Some privacy regulations now have privacy by design/privacy by default obligation, and in the past, these have been difficult for engineers to define and implement. We will explore the history of how to translate these vague legal obligations into concrete design requirements. This session will explain how privacy design strategies were developed and how they break down into actionable tactics. We will provide real-world examples of how to apply the tactics in practice. You will walk away with knowledge of privacy-friendly processing techniques and how to process personal data responsibly.