SDPA_paper_1009fnl.pdf (182.76 kB)
Download file

Privacy Impact Assessments: the UK experience

Download (182.76 kB)
conference contribution
posted on 13.01.2010, 11:16 authored by Adam WarrenAdam Warren, Robin Bayley, Colin Bennett, Andrew Charlesworth, Roger Clarke, Charles Oppenheim
This paper builds on original work undertaken as part of a team of researchers into Privacy Impact Assessments (PIAs), defined as a systematic risk assessment tool that can be usefully integrated into decision-making processes. The team were commissioned by the UK Information Commissioner’s Office (ICO) in June 2007 to develop a study of PIAs in overseas jurisdictions and a handbook to guide UK organisations through the PIA process. This research has subsequently attracted interest in the UK and overseas. PIAs are now mandatory for all UK central government departments. In this paper, the development of the project team’s PIA methodology and subsequent user experiences led to a key project output, the PIA handbook. The handbook has become a significant part of the privacy ‘toolkit’ and has impacted on public policy. Some important lessons from PIAs conducted in the UK and overseas are identified. Finally, areas are outlined for further development.

History

School

  • Social Sciences

Department

  • Geography and Environment

Citation

WARREN, A.P. ... et al, 2009. Privacy Impact Assessments: the UK experience. 31st International Conference of Data Protection and Privacy Commissioners, Madrid, 4-6 November.

Publisher

Spanish Data Protection Agency (AEPD)

Version

NA (Not Applicable or Unknown)

Publication date

2009

Notes

This conference paper was presented at the 31st International Conference of Data Protection and Privacy: http://www.privacyconference2009.org/home/index-iden-idweb.html

Language

en