A Process for Data Protection Impact Assessment Under the European General Data Protection Regulation

Bieker, Felix; Friedewald, Michaël; Hansen, Marit; Obersteller, Hannah; Rost, Martin

doi:10.1007/978-3-319-44760-5_2

Cited by 60 publications

(68 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Furthermore, the Order of Control may help system designers and auditors estimate transparency as a whole and quantify intervenability of data processing for a given information system interaction. Thus, the Order of Control may not only be a useful concept for studying the individuals' attitudes and behaviors, but it may also be relevant for data controllers and regulators, performing privacy risks assessment ("data protection impact assessment" under the GDPR [3]) procedures.…”

Section: General Discussion and Conclusionmentioning

confidence: 99%

Order of Control and Perceived Control over Personal Information

Shulman

Ngo

Meyer

2020

Privacy and Identity Management. Data for Better Living: AI and Privacy

View full text Add to dashboard Cite

Focusing on personal information disclosure, we apply control theory and the notion of the Order of Control to study people's understanding of the implications of information disclosure and their tendency to consent to disclosure. We analyzed the relevant literature and conducted a preliminary online study (N = 220) to explore the relationship between the Order of Control and perceived control over personal information. Our analysis of existing research suggests that the notion of the Order of Control can help us understand people's decisions regarding the control over their personal information. We discuss limitations and future directions for research regarding the application of the idea of the Order of Control to online privacy.

show abstract

Section: General Discussion and Conclusionmentioning

confidence: 99%

Order of Control and Perceived Control over Personal Information

Shulman

Ngo

Meyer

2020

Privacy and Identity Management. Data for Better Living: AI and Privacy

View full text Add to dashboard Cite

show abstract

“…A process for the creation of a DPIA has been proposed [30], offering a three stage model. GDPR Article 35 para.…”

Section: F Data Protection Impact Assessmentmentioning

confidence: 99%

“…GDPR Article 35 para. 11 [1] suggests that regular review and revisiting of the DPIA is necessary, and this is echoed by [30]: [31] Popularized in the Agile Manifesto [32], Agile Project Management/Agile Software Development is backed by the 12 Agile Principles [32]. These can be regarded as a set of guiding concepts that support project teams [31].…”

Section: F Data Protection Impact Assessmentmentioning

confidence: 99%

See 1 more Smart Citation

An Agile Approach to GDPR Implementation within a Further Education College

Harding¹

2018

EasyChair Preprints

View full text Add to dashboard Cite

-The General Data Protection Regulation sees a fundamental shift in the way in which data is handled, stored and distributed. Massive uncertainty exists due to the UKs proposed exit of the European Union and this has resulted in a complacent, ignorant attitude to the changes within a large number of UK businesses and public sector organizations. This paper explores the impact of the GDPR, it's relation and changes from the 1998 Data Protection Act and the intentions of the UK government. In addition, a proposal for a software solution to manage a number of aspects of Data Protection within a Further Education College is discussed along with a report on its implementation.Discussion of the techniques and tools used to create the software solution and to manage the GDPR implementation using Agile Methodologies and Tools is featured.

show abstract

“…As the GDPR lays the foundation for privacy regulations worldwide, the results of this study will help to enable international discussions and future research in topics related to technology, legal and business contexts [20], [21], [23], [24].…”

mentioning

confidence: 99%

Blockchain and Privacy Protection in the Case of the European General Data Protection Regulation (GDPR): A Delphi Study

Schwerin¹

2018

The JBBA

View full text Add to dashboard Cite

The present work deals with the interrelationships of blockchain technology and the new European General Data Protection Regulation, that will be intact after May 28th, 2018. The regulation harmonizes personal data protection across the European Union and aims to return the ownership of personal data to the individual. This thesis, therefore, addresses the question how this new technology that is characterized by decentralization, immutability and truly digitized values will be affected by the strict privacy regulation and vice versa. The aim of this work is to clarify whether blockchains can comply with the new regulation on the one hand and to identify how blockchain could support its compliance, on the other hand. The questions are validated through an extensive literature review and are further investigated by using a Delphi study that asks a panel of 25 renowned experts to find opportunities, limitations and general suggestions about both topics. In addition, a framework is proposed to support the assessment of privacy and related risks of blockchains.

show abstract

A Process for Data Protection Impact Assessment Under the European General Data Protection Regulation

Cited by 60 publications

References 6 publications

Order of Control and Perceived Control over Personal Information

Order of Control and Perceived Control over Personal Information

An Agile Approach to GDPR Implementation within a Further Education College

Blockchain and Privacy Protection in the Case of the European General Data Protection Regulation (GDPR): A Delphi Study

Contact Info

Product

Resources

About