Privacy-by-Design (PbD) has become the de facto standard, regulatory-approved approach towards addressing privacy concerns with products and services. PbD is a strategy where privacy concerns are brought into the design of products rather than tacked onto the end. Because privacy has a relative lack of experienced specialists and because of its close relationship to security, privacy often becomes the responsibility of the security practitioner. While a security practitioner already has much of the necessary background to do privacy, there are some aspects of privacy that may be less familiar. The main technical difference is that in security, the information transmitted to the attacker should often have no semantic content. For instance, if a user is sending another party a bit of information or storing a bit of information on a device, the attacker is supposed to not be able to guess with more than 50% accuracy whether the bit is 1 or 0. In other words, assuming appropriate security controls, the attacker is completely frozen out and, in a rigorous sense, has no knowledge about the user's data. With privacy, the adversary often has some of the user's data with full awareness and consent. This brings about several difficulties. First, how do you describe the data collected to the user? For security, the null dataset is easy to understand. When the dataset is not null, describing the data collected becomes an issue, and the consent also becomes a problem. Second, what can the privacy adversary infer about the released data? These inferences are often unclear to the user. The inference problem is compounded by the auxiliary knowledge of the attacker, i.e. what other data the attacker knows about the user or in general. The user often does not understand the extent of this knowledge. The inference problem, what it is possible to deduce with what certainty, is central to privacy. Hence, that is why, while the lingua franca of security is cryptography, the lingua franca of privacy is statistics, machine learning, and data mining. This talk presents a privacy crash course aimed at security specialists and includes tips and recommendations for doing Privacy-by-Design.