Challenges in assessing privacy impact: tales from the front lines

Ferra, F., Wagner, I., Boiten, E., Hadlington, L. ORCID: 0000-0001-9095-0517, Psychoula, I. and Snape, R., 2019. Challenges in assessing privacy impact: tales from the front lines. Security and Privacy. ISSN 2475-6725

[img]
Preview
Text
1256017_Hadlington.pdf - Post-print

Download (613kB) | Preview

Abstract

Privacy impact assessments (PIAs) aim to identify, rank, and mitigate privacy risks. Even though PIAs are legally mandated in some cases and privacy professionals perform PIAs on a daily basis, it is an open problem how privacy risks can be measured systematically. Research on privacy risk measurement often does not take into account the practical needs and requirements for PIAs in real organizations. In this paper, we fill this gap by reporting on focus groups we held with a diverse group of privacy professionals. Through thematic analysis, we identify three themes that emerged from the focus groups: (1) how privacy in the contemporary society affects privacy risk assessment; (2) current practices and procedures in privacy risk assessment; and (3) common issues and challenges. Based on these themes, we iden- tify future research directions for privacy risk measurement. Our paper can help to ground research on privacy risk measurement in practical challenges faced by privacy professionals.

Item Type: Journal article
Publication Title: Security and Privacy
Creators: Ferra, F., Wagner, I., Boiten, E., Hadlington, L., Psychoula, I. and Snape, R.
Publisher: John Wiley
Date: 13 December 2019
ISSN: 2475-6725
Identifiers:
NumberType
10.1002/spy2.101DOI
1256017Other
Divisions: Schools > School of Social Sciences
Record created by: Linda Sullivan
Date Added: 03 Jan 2020 12:00
Last Modified: 31 May 2021 15:09
URI: https://irep.ntu.ac.uk/id/eprint/38918

Actions (login required)

Edit View Edit View

Views

Views per month over past year

Downloads

Downloads per month over past year