TY  - CONF
A1  - Weber, Rolf H.
T1  - Privacy impact assessment – a privacy protection improvement model?
T2  - 25th IVR World Congress: Law, Science and Technology Frankfurt am Main 15–20 August 2011 ; Paper Series ; 039
N2  - A Privacy Impact Assessment (PIA) is a systematic risk assessment tool, enabling organizations to maintain compliance with data protection regulations, to manage privacy risks and to provide public benefits through the success of privacy-by-design efforts. An actual practical implementation of a PIA framework has been realized in the context of RFID applications encompassing detailed steps for the PIA process; a first successful review has been completed. The PIA also allows to introduce a pro-active mitigation of privacy risks through technical and organizational controls. The better the precautionary measures realize the relevant privacy objectives, the less likely will occur with the PIA process afterwards. The recent proposal for a far-reaching revision of the EU Data Protection Directive envisages to state a specific requirement to implement a PIA process. Indeed, since risks for privacy and non-disclosure of personal data are different in not identical circumstances, the protection measures should also be different, i.e. technology should assist in trying to achieve the (at least) second-best solution for the implementation of the data protection regime by a PIA. Insofar, privacy rules can be individualized and matched with the concrete needs in the given environment.
T3  - 25th IVR World Congress: Law, Science and Technology Frankfurt am Main 15–20 August 2011 ; Paper Series - 039 
KW  - Code-based regulation
KW  - Data Protection Directive
KW  - PIA process
KW  - PIA taxonomy
KW  - privacy-by-design
KW  - RFID applications
KW  - risk assessment
KW  - risk design
KW  - self-regulation
Y1  - 2012
UR  - http://publikationen.ub.uni-frankfurt.de/frontdoor/index/index/docId/24897
UR  - https://nbn-resolving.org/urn:nbn:de:hebis:30:3-248978
PB  - Goethe-Univ.
CY  - Frankfurt am Main
ER  -