Abstract
... A privacy impact assessment (PIA) is a process of assessing the possible privacy implications of new uses of personal data.5 Proponents of PIAs argue that they could be a promising solution to address privacy and data protection concerns.6 PIAs are designed to help organizations implement ‘privacy by design’, by incorporating privacy considerations into their activities and projects from the early stages, thus reducing the risk of privacy violations and any associated regulatory action or reputational damage.7 As the following sections describe, PIAs have evolved from a tool used by some organizations voluntarily, into various internationally recognized and increasingly mandated practices. PIAs have been lauded as ‘the most comprehensive tool yet available for policy-makers to evaluate new personal data information technologies before they are introduced’, capable of imagining the ‘unknown unknowns’.8 However, alongside these bold claims, there is also significant ambiguity around what exactly constitutes a PIA, and different terms—such as ‘Data Protection Impact Assessment’—have been coined to denote related but substantively different tools and requirements.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
