Technical Reports
HPL-2010-63
Click here for full text:
The Emergence of Privacy Impact Assessments
Tancock, David; Pearson, Siani; Charlesworth, Andrew
HP Laboratories
HPL-2010-63
Keyword(s): privacy, privacy impact assessment
Abstract: This paper considers the emergence of Privacy Impact Assessments (PIAs), and identifies key aspects of their development, concept, practice and policy from their beginnings through to the date of writing (May 2010). A PIA is a systematic process for evaluating the possible effects that a particular activity or proposal may have on an individual's privacy. It should focus on understanding the system, initiative or scheme, identifying, and mitigating adverse privacy impacts, and assisting decision makers in deciding whether or not the project should proceed and if so, in what form. The PIA should be properly distinguished from other business processes such as privacy issue analysis, privacy audits [1] and privacy law compliance checking [2] as these are applied to existing systems to ensure their continuing conformity with internal rules and external requirements.
34 Pages
External Posting Date: May 21, 2010 [Fulltext]. Approved for External Publication
Internal Posting Date: May 21, 2010 [Fulltext]