Privacy Risk Analysis. Sourya Joyee De

Читать онлайн.
Название Privacy Risk Analysis
Автор произведения Sourya Joyee De
Жанр Компьютеры: прочее
Серия Synthesis Lectures on Information Security, Privacy, and Trust
Издательство Компьютеры: прочее
Год выпуска 0
isbn 9781681732008



Скачать книгу

Acknowledgments

       1 Introduction

       2 Terminology

       2.1 Personal Data

       2.2 Stakeholders

       2.3 Risk Sources

       2.4 Feared Events

       2.5 Privacy Harms

       2.6 Privacy Risks

       2.7 Privacy Risk Analysis

       3 Processing System

       3.1 System Attributes

       3.2 Illustration: the BEMS System

       4 Personal Data

       4.1 European and U.S. Views

       4.2 Identifiability and Anonymization

       4.3 Categories of Data

       4.4 Personal Data Attributes

       4.4.1 Attributes Related to the Nature of the Data

       4.4.2 Attributes Related to the Format of the Data

       4.4.3 Attributes Related to the Context

       4.4.4 Attributes Related to Control

       4.5 Illustration: the BEMS System

       5 Stakeholders

       5.1 The Nature of the Stakeholders

       5.2 Stakeholder Categories

       5.3 Stakeholder Attributes

       5.4 Illustration: the BEMS System

       6 Risk Sources

       6.1 Risk Source Attributes

       6.1.1 Nature of the Risk Sources

       6.1.2 Motivation

       6.1.3 Resources

       6.2 Illustration: the BEMS System

       7 Feared Events

       7.1 Variations in Terminology

       7.2 Feared Event Categories

       7.3 Feared Event Attributes

       7.4 Illustration: the BEMS System

       8 Privacy Harms

       8.1 The Nature of Privacy Harms

       8.1.1 Variations on Privacy Harms

       8.1.2 Recognition of Privacy Harms by Law

       8.2 Categories of Privacy Harms

       8.3 Attributes of Privacy Harms

       8.3.1 Victims

       8.3.2 Extent

       8.3.3 Severity

       8.4 Illustration: the BEMS System

       9 Privacy Risk Analysis

       9.1 Scope and Objectives of a PIA

       9.2 DPIA Template for Smart Grid and Smart Metering

       9.3 Privacy Risk Analysis in Existing Frameworks

       9.4 Key Steps of a Privacy Risk Analysis

       9.5 Illustration: Evaluation of the Risks for the BEMS System

       10 Conclusion

       A Summary of Categories and Attributes of the Components of a Privacy Risk Analysis

       B Definitions of Personal Data Across Regulations and Standards

       C Definitions of Stakeholders Across Regulations and Standards

       D Privacy Risk Analysis Components in Existing Frameworks

       Bibliography

       Authors’ Biographies

       Preface

      Risk analysis and risk management are common approaches in areas as varied as environment protection, public health and computer security. In some sense, one may also argue that the original purpose of data protection laws was to reduce the risks to privacy posed by the development of new technologies [58]. In Europe however, the current Data Protection Directive [47] does not rely heavily on privacy risk analysis or Privacy Impact Assessment (PIA).1 The situation is going to change dramatically with the new General Data Protection Regulation (GDPR) [48], which shall apply from May 25, 2018.

      The GDPR represents a fundamental shift from an administrative process based on a priori controls to a risk-based accountability approach in which PIAs2 play a key role. The virtues of the risk-based approach to privacy have been praised by many authors and stakeholders [26]. The main practical benefit expected from the approach is an increased effectiveness in terms of privacy protection: risk assessment makes it possible to focus on the most significant problems and to calibrate measures based on the estimated risks. Organizations also appreciate the fact that legal requirements can be implemented with greater flexibility. Another argument in favor of the risk-based approach is the observation that it is more and more difficult to draw a clear line between anonymous data and personal data, or between sensitive data and non-sensitive data. For this reason, there is