A systematic methodology for privacy impact assessments: A design science approach

European Journal of Information Systems

Volumn 23, Issue 2, 2014, Pages 126-150

  Oetzel, Marie Caroline ^a   Spiekermann, Sarah ^a  

^a VIENNA UNIVERSITY OF ECONOMICS AND BUSINESS   (Austria)

Author keywords

design science; privacy impact assessment; privacy by design; security risk assessment

Indexed keywords

DESIGN; PERSONNEL; RADIO FREQUENCY IDENTIFICATION (RFID); RISK ASSESSMENT;

DESIGN SCIENCE; IMPACT ASSESSMENTS; PRIVACY MANAGEMENT; PRIVACY REGULATION; PRIVACY REQUIREMENTS; PROBLEM REPRESENTATION; SECURITY RISK ASSESSMENTS; SYSTEMATIC METHODOLOGY;

DATA PRIVACY;

EID: 84896803078     PISSN: 0960085X     EISSN: 14769344     Source Type: Journal    
DOI: 10.1057/ejis.2013.18     Document Type: Review

References (67)

1. ALHADEFF J, VAN ALSENOY B and DUMORTIER J (2012) The accountability principle in data protection regulation: origin, development and future directions. In Managing Accountability through Privacy, pp 49-82, Palgrave Macmillan, New York.
2. AVISON D, LAU F, MYERS MD and NIELSEN PA (1999) Action research. Communications of the ACM 42(1), 28-45.
3. BASKERVILLE R (1999) Investigating information systems with action research. Communications of the AIS 2(3), 1-32.
4. BASKERVILLE RL and WOOD-HARPER AT (1996) A critical perspective on action research as a method for information system research. Journal of Information Technology 11(3), 235-246
5. BBBOnLine. (2011) BBBOnLine-BBB Accredited Business Seal. [WWW document] http://www.bbb.org/online/(accessed 5 December 2011).
6. BENNETT C and BAYLEY R (2007) Privacy Impact Assessments: International Study of their Application and Effects, Loughborough University, UK.
7. BSI (Bundesamt für Sicherheit in der Informationstechnik). (2008) Risk analysis on the basis of IT-Grundschutz, BSI Standard 100-3. [WWW document] https://www.bsi.bund.de/ContentBSI/Publikationen/BSI- Standard/it- grundschutzstandards.html#doc471418bodyText3 (accessed 20 March 2012).
8. BSI (Bundesamt für Sicherheit in der Informationstechnik). (2011a) IT-Grundschutz-Kataloge. [WWW document] https://www.bsi.bund.de/DE/Themen/ ITGrundschutz/StartseiteITGrundschutz/startseiteit-grundschutz-node.html (accessed 29 February 2012).
9. BSI (Bundesamt für Sicherheit in der Informationstechnik). (2011b) Privacy impact assessment guideline for RFID applications. [WWW.document] https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/ElekAusweise/PIA/ Privacy-Impact-Assessment-Guideline-Langfassung.pdf;jsessionid= 4BE04C3871C6AEB0CD78E76F22F0153A.2-cid244?blob=publicationFile (accessed 7 March 2012).
10. CAVOUKIAN A (2009a) Privacy by design Take the challenge. Information and Privacy Commissioner of Ontario (Canada). [WWW document] http://www.ipc.on.ca/ images/Resources/PrivacybyDesignBook.pdf (accessed 10 October 2012).
11. CAVOUKIAN A (2009b) Privacy by design: the 7 foundational principles. Information and Privacy Commissioner of Ontario (Canada). [WWW document] http://privacybydesign.ca/about/principles/(accessed 10 October 2012).
12. CLARKE R (2009) Privacy impact assessment: its origins and development. Computer Law & Security Review 25(2), 123-135.
13. CLARKE R (2011) An evaluation of privacy impact assessment guidance documents. International Data Privacy Law 1(2), 111-120.
14. CRANOR LF et al (2006) The platform for privacy preferences 1.1 (P3P1.1) Specification-W3C Working Group Note 13 November 2006. [WWW document] http://www.w3.org/TR/P3P11/(accessed 1 March 2012).
15. DAVISON RM, MARTINSONS MG and KOCK N (2004) Principles of canonical action research. Information Systems Journal 14(1), 65-89.
16. DE HERT P, KLOZA D and WRIGHT D (2012) A privacy impact assessment framework for data protection and privacy rights. Deliverable D3 of the EU PIAF Project-Recommendations for a privacy impact assessment framework for the European Union. Brussels.
17. Director of the Spanish Data Protection Agency (SDPA). (2009) Standards on the Protection of Personal Data and Privacy-The Madrid Resolution. 5 November 2009, Madrid.
18. ENDORSE. (2011) ENDORSE Project. [WWW document] http://ict-endorse.eu/ (accessed 1 March 2012).
19. EC (European Parliament and Council of the European Union). (1995) Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official Journal of the European Communities L 281/31: 31-50.
20. EC (Commission of the European Communities). (2009) Commission Recommendation on the Implementation of Privacy and Data Protection Principles in Applications Supported by Radio-Frequency Identification, EC (Commission of the European Communities), Brussels
21. EC (European Commission). (2012) Proposal for a regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), COM(2012) 11 final. 25 January, Brussels
22. EuroPriSe. (2011) EuroPriSe-European privacy seal. [WWW document] https://www.european-privacy-seal.eu/(accessed 5 December 2011).
23. FTC (Federal Trade Commission). (1998) Fair Information Practice Principles
24. FUJITSU (2010) Personal data in the cloud: a global survey of consumer attitudes. [WWW document] http://www.fujitsu.com/global/news/publications/ dataprivacy.html (accessed 20 March 2012).
25. GREGOR S (2006) The nature of theory in information systems. MIS Quarterly 30(3), 611-642.
26. HEVNER AR (2007) A three cycle view of design science research. Scandina-vian Journal of Information Systems 19(2), 87-92.
27. HEVNER AR, MARCH ST, PARK J and RAM S (2004) Design science in information systems research. MIS Quarterly 28(1), 75-105.
28. IIVARI J (2007) A paradigmatic analysis of information systems as a design science. Scandinavian Journal of Information Systems 19(2), 39-64
29. Information & Privacy Commissioner of Ontario (IPCO). (2011) Privacy by design. [WWW document] http://privacybydesign.ca (accessed 7 February 2011)
30. Intelligentpia (iPIA). (2011) intelligentPIA-a privacy impact assessment tool. [WWW document] http://www.wu.ac.at/ec/research/ipia (accessed 1 March 2012).
31. INFSO (European Commission, Information Society and Media Directorate-General). (2011) Privacy and data protection impact assessment framework for RFID applications, 12 January 2011, Brussels.
32. ISO (International Organization for Standardization). (2002) ISO FDIS 22307 Financial Services-privacy impact assessment.
33. ISO (International Organization for Standardization). (2008) ISO/IEC 27005 Information technology-security techniques-information security risk management.
34. ISO (International Organization for Standardization). (2009) ISO/IEC 31000 risk management-principles and guidelines on implementation
35. ISO (International Organization for Standardization). (2011) ISO/IEC CD 29101.4 Information technology-security techniques-privacy architecture framework.
36. JESELON P and FINEBERG A (2011) A Foundational Framework for a PbD-PIA, Information and Privacy Commission Canada, Toronto, ON.
37. LINSTONE, HA and TUROFF, M, Eds (1975) The Delphi Method: Techniques and Application, Addison Wesley, London.
38. MOOR JH (1998) Reason, relativity, and responsibility in computer ethics. Computers and Society 28(1), 14-21.
39. NAOE K (2008) Design culture and acceptable risk. In Philosophy and Design-From Engineering to Architecture (VERMAAS PE, KROES P, LIGHT A and MOORE SA, Eds) pp 119-130, Springer, Amsterdam.
40. NIST (National Institute of Standards and Technology). (2002) Risk management guide for information technology systems, NIST Special Publication 800-30.
41. OECD (Organisation for Economic Cooperation and Development). (1980) Guidelines on the protection of privacy and transborder flows of personal data.
42. PRIES-HEJE J, BASKERVILLE R and VENABLE JR (2008) Strategies for design science research evaluation. ECIS 2008 Proceedings, paper 87.
43. RAAB C and WRIGHT D (2012) Surveillance: extending the limits of privacy impact assessments. In Privacy Impact Assessment (WRIGHT D and DE HERT P, Eds) pp 363-383, Springer, Dordrecht.
44. ROST M (2011) Datenschutz in 3D. Datenschutz und Datensicherheit-DuD 5(35), 351-354.
45. ROST M and BOCK K (2011) Privacy by design und die Neuen Schutzziele. Datenschutz und Datensicherheit-DuD 35(1), 30-35.
46. ROST M and PFITZMANN A (2009) Datenschutz-Schutzziele-revisited. Datenschutz und Datensicherheit-DuD 33(6), 353-358.
47. SCANNAPIECO M, MISSIER P and BATINI C (2005) Data quality at a glance. Datenbank-Spektrum 14/2005.
48. SEIBILD H (2006) IT-Risikomanagement, Oldenbourg Verlag, München, Wien.
49. SHROFF M (2007) Privacy Impact Assessment Handbook, Report, Office of the Privacy Commissioner, Auckland, New Zealand.
50. SIPONEN M (2006) Information security standards-focus on the existence of process, not its content. Communications of the ACM 49(8), 97-100.
51. SIPONEN M and WILLISON R (2009) Information security management standards: problems and solutions. Information & Management 46(5), 267-270.
52. SOLOVE DJ (2002) Conceptualizing privacy. California Law Review 90(4), 1087-1156.
53. SOLOVE DJ (2006) A taxonomy of privacy. University of Pennsylvania Law Review 154(3), 477-560.
54. SPIEKERMANN S (2008) User Control in Ubiquitous Computing: Design Alternatives and User Acceptance, Shaker Verlag, Aachen.
55. SPIEKERMANN S (2012) The challenges of privacy by design. Communications of the ACM 55(7), 38-40.
56. STEWART B (1996) Privacy impact assessments. Privacy Law and Policy Reporter 3(4), 61-64.
57. SUSMAN GI and EVERED RD (1978) An assessment of the scientific merits of action research. Administrative Science Quarterly 23(4), 582-603
58. TRUSTe. (2011) TRUSTe privacy seal. [WWW document] http://www.truste.com/ (accessed 5 December 2011).
59. UK Information Commissioners Office (ICO). (2009) Privacy Impact Assessment Handbook (Version 2.0), UK Information Commissioners Office (ICO), London.
60. VAN GORP A and DE POEL IV (2008) Deciding on ethical issues in engineering design. In Philosophy and Design-From Engineering to Architecture (VERMAAS PE, KROES P, LIGHT A and MOORE SA, Eds) pp 77-89, Springer, Amsterdam.
61. VENABLE J (2006) A framework for design science research activities. In Proceedings of the Information Resource Management Association Conference, Washington, DC, USA, 21-24 May.
62. WALLS JG, WIDMEYER GR and EL SAWY OA (1992) Building an information system design theory for vigilant EIS. Information Systems Research 3(1), 36-59.
63. WARREN SD and BRANDEIS LD (1890) The right to privacy. Harvard Law Review 4(5), 193-220.
64. WESTIN AF (1967) Privacy and Freedom, Atheneum, New York.
65. WRIGHT D (2011) Should privacy impact assessments be mandatory? Communications of ACM 54(8), 121-131.
66. WRIGHT D and DE HERT P (2012) Privacy Impact Assessment, Springer, Dordrecht.
67. WRIGHT D, WADHWA K, DE HERT P and KLOZA D (2011) A Privacy Impact Assessment Framework for data protection and privacy rights. Deliverable D1 of the EU PIAF Project-Prepared for the European Commission Directorate General Justice. Brussels.