One of the many challenges of privacy is that it has not sufficiently penetrated software engineering to same degree as performance and security. The tools for understanding our systems from both an information and privacy standpoint already exist and need to be applied. Presented from an engineer’s point of view, this session will help you gain a better understanding of privacy information and its flow around and between systems. Privacy controls within information systems need to be engineered, rather than dictated through high-level policies and requirements. Without reference to the fundamentals of creating and developing software and taking into account the human factors and attitudes toward development, difficulties will inevitably arise. Through this session, you will gain a better understanding of how information systems behave with respect to the information they are carrying, how to classify that information, how to reason about it, and how to measure and manage it.