Towards an effective PIA−based Risk Analysis: An Approach for Analysing Potential Privacy Risks

Abstract

The use of Privacy Impact Assessments (PIAs) has become common practice in a variety of jurisdictions since the mid 1990s. They play a crucial role in achieving privacy protection for data subjects and in supporting risk management for organisations. Many guidance documents have been published to help support organisations in performing PIAs and in achieving their intended benefits. However, these documents vary noticeably in their comprehensiveness and quality. From an engineering perspective, the core of a PIA is a risk assessment, which typically follows a step-by-step process of risk identification and risk mitigation. In order for a PIA to be holistic and effective, it needs to be complemented by an appropriate privacy risk model that considers legal, organisational, social and technical aspects. We propose a methodical approach for identifying and analysing potential privacy risks. It is built upon a conceptual model that represents the main factors that have impacts on privacy risks along with their meanings, properties and relationships. Then, we illustrate its use in the analysis of eToll pricing systems. We argue that this contribution lays the foundation for developing systematic and rigorous PIA methodologies.