Fuzzy-based approach to assess and prioritize privacy risks

Hart, Stephen; Ferrara, Anna Lisa; Paci, Federica

doi:10.1007/s00500-019-03986-5

Cited by 8 publications

(7 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Given this, it can be observed that all PIAs fulfill Art.35 (7)(c) on assessing the risks to the rights and freedoms of data subjects. However, it is argued that the key difference between the assessment of security risks and the assessment of privacy risks is the primary consideration of potential harm to data subjects in a privacy risk assessment, as compared to security risk assessment, which is of secondary concern [26], [55]. In addition, Recital 75 of the GDPR identifies that risk to data subjects of varying likelihood and severity may result in harm, for instance, physical or non-physical [3].…”

Section: S15mentioning

confidence: 99%

“…This underscores Privacy Risk Assessment (PRA) as the core element of a PIA. However, PIAs have been criticized for their inadequacy, notably the lack of clear guidance on how to conduct a comprehensive PRA [21], [22], as well as an efficient approach to evaluate and prioritize risks [55]. As such, several independent PRAs have been developed over time to contribute to assessing privacy risks as an independent method or part of a PIA.…”

Section: ) Privacy Risk Assessmentsmentioning

confidence: 99%

“…Nevertheless, we argue that a risk assessment method should cover some important steps, i.e., risk identification, the evaluation of risks to prioritize them (determined in terms of the likelihood and impact/severity of a given risk) and countermeasures [30]. In addition, given the need to assess the impact on privacy in a PIA [5], the assessment of privacy harm is also noted as a primary consideration in privacy risk assessments [26], [30], [55]. Hence, we used these criteria to compare and analyze the methodologies.…”

Section: Scope and Focusmentioning

confidence: 99%

“…This can be attributed to the two-phase approach taken in S22, that is, the information gathering and risk assessment phase, where the use of a qualitative assessment is within the information gathering phase for the assessment of the severity of privacy harms and the semi-quantitative assessment assesses the likelihood under the risk assessment phase. Nevertheless, while semiquantitative approaches measure the level of risk based on a numerical value, they are noted as subjective and less scientific [26], [55]. As such, some researchers have proposed methodologies such as S19, S24, and S25, which are asserted to be objective, thus reducing inconsistencies.…”

Section: Scope and Focusmentioning

confidence: 99%

See 3 more Smart Citations

On the Evaluation of Privacy Impact Assessment and Privacy Risk Assessment Methodologies: A Systematic Literature Review

Wairimu,

Iwaya,

Fritsch

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Assessing privacy risks and incorporating privacy measures from the onset requires a comprehensive understanding of potential impacts on data subjects. Privacy Impact Assessments (PIAs) offer a systematic methodology for such purposes, which are closely related to Data Protection Impact Assessments (DPIAs), particularly outlined in Article 35 of the General Data Protection Regulation (GDPR). The core of a PIA is a Privacy Risk Assessment (PRA). PRAs can be integrated as part of full-fledged PIAs or independently developed to support PIA processes. Although these methodologies have been identified as essential enablers of privacy by design, their effectiveness has been criticized because of the lack of evidence of their rigorous and systematic evaluation. Hence, we conducted a Systematic Literature Review (SLR) to identify published PIA and PRA methodologies and assess how and to what extent they have been scientifically validated or evaluated. We found that these methodologies are rarely evaluated for their performance in practice, and most of them have only been validated in limited studies. Most validation evidence is found with PRA methodologies. Of the evaluated methodologies, PIAs were the most evaluated, where case studies were the predominant evaluation method. These evaluated methodologies can be easily transferred to an industrial setting or used by practitioners, as they provide evidence of their use in practice. In addition, the findings in this study can be used to inform researchers of the current state-of-the-art, and practitioners can understand the benefits and current limitations of the methodologies and adopt evidencebased practices.

show abstract

Section: S15mentioning

confidence: 99%

Section: ) Privacy Risk Assessmentsmentioning

confidence: 99%

Section: Scope and Focusmentioning

confidence: 99%

Section: Scope and Focusmentioning

confidence: 99%

See 2 more Smart Citations

On the Evaluation of Privacy Impact Assessment and Privacy Risk Assessment Methodologies: A Systematic Literature Review

Wairimu,

Iwaya,

Fritsch

et al. 2024

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Guidelines for privacy impact assessments have been developed since the 1990s and differ in terms of their scope and level of detail (see Clarke 2009 for a review). Some guidelines focus on lists of questions to support risk assessment (eg, Henriksen-Bulmer et al 2019, Mantelero 2018 or business processes and documents to be produced (eg, Oetzel and Spiekermann 2014), while others focus on identifying potentials for privacy risk reduction (eg, Senarath and Arachchilage 2019) or on numerical quantifications of risks (eg, Alemany et al 2018, Hart et al 2020.…”

Section: Guidance For Practitioners Aiming To Instantiate Transparenc...mentioning

confidence: 99%

A Design Theory for Transparency of Information Privacy Practices

Dehling

Sunyaev

2023

Information Systems Research

View full text Add to dashboard Cite

Public policy initiatives demand transparency of information privacy practices (TIPP) since the 1970s, at least, when a first version of the fair information practice principles (FIPP) was published. Decades later, information system (IS) providers are still struggling to meet this demand. Apparently, there is a tension between socially desirable guardrails for privacy practices (e.g., allowing for anonymity) and economic value creation (e.g., exploiting personalization surplus). To inform IS designs that can change such avaricious states to the benefit of consumers, we present a theoretical foundation (TIPP theory) explaining and prescribing what needs to be built to establish TIPP in the real world. On the one hand, TIPP theory explains why IS providers, who have privacy practices to hide, should not go beyond IS designs that meet legal demands. More importantly, TIPP theory explains and prescribes what IS providers need to build to actually establish TIPP and be able to differentiate from competitors by doing so. TIPP theory will be useful for all involved parties: IS providers are enabled to avoid privacy notice fallacies, public policy makers can give more details in their related guidance and laws published, and consumers can, ultimately, interact with IS that actually establish TIPP.

show abstract