Privacy Risk Analysis. Sourya Joyee De

Скачать книгу

steps of conducting a privacy risk analysis.

      The deployment of new information technologies can lead to significant privacy risks and a privacy impact assessment should be conducted before designing a product or system that processes personal data. However, if existing privacy impact assessment frameworks and guidelines provide a good deal of details on organizational aspects (including budget allocation, resource allocation, stakeholder consultation, etc.), they are much vaguer on the technical part, in particular on the actual risk assessment task. For privacy impact assessments to keep up their promises and really play a decisive role in enhancing privacy protection, they should be more precise with regard to these technical aspects.

      This book is an excellent resource for anyone developing and/or currently running a risk analysis as it defines the notions of personal data, stakeholders, risk sources, feared events, and privacy harms all while showing how these notions are used in the risk analysis process. It includes a running smart grids example to illustrate all the notions discussed in the book.

       KEYWORDS

      privacy, personal data, data protection, risk, analysis, impact, harm, vulnerability, countermeasure, anonymization, law, legal, regulation

       Contents

       Preface

       Acknowledgments

       1 Introduction

       2 Terminology

       2.1 Personal Data

       2.2 Stakeholders

       2.3 Risk Sources

       2.4 Feared Events

       2.5 Privacy Harms

       2.6 Privacy Risks

       2.7 Privacy Risk Analysis

       3 Processing System

       3.1 System Attributes

       3.2 Illustration: the BEMS System

       4 Personal Data

       4.1 European and U.S. Views

       4.2 Identifiability and Anonymization

       4.3 Categories of Data

       4.4 Personal Data Attributes

       4.4.1 Attributes Related to the Nature of the Data

       4.4.2 Attributes Related to the Format of the Data

       4.4.3 Attributes Related to the Context

       4.4.4 Attributes Related to Control

       4.5 Illustration: the BEMS System

       5 Stakeholders

       5.1 The Nature of the Stakeholders

       5.2 Stakeholder Categories

       5.3 Stakeholder Attributes

       5.4 Illustration: the BEMS System

       6 Risk Sources

       6.1 Risk Source Attributes

       6.1.1 Nature of the Risk Sources

       6.1.2 Motivation

       6.1.3 Resources

       6.2 Illustration: the BEMS System

       7 Feared Events

       7.1 Variations in Terminology

       7.2 Feared Event Categories

       7.3 Feared Event Attributes

       7.4 Illustration: the BEMS System

       8 Privacy Harms

       8.1 The Nature of Privacy Harms

       8.1.1 Variations on Privacy Harms

       8.1.2 Recognition of Privacy Harms by Law

       8.2 Categories of Privacy Harms

       8.3 Attributes of Privacy Harms

       8.3.1 Victims

       8.3.2 Extent

       8.3.3 Severity

       8.4 Illustration: the BEMS System

       9 Privacy Risk Analysis

       9.1 Scope and Objectives of a PIA

       9.2 DPIA Template for Smart Grid and Smart Metering

       9.3 Privacy Risk Analysis in Existing Frameworks

       9.4 Key Steps of a Privacy Risk Analysis

      

Скачать книгу