seminar for a minimum of 4 semesters.
Year 1 – Fall Semester (27 units)
- Information Security, Privacy and Policy (17-631) – 12 units
- Privacy Policy, Law and Technology (17-733) – 12 units
- Current Topics in Privacy Seminar – 3 units
Year 1 – Spring Semester (27 units)
- Engineering Privacy in Software (17-735) – 12 units
- Usable Privacy and Security (17-734) – 12 units
- Current Topics in Privacy Seminar – 3 units
Year 1 – Summer Semester (24 units)
- 2 Electives (24 units) – towards total of 12 units of approved technical electives and 24 units of approved general electives
Year 2 – Fall Semester (27 units)
- Foundations of Privacy (17-731) – 12 units
- Law of Computer Technology (17-762)[1] – 12 units
- Current Topics in Privacy Seminar (17-702) – 3 units
Year 2 – Spring Semester (27 units)
- Privacy by Design Practicum project (“capstone”) – 12 units
- Privacy by Design workshop – 3 units
- Elective (12 units) - – towards total of 12 units of approved technical electives and 24 units of approved general electives
Year 2 – Summer Semester (27 units)
- Privacy by Design Practicum project (“capstone”) – 24 units
- Privacy by Design workshop – 3 units
Grade/GPA Requirements
Just like in the full-time Program, students are expected to have a B- or better in each course used to satisfy the Program requirements and to maintain a GPA of 3.0 or better.
17716/17416 - AI Governance: Identifying & Mitigating Risks in Design & Dev of AI Solutions
In additon to the required courses for the Privacy Engineering Program, Co-Program Director Norman Sadeh is offering a 6 unit course on AI Governance in the Spring and Fall Semesters that can be taken as an elective.
AI Governance: Identifying & Mitigating Risks in Design & Dev of AI Solutions
With AI and ML finding their way into an increasingly broad range of products and
services, it is important to identify and mitigate the risks associated with the adoption of
these technologies. This course reviews the different types of risks associated
with AI and discusses methodologies and techniques available to identify and mitigate
these risks. The course introduces students to ethical frameworks available to identify
and analyze risks. It also examines best practices emerging from both government and
industry efforts in this area. This includes looking at new regulations such as the
EU AI Act as well as emerging frameworks such as the one developed by NIST. The
course also examines frameworks developed by leading companies and how these
frameworks combine both technical and non-technical approaches. It further discusses
changes that need to be enacted by organizations to adopt more systematic
approaches to AI governance.
This course combines a mix of technical, policy, and management discussions.