Privacy impact assessment

Privacy Impact Assessment

Volumn , Issue , 2012, Pages 1-523

  Wright, David ^a   De Hert, Paul ^b,c  

^a Trilateral Research and Consulting LLP: Trilateral Research Ltd   (United Kingdom)

^b VRIJE UNIVERSITEIT BRUSSEL   (Belgium)

^c TILBURG UNIVERSITY   (Netherlands)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 85027313675     PISSN: None     EISSN: None     Source Type: Book    
DOI: 10.1007/978-94-007-2543-0     Document Type: Book

References (478)

1. 80/20 Thinking Ltd., First Stage (Interim) Privacy Impact Assessment for Phorm Inc, February 2008. http://blogs.guardian.co.uk/technology/Phorm%20PIA%20interim%20final%20.pdf
2. Association of Chief Police Officers (ACPO), Guidance on the Management of Police Information, Second Edition, 2010. http://www.acpo.police.uk/asp/policies/data/MoPI%202nd%20Ed% 20Published%20Version.pdf
3. Albrechtslund, Anders, “Online Social Networking as Participatory Surveillance”, First Monday, Vol. 13, No. 3, 3 March 2008. http://firstmonday.org/htbin/cgiwrap/bin/ojs/index.php/fm/article/viewArticle/2142/1949
4. Allio, Lorenzo, “Better Regulation and Impact Assessment in the European Commission”, in Colin Kirkpatrick and David Parker (eds.), Regulatory Impact Assessment: Towards Better Regulation?, Edward Elgar, Cheltenham, 2007, pp. 72-105.
5. Ambler, Tim, Francis Chittenden and Monika Shamutkova, Do Regulators Play by the Rules? An Audit of Regulatory Impact Assessments, British Chambers of Commerce, London, January 2003.
6. Ambler, Tim, Francis Chittenden and Andrea Miccini, Is Regulation Really Good for Us?, British Chambers of Commerce, London, April 2010.
7. American Institute of Certified Public Accountants and Canadian Institute of Chartered Accountants (AICPA/CICA), Privacy Maturity Model, AICPA/CICA, New York and Toronto, October 2010. www.cica.ca/service-and-products/privacy
8. Anderson, Ken, “You Can Get There from Here: IPC Tools and Approaches for Privacy Compliance in Ontario”, speech by the Assistant Commissioner of the OIPC of Ontario, 27 April 2006. http://www.ipc.on.ca/images/Resources/up-2006_04_26_PIPA_Presentation.pdf
9. Arai-Takahashi, Yutaka, The Margin of Appreciation Doctrine and the Principle of Proportionality in the Jurisprudence of the ECHR, Intersentia, Antwerp, 2001.
10. Arbeitskreis Vorratsdatenspeicherung [Working Group on Data Retention], “Serious criminal offences, as defined in sect. 100a StPO, in Germany according to police crime statistics”, [German] Federal Crime Agency (BKA), 19 February 2011. http://www.vorratsdatenspeicherung.de/images/data_retention_effectiveness_report_2011-01-26.pdf
11. Arthur, Charles, “Simon Davies (of Privacy International, and 80/20 Thinking) on Phorm”, Technology Blog, The Guardian, 20 March 2008. http://www.guardian.co.uk/technology/blog/2008/mar/20/simondaviesofprivacyinter
12. Article 29 Data Protection Working Party, Transfers of personal data to third countries: Applying Articles 25 and 26 of the EU data protection directive, Working Document WP 12, Brussels, Adopted 24 July 1998. http://ec.europa.eu/justice/policies/privacy/workinggroup/wpdocs/1998_en.htm
13. Article 29 Data Protection Working Party, Working document on data protection issues related to RFID technologies, WP 105, 19 January 2005. http://ec.europa.eu/justice/policies/privacy/workinggroup/wpdocs/2005_en.htm
14. Article 29 Data ProtectionWorking Party, Results of the Public Consultation on Article 29Working Party Document 105 on Data Protection Issues Related to RFID Technologies, WP 111, Adopted on 28 September 2005. http://ec.europa.eu/justice/policies/privacy/workinggroup/wpdocs/2005_en.htm
15. Article 29 Data Protection Working Party, The Future of Privacy: Joint Contribution to the Consultation of the European Commission on the legal framework for the fundamental right to protection of personal data, Document WP 168, Adopted on 1 December 2009. http://ec. europa.eu/justice/policies/privacy/workinggroup/wpdocs/2009_en.htm
16. Article 29 Data Protection Working Party, Opinion 3/2010 on the principle of accountability, Adopted on 13 July 2010. http://ec.europa.eu/justice/policies/privacy/workinggroup/wpdocs/2010_en.htm
17. Article 29 Data Protection Working Party, “European Data Protection Authorities find current implementation of data retention directive unlawful”, Press release, Brussels, 14 July 2010. http://ec.europa.eu/justice:home/fsj/privacy/news/index_en.htm
18. Article 29 Data Protection Working Party, Opinion 9/2011 on the revised Industry Proposal for a Privacy and Data Protection Impact Assessment Framework for RFID Applications, Brussels, Adopted on 11 February 2011. http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2011/wp180_en.pdf
19. Assuras, Thalia, and Joie Chen, “House and Senate Committees Will Begin Rare August Hearings”, CBS News Transcripts, 24 July 2004.
20. Attorney-General [of Australia], “Privacy Impact Assessment Guide and Layered Privacy Policy Launch”, Press release, 26 August 2006.
21. Attorney-General’s Department /Salinger Privacy, “Privacy Impact Assessment -The AusCheck Amendment Bill 2009 and The National Security Background Check”, Canberra, 3 March 2009. http://www.ag.gov.au/www/agd/rwpattach.nsf/VAP/(712B446AA84F124A6F0833A09BD304C8)~AusCheck+PIA+-+Final+report.pdf/$file/AusCheck+PIA+-+Final+report.pdf
22. Australian Law Reform Commission, “For Your Information: Australian Privacy Law and Practice”, ALRC Report 108, August 2008. http://www.alrc.gov.au/publications/report-108
23. Australian Privacy Foundation, “Resources -The Law”. August 2010. http://www.privacy.org.au/Resources. See also the website of the Office of the Australian Privacy Commissioner: http://www.privacy.gov.au/government
24. Australian Privacy Foundation, “The Federal Government Calls It a ‘Human Services Access Card’. We Call It for What It Is: A National ID Card System”, 2007. http://www.privacy.org. au/Campaigns/ID_cards/HSAC.html
25. Australian Privacy Foundation, “Submission re Exposure Draft of Australian Privacy Amendment Legislation”, August 2010. http://www.privacy.org.au/Papers/Sen-APPs-100818.pdf
26. Ball, Kirstie, David Lyon, David Murakami Wood, Clive Norris and Charles Raab, A Report on the Surveillance Society, for the Information Commissioner by the Surveillance Studies Network (SSN), September 2006. http://ico.crl.uk.com/files/Surveillance%20society%20full% 20report%20final.pdf
27. Bamberger, Kenneth A., “Regulation as Delegation: Private Firms, Decisionmaking and Accountability in the Administrative State”, Duke Law Journal, Vol. 56, No. 2, November 2006, pp. 377-468.
28. Bamberger, Kenneth A., and Deirdre K. Mulligan, “Privacy Decisionmaking in Administrative Agencies”, University of Chicago Law Review, Vol. 75, No. 1, 2008, pp. 75-107.
29. Bamberger, Kenneth A., and Deirdre K. Mulligan, “New Governance, Chief Privacy Officers, and the Corporate Management of Information Privacy in the United States: An Initial Inquiry”, Law & Policy, Vol. 33, No. 4, October 2011, pp. 477-508.
30. Barbaro, Michael, and Tom Zeller Jr, “A Face is Exposed for AOL Searcher No. 4417749", The New York Times, 9 August 2006. http://query.nytimes.com/gst/fullpage.html?res= 9E0CE3DD1F3FF93AA3575BC0A9609C8B63
31. Bartels, Cord, Harald Kelter, Rainer Oberweis and Birger Rosenberg, TR 03126 -Technische Richtlinie für den sicheren RFID-Einsatz, Bundesamt für Sicherheit in der Informationstechnik (B.f.S.i.d.), Bonn, 2009.
32. Bayley, Robin M., “Appendix C, Jurisdictional Report for Canada”, in Privacy Impact Assessments: An International Study of their Application and Effects, Report to the UK Information Commissioner, December 2007. http://www.rogerclarke.com/DV/ICOStudy-2007-Apps.pdf
33. BBC News, “Phorm Needs ‘Better Protection’", 18 March 2008. http://news.bbc.co.uk/1/hi/technology/7303426.stm
34. BBC News, “Sites Hit in Massive Web Attack”, 2 April 2011. http://www.bbc.co.uk/news/worldus-canada-12944626
35. Beauchamp, Tom L., and James F. Childress, Principles of Biomedical Ethics, 5th ed., Oxford University Press, New York, 2001.
36. Beekman, Volkert, et al., Ethical Bio-Technology Assessment Tools for Agriculture and Food Production, Final Report of the Ethical Bio-TA Tools project, LEI, The Hague, February 2006. http://www.ethicaltools.info
37. Bellanova, Rocco, and Paul De Hert, “Le cas S. et Marper et les données personnelles: l’horloge de la stigmatisation stoppée par un arrêt européen”, Cultures & Conflits, No. 76, 2010, pp. 15-27.
38. Bennett, Colin J., and Charles Raab, The Governance of Privacy: Policy Instruments in Global Perspective, Ashgate Press, Aldershot, UK, 2003. Second and revised edition, MIT Press, Cambridge, MA, 2006.
39. Bennett, Colin J., Charles D. Raab and Priscilla Regan, “People and Place: Patterns of Individual Identification within Intelligent Transportation Systems”, in David Lyon (ed.), Surveillance as Social Sorting: Privacy, Risk, and Digital Discrimination, Routledge, London, 2003.
40. Bennett, Colin J., “In Defence of Privacy”, Surveillance & Society, Vol. 8, No. 4, 2011, pp. 485-496. Respondents, in the same issue, were Priscilla M. Regan (“A Response to Bennett’s ‘In Defence of Privacy’ ", pp. 497-499), John Gilliom (“A Response to Bennett’s ‘In Defence of Privacy’ ", pp. 500-504), danah boyd (“Dear Voyeur, Meet Flâneur… Sincerely, Social Media”, pp. 505-507) and Felix Stalder (“Autonomy beyond Privacy? A Rejoinder to Colin Bennett”, pp. 508-512). The debate can be downloaded as a single file: http://www.surveillance-and-society.org/ojs/index.php/journal/article/downloadSuppFile/privacy_defence/privacy_debate
41. Berman, Jerry, and Deirdre K. Mulligan, Comments of the Center for Democracy and Technology on the Draft “Options for Promoting Privacy on the National Information Infrastructure”, 29 July 1997. http://old.cdt.org/privacy/ntia.html
42. Better Regulation Executive, Measuring Administrative Costs: UK Standard Cost Model Manual, BRE/Cabinet Office, London, September 2005. http://www.berr.gov.uk/files/file44503.pdf
43. Better Regulation Executive (BRE) and Department for Business, Innovation and Skills (BIS), Impact Assessment Guidance, BRE, London, April 2010. http://www.bis.gov.uk/assets/biscore/better-regulation/docs/10-898-impact-assessment-guidance.pdf
44. Better Regulation Task Force, Less is More, BRTF, London, March 2005. http://www.bis.gov.uk/files/file22967.pdf
45. BeVier, Lillian R., “Information About Individuals in the Hands of Government: Some Reflections on Mechanisms for Privacy Protection”, William & Mary Bill of Rights Journal, Vol. 4, No. 2, 1995, pp. 455-506.
46. Bloomfield, Stuart, “The Role of the Privacy Impact Assessment”, speech for Managing Government Information, 2nd Annual Forum, OPC of Canada, Ottawa, 10 March 2004. http://www.priv.gc.ca/speech/2004/sp-d_040310_e.cfm
47. Bowker, Geoffrey C., and Susan L. Star, Sorting Things Out: Classification and Its Consequences, MIT Press, Cambridge, MA, 1999.
48. Brisbane, Arthur S., “Bill Keller Responds to Column on Swift Mea Culpa”, The New York Times, 6 November 2006. http://publiceditor.blogs.nytimes.com/2006/11/06/bill-keller-responds-tocolumn-on-swift-mea-culpa/
49. British Standards Institution, 10012: 2009 Data protection. Specification for a personal information management system, London, May 2009. http://shop.bsigroup.com/en/ProductDetail/?pid= 000000000030175849
50. Bryant, Beth C., “NEPA Compliance In Fisheries Management: The Programmatic Supplemental Environmental Impact Statement On Alaskan Groundfish Fisheries And Implications For NEPA Reform”, Harvard Environmental Law Review, Vol. 30, No. 2, 2006, pp. 441-479.
51. Cabinet Office, Data Handling Procedures in Government: Final Report, Cabinet Office, London, 2008. http://www.cabinetoffice.gov.uk/media/65948/dhr080625.pdf
52. Cabinet Secretary to the Australian Government, “First Stage Response to the Australian Law Reform Commission Report 108", October 2009. http://www.pmc.gov.au/privacy/alrc_docs/stage1_aus_govt_response.pdf
53. Calame, Byron, “Banking Data: A Mea Culpa”, The New York Times, 22 October 2006. http://www.nytimes.com/2006/10/22/opinion/22pubed.html?pagewanted=2
54. Cameron, Iain, National Security and the European Convention on Human Rights, Kluwer Law, The Hague, 2000.
55. Campbell, Clark A., The One-Page Project Manager for IT Projects, Wiley, Hoboken, NJ, 2008.
56. Canadian Charter of Rights and Freedoms, Part 1 of the Constitution Act, 1982, being Schedule B to the Canada Act 1982 (U.K.), 1982.
57. Cavoukian, Ann, Privacy by Design, Ontario Information & Privacy Commissioner (OIPC), Toronto, 2009. http://www.ipc.on.ca/images/Resources/privacybydesign.pdf
58. CCTV User Group, Model Code of Practice and Procedures Manual, 2002. http://www.cctvusergroup.com/index.php
59. Center for Democracy and Technology, “Public Interest Groups and Academics Call on Bush Administration to Fill Privacy Position”, Press release, Washington, DC, 16 April 2001. http://old.cdt.org/press/010416press.shtml
60. Center for Democracy and Technology, Statement Before the Senate Government Affairs Committee, Washington, DC, 11 July 2001. http://www.cdt.org/testimony/010711cdt.shtml
61. Center for Democracy and Technology, Comments of the Center for Democracy and Technology on US-VISIT Program, Increment 1, Privacy Impact Assessment (December 18, 2003), 4 February 2004. http://old.cdt.org/security/usvisit/20040204cdt.pdf
62. Center for Democracy and Technology, “Letter to Secretary of State Condoleezza Rice Re: State Department Release of Privacy Impact Assessments”, Washington, DC, 2007, pp. 1-2. http://www.cdt.org/security/identity/20070502rice.pdf
63. Charlesworth, Andrew, “Implementing the European Union Data Protection Directive 1995 in UK Law: The Data Protection Act 1998", Government Information Quarterly, Vol. 16, No. 3, 1999, pp. 203-240.
64. Charlesworth, Andrew, “The Future of UK Data Protection Regulation”, Information Security Technical Report, Vol. 11, No. 1, 2006, pp. 46-54.
65. Chope, Charles, “Preparation of an Additional Protocol to the European Convention on Human Rights, on the Right to a Healthy Environment”, Rapporteur, Opinion presented to the Committee on Legal Affairs and Human Rights, Council of Europe, Doc. 1204329, September 2009. http://assembly.coe.int/Documents/WorkingDocs/Doc09/EDOC12043.pdf
66. Citizenship and Immigration Canada, Access to Information and Privacy, Privacy Impact Assessment Summaries, webpage. http://www.cic.gc.ca/english//department/atip/pia.asp
67. Clarke, Jeanne Nienaber, and Daniel C. McCool, Staking Out the Terrain: Power Differential Among Natural Resource Management Agencies, second edition, State University of New York Press, New York, 1996.
68. Clarke, Roger, “Information Technology and Dataveillance”, Communications of the ACM, Vol. 31, No. 5, May 1988, pp. 498-512.
69. Clarke, Roger, “Matches Played Under Rafferty’s Rules: The Parallel Data Matching Program Is Not Only Privacy-Invasive But Economically Unjustifiable As Well”, Xamax Consultancy Pty Ltd, November 1993. http://www.rogerclarke.com/DV/PaperMatchPDMP.html. Versions published in Privacy Law & Policy Reporter, Vol. 1, No. 1, February 1994, and in Policy, Autumn 1994.
70. Clarke, Roger, “Privacy Impact Assessments”, Xamax Consultancy Pty Ltd, February 1998a. http://www.rogerclarke.com/DV/PIA.html
71. Clarke, Roger, “Privacy Impact Assessment Guidelines”, Xamax Consultancy Pty Ltd, February 1998b. http://www.xamax.com.au/DV/PIA.html
72. Clarke, Roger, “The Fundamental Inadequacies of Conventional Public Key Infrastructure”, Proceedings of the Ninth European Conference on Information Systems (ECIS 2001), Association for Information Systems, Bled, Slovenia, 27-29 June 2001. http://www.rogerclarke.com/II/ECIS2001.html
73. Clarke, Roger, “What’s Privacy?", 2006. http://www.rogerclarke.com/DV/Privacy.html
74. Clarke, Roger, “Privacy Impact Assessment in Australian Contexts”, Murdoch eLaw Journal, Vol. 15, No. 1, June 2008. http://www.rogerclarke.com/DV/PIAAust.html
75. Clarke, Roger, “Privacy Impact Assessment: Its Origins and Development”, Computer Law & Security Review, Vol. 25, No. 2, April 2009, pp. 123-135. PrePrint at http://www.rogerclarke. com/DV/PIAHist-08.html
76. Clarke, Roger, “An Evaluation of Privacy Impact Assessment Guidance Documents”, International Data Privacy Law, Vol. 1, No. 2, May 2011, pp. 111-120. http://idpl.oxfordjournals.org/content/1/2.toc
77. Cayton Utz, Lawyers, “Proposed Western Australian Government Number: Privacy Impact Assessment”, prepared for the Western Australian Department of the Premier and Cabinet: Office of e-Government, 19 June 2007, pp. 84-91. http://www.publicsector.wa.gov.au/SiteCollectionDocuments/FINALWAGNPIA.pdf
78. Commission d’accès à l’information du Québec, Biometrics in Québec: Application Principles -Making an Informed Choice, July 2002. http://www.cai.gouv.qc.ca/home_00_portail/01_pdf/biometrics.pdf
79. Commission d’accès à l’information du Québec, Cadre de référence concernant l’Obtention d’un avis de la Commission pour un dossier technologique, February 2004. http://www.cai.gouv.qc. ca/06_documentation/01_pdf/cadre_reference.pdf
80. Commissioner for Law Enforcement Data Security (CLEDS), “Review of Victoria Police Major Project Development MOUs Under s11(1)(e) of the Commissioner for Law Enforcement Data Security Act 2005", August 2010. http://www.chiefexaminer.vic.gov.au/retrievemedia. asp?Media_ID=60421
81. Convergence e-Business Solutions Pty Ltd, “Identity & Access Management Framework”, v.2, prepared for the West Australian Government Office of e-Government, Department of the Premier & Cabinet, Perth, 15 September 2005. http://www.publicsector.wa.gov.au/SiteCollectionDocuments/WA_IAM_Framework_rpt_V2.0.pdf
82. Council on Environmental Quality, The National Environmental Policy Act: A Study of Its Effectiveness After Twenty-Five Years, January 1997. http://ceq.hss.doe.gov/nepa/nepa25fn.pdf
83. Culnan, Mary J., and Cynthia Clark Williams, “How Ethics Can Enhance Organizational Privacy: Lessons from the Choicepoint and TJX Data Breaches”, MIS Quarterly, Vol. 33 No. 4, December 2009, pp. 673-687.
84. Cyberspace Law and Policy Centre of the University of New South Wales, “Necessary improvements to the Australian Privacy Principles”, August 2010. https://senate.aph.gov.au/submissions/comittees/viewdocument.aspx?id=9b3bffed-935d-4ea7-8a8a-123433c9eaec Cyberspace Law and Policy Centre of the University of New South Wales, “Communications Privacy Complaints: In Search of the Right Path”, A consumer research report supported by the Australian Communications Consumer Action Network (ACCAN), Sydney, September 2010. http://www.cyberlawcentre.org/privacy/ACCAN_Complaints_Report/report.pdf Dalton, C., D. Plaquin, W. Weidner, D. Kuhlmann, B. Balacheff and R. Brown, “Trusted Virtual Platforms: A Key Enabler for Converged Client Devices”, Operating Systems Review, Vol. 43, No. 1, 2009, pp. 36-43.
85. Dearne, Karen, “Reject E-health Identifier Bill, Says Law Professor”, The Australian, 16 March 2010.
86. De Beer De Laer, Daniel, Paul De Hert, Gloria González Fuster and Serge Gutwirth, “Nouveaux éclairages de la notion de ‘donnée personnelle’ et application audacieuse du critère de proportionnalité. Cour européenne des droits de l’homme Grande Chambre S et Marper c. Royaume Uni, 4 décembre 2008", Revue Trimestrielle des Droits de l’Homme, 2009, No. 81, pp. 141-161.
87. De Hert, Paul, “Balancing Security and Liberty Within the European Human Rights Framework: A Critical Reading of the Court’s Case Law in the Light of Surveillance and Criminal Law Enforcement Strategies After 9/11", Utrecht Law Review, Vol. 1, No. 1, 2005, pp. 68-96. http://www.utrechtlawreview.org/index.php/ulr/issue/view/1
88. De Hert, Paul, and K.Weis, “La Conservation pour une durée indéterminée d’empreintes digitales, d’échantillons cellulaires et profils A.N.D. de personnes acquittées porte atteinte au respect de leur vie privée”, Comment on Marper, Vigiles. Revue du droit de police, Vol. 15, No. 2, 2009, pp. 79-83.
89. De Hert, Paul, and Serge Gutwirth, “Privacy, Data Protection and Law Enforcement: Opacity of the Individual and Transparency of Power” in Erik Claes, Anthony Duff and Serge Gutwirth (eds.), Privacy and the Criminal Law, Intersentia, Antwerp, 2006, pp. 61-104.
90. Delmas-Marty, Mireille, The European Convention for the Protection of Human Rights: International Protection Versus National Restrictions, Martinus Nijhoff, Dordrecht, 1992.
91. Dempsey, James X., Executive Director, Center for Democracy and Technology, “Privacy in the Hands of the Government: The Privacy Officer for the Department of Homeland Security”, Testimony before the Subcommittee on Commercial and Administrative Law of the House Committee on the Judiciary, 108th Congress, 2d Session, 2004. http://old.cdt.org/testimony/20040210dempsey.shtml
92. Department for Business, Innovation and Skills (BIS), “New Rules to Hand Over Powers to Individuals and Companies by Cutting Red Tape and Bureaucracy”, Press release, London, 5 August 2010. http://nds.coi.gov.uk/content/detail.aspx?NewsAreaId= 2&ReleaseID=414871&SubjectId=15&DepartmentMode=true
93. Department for Transport, Impact Assessment on the Use of Security Scanners at UK Airports, Consultation, March 2010. http://www.dft.gov.uk/consultations/closed/2010-23/ia.pdf
94. Department of Communities and Local Government, Making Better Use of Energy Performance Data: Impact Assessment, consultation, March 2010. http://www.communities.gov.uk/documents/planningandbuilding/pdf/1491281.pdf
95. Department of Defence (DoD), “Defence Privacy Impact Checklist”, Canberra, February 2008. http://www.defence.gov.au/fr/Privacy/defence-piachecklist-Feb08.doc
96. Department of Finance and Personnel (Northern Ireland), Review of Domestic Rating Data Sharing Privacy Impact Assessment (PIA), Bangor, 2008.
97. Department of Homeland Security, Privacy Impact Assessments: The Privacy Office Official Guidance, Washington, DC, June 2010. http://www.dhs.gov/files/publications/gc_ 1209396374339.shtm
98. Department of State, Abstract of Concept of Operations for the Integration of Contactless Chip in the U.S. Passport, Abstract of Document Version 2.0, 2004.
99. DeShazo, J.R., and Jody Freeman, “Public Agencies as Lobbyists”, Columbia Law Review, Vol. 105, No. 8, December 2005. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=876815
100. de Vries, Katya, Rocco Bellanova and Paul De Hert, “Proportionality Overrides Unlimited Surveillance: The German Constitutional Court Judgment on Data Retention”, in CEPS Liberty and Security in Europe publication series, Brussels, CEPS, 2010a. http://www.ceps.eu/book/proportionality-overrides-unlimited-surveillance
101. de Vries, Katya, Rocco Bellanova, Paul De Hert and Serge Gutwirth, “The German Constitutional Court Judgment on Data Retention: Proportionality Overrides Unlimited Surveillance (Doesn’t it?)", in Serge Gutwirth, Yves Poullet, Paul De Hert and Ronald Leenes (eds.), Privacy and Data Protection: An Element of Choice, Springer, Dordrecht, 2011.
102. Di Iorio, C.T., F. Carinci, J. Azzopardi et al., “Privacy Impact Assessment in the Design of Transnational Public Health Information Systems: The BIRO Project”, Journal of Medical Ethics, Vol. 35, 2009, pp. 753-761. http://jme.bmj.com/content/35/12/753.abstract
103. Dixon, Tim, “Communications Law Centre Wants IPPs Revised in Line with Australian Privacy Charter”, Privacy Law and Policy Reporter, Vol. 3, No. 9, January 1997. http://www.austlii. edu.au/au/journals/PLPR/1997/4.html
104. Dworkin, Ronald, “It Is Absurd to Calculate Human Rights According to a Cost-Benefit Analysis”, The Guardian, 24 May 2006. http://www.guardian.co.uk/commentisfree/2006/may/24/comment.politics
105. Easton, Marleen, Lodewijk Moor, Bob Hoogenboom, Paul Ponsaers and Bas van Stokkom (eds.), Reflections on Reassurance Policing in the Low Countries, Boom Juridische Uitgevers, The Hague, 2008.
106. EEF (The Manufacturers’ Organisation), Reforming Regulation: Improving Competitiveness, Creating Jobs. Report by the EEF Regulation Task Group, EEF, London, September 2010.
107. Electronic Privacy Information Center, Public Opinion on Privacy, Washington, DC, [undated]. http://www.epic.org/privacy/survey/
108. Espiner, Tom, “Data Breaches Cost an Average Business £1.4m”, ZDNet.co.uk, 25 February 2008. http://news.zdnet.co.uk/security/0,1000000189,39341215,00.htm
109. ESRC Seminar Series, Mapping the Public Policy Landscape: Assessing Privacy Impact, 2009.
110. European Commission, European Governance: A White Paper, COM (2001) 428 final, Brussels, 2001.
111. European Commission, Communication: A Sustainable Europe for a Better World: A European Strategy for Sustainable Development, COM (2001) 264, Brussels, 15 May 2001.
112. European Commission, Communication on European Governance: Better Law-making, COM(2002) 275 final, 5 June 2002.
113. European Commission, Communication from the Commission on Impact Assessment, Brussels, COM(2002) 276 final, Brussels, 5 June 2002.
114. European Commission, Better Regulation for Growth and Jobs in the European Union, COM(2005) 97 final, 16 March 2005.
115. European Commission, Impact Assessment Guidelines, SEC(2005) 791, Brussels, June 2005.
116. European Commission, Proposal for a Council Framework Decision on the exchange of information under the principle of availability, COM(2005) 490 final, Brussels, 12 October 2005.
117. European Commission, Radio Frequency Identification (RFID) in Europe: steps towards a policy framework, Communication to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions, COM(2007) 96 final, Brussels, 15 March 2007.
118. European Commission, The European Research Area: New Perspectives, Green Paper, COM(2007) 161 final, Brussels, 4 April 2007.
119. European Commission, Ageing well in the Information Society, Action Plan on Information and Communication Technologies and Ageing, An i2010 Initiative, Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions, COM(2007) 332 final, Brussels, 14 June 2007.
120. European Commission, Recommendation on the implementation of privacy and data protection principles in applications supported by radio-frequency identification, C(2009) 3200 final, Brussels, 12 May 2009. http://ec.europa.eu/information_society/policy/rfid/documents/recommendationonrfid2009.pdf
121. European Commission, Impact Assessment Guidelines, SEC(2009) 92, Brussels, 15 January 2009. http://ec.europa.eu/enterprise/policies/sme/files/docs/sba/iag_2009_en.pdf
122. European Commission, “Commission earmarks C1bn for investment in broadband -Frequently Asked Questions”, Press release, MEMO/09/35, Brussels, 28 January 2009. http://europa.eu/rapid/pressReleasesAction.do?reference=MEMO/09/35
123. European Commission, A comprehensive approach on personal data protection in the European Union, Communication from the Commission to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions, COM(2010) 609 final, Brussels, 4 November 2010. http://ec.europa.eu/justice/news/intro/news_intro_en.htm# 20101104
124. European Council, Resolution of 8 October 2001 on “e-Inclusion” -exploiting the opportunities of the information society for social inclusion, 2001/C 292/02, Official Journal of the European Communities, 18 October 2001. http://eur-lex.europa.eu/JOHtml.do?uri=OJ: C: 2001: 292: SOM: en:HTML
125. European Council, Framework Decision 2008/977/JHA of 27 November 2008 on the protection of personal data processed in the framework of police and judicial cooperation in criminal matters.
126. European Data Protection Supervisor, Opinion on the Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions on ‘Radio Frequency Identification (RFID) in Europe: steps towards a policy framework’, COM(2007) 96, C 101/1, Official Journal of the European Union, 23 April 2008. http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consultation/Opinions/2007/07-12-20_RFID_EN.pdf
127. European Economic and Social Committee (EESC), Opinion on Use of Security Scanners at EU airports, 16-17 February 2011. 9
128. European Group on Ethics in Science and New Technologies (EGE), Opinion No. 20 on Ethical Aspects of ICT Implants in the Human Body, Adopted on 16 March 2005.
129. European Network and Information Security Agency (ENISA), Emerging and Future Risks Framework -Introductory Manual, Heraklion, 2010.
130. European Network and Information Security Agency (ENISA), Flying 2.0 -Enabling automated air travel by identifying and addressing the challenges of IoT & RFID technology, Heraklion, 2010.
131. European Network and Information Security Agency, ENISA Opinion on the Industry Proposal for a Privacy and Data Protection Impact Assessment Framework for RFID Applications [of March 31, 2010], Heraklion, July 2010. http://www.enisa.europa.eu/media/news-items/enisaopinion-on-pia
132. European Parliament, Resolution of 23 October 2008 on the impact of aviation security measures and body scanners on human rights, privacy, personal dignity and data protection, Strasbourg. http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+TA+ P6-TA-2008-0521+0+DOC+XML+V0//EN
133. European Parliament, Resolution of 5 May 2010 on the launch of negotiations for Passenger Name Record (PNR) agreements with the United States, Australia and Canada. http://www.europarl. europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+TA+P7-TA-2010-0144+0+DOC+XML+ V0//EN
134. European Parliament and the Council, Directive 95/46/EC of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data [Data Protection Directive], Official Journal, L 281, 23/11/1995, pp. 0031-0050.
135. European Parliament and the Council, Regulation (EC) No 45/2001 of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data.
136. European Parliament and the Council, Directive 2002/22/EC of 7 March 2002 on universal service and users’ rights relating to electronic communications networks and services (Universal Service Directive), Official Journal, L 108 of 24 April 2002.
137. European Parliament and the Council, Directive 2002/58/EC of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), Brussels.
138. European Parliament and the Council, Directive 2006/24/EC of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC.
139. European Parliament and the Council, Regulation (EC) No 300/2008 of 11 March 2008 on common rules in the field of civil aviation security, Official Journal, L 97, 9 April 2008, pp. 72-84.
140. European Parliament and the Council, Directive 2009/136/EC of 25 November 2009 amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services; Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws.
141. European Parliament and the Council, Directive 2010/75/EU on industrial emissions, 24 November 2010. http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ: L: 2010: 334: 0017: 0119: EN: PDF
142. Evans, Carolyn, and Simon Evans, “Evaluating the Human Rights Performance of Legislatures”, Human Rights Law Review, Vol. 6, No. 3, 2006, pp. 545-569.
143. Financial Services Authority, Data Security in Financial Services, London, April 2008. http://www.fsa.gov.uk/pubs/other/data_security.pdf
144. Flaherty, David H., Protecting Privacy in Surveillance Societies, University of North Carolina Press, Chapel Hill, NC, 1989.
145. Flaherty, David H., “Privacy Impact Assessments: An Essential Tool for Data Protection”, Presentation at the 22nd Annual Meeting of Privacy and Data Protection Officials, Venice, 27-30 September 2000. http://aspe.hhs.gov/datacncl/flaherty.htm Flaherty, David, “Privacy Impact Assessments: An Essential Tool for Data Protection”, Privacy Law and Policy Reporter, Vol. 7, No. 5, November 2000. http://www.austlii.edu.au/au/journals/PLPR/2000/
146. Flaherty, David, “Criteria for Evaluating the Adequacy of Privacy Impact Assessments in Canada”, 29th International Conference of Data Protection and Privacy Commissioners, Privacy Impact Assessment Issues and Approaches for Regulators, WorkshopWorkbook, Montreal, September 2007. http://www.privacyconference2007.gc.ca/workbooks/Terra_Incognita_workbook12_bil. pdf
147. Flanagan, Mary, Daniel C. Howe and Helen Nissenbaum, “Embodying Values in Technology: Theory and Practice”, in Jeroen van den Hoven and John Weckert (eds.), Information Technology and Moral Philosophy, Cambridge University Press, Cambridge, 2008, pp. 322-353.
148. Foundation for Information Policy Research (FIPR), Children’s Databases -Safety and Privacy: A Report for the Information Commissioner, March/August 2006. http://www.cl.cam.ac.uk/~ rja14/Papers/kids.pdf
149. Fujitsu Research Institute, “Personal data in the cloud: the importance of trust”, Tokyo, 2010. http://ts.fujitsu.com/rl/visit2010/downloads/Fujitsu_Consumer_Data_Privacy_Report_part2.pdf
150. Fusco, Claudia, Presentation at the INEX Roundtable on Body Scanners, Brussels, 27 January 2011. http://www.ceps.eu/event/roundtable-body-scanners.
151. Gellman, Robert, “A Better Way to Approach Privacy Policy in the United States: Establish a Non-Regulatory Privacy Protection Board”, Hastings Law Journal, Vol. 54, April 2003, pp. 1183-1226.
152. German Working Group on Data Retention (AK Vorrat), “Study finds telecommunications data retention ineffective”, 27 January 2011. http://www.vorratsdatenspeicherung.de/content/view/426/79/lang, en/
153. Gerrard, Graeme, Garry Parkins, Ian Cunningham et al., National CCTV Strategy, Home Office and Association of Chief Police Officers, London, October 2007. http://www.bhphousing. co.uk/streetcare2.nsf/Files/LBBA-24/$FILE/Home%20Office%20National%20CCTV% 20Strategy.pdf
154. Gill, Martin, and Angela Spriggs, Assessing the Impact of CCTV, Home Office Research, Development and Statistics Directorate, February 2005.
155. Goffman, Erving, Behavior in Public Places: Notes on the Social Organization of Gatherings, The Free Press, New York, 1963.
156. Goffman, Erving, Frame Analysis: An Essay on the Organization of Experience, Harper and Row, London, 1974.
157. González Fuster, Gloria, “TJCE -Sentencia de 04.12.2008, S. y Marper c. Reino Unido”, Revista de Derecho Comunitario Europeo, Vol. 33, 2009, pp. 619-633.
158. González Fuster, Gloria, Serge Gutwirth and Erika Ellyne, “Profiling in the European Union: A High-Risk Practice”, INEX Policy Brief, No. 10, 2010.
159. González Fuster, Gloria, Paul De Hert, E. Ellyne and Serge Gutwirth, “Huber, Marper and Others: Throwing New Light on the Shadows of Suspicion”, INEX Policy Brief, No. 11, June 2010. http://www.ceps.eu/book/huber-marper-and-others-throwing-new-light-shadows-suspicion
160. Goold, Benjamin J., “Surveillance and the Political Value of Privacy”, Amsterdam Law Forum, Vol. 1, No. 4, August 2009.
161. Goslett, Miles, “Your OfficeMay Have Been Bugged by BAE, Investigators ToldMP”, Daily Mail, 3 October 2009. http://www.dailymail.co.uk/news/article-1217919/Your-office-bugged-BAEinvestigators-told-MP.htMl
162. Government Accountability Office (GAO), Privacy Act: OMB Leadership Needed to Improve Agency Compliance, GAO-03-304, Washington, DC, June 2003.
163. Government Accountability Office (GAO), Data Mining: Agencies Have Taken Key Steps to Protect Privacy in Selected Efforts, but Significant Compliance Issues Remain, GAO-05-866, August 2005. http://www.gao.gov/new.items/d05866.pdf
164. Government Accountability Office (GAO), Border Security: US-VISIT Program Faces Strategic, Operational, and Technological Challenges at Land Ports of Entry, GAO-07-378T, Washington, DC, 31 January 2007. http://www.gao.gov/new.items/d07378t.pdf
165. Government Accountability Office, Homeland Security: Continuing Attention to Privacy Concerns is Needed as Programs Are Developed (“Homeland Security Report”), GAO-07-630T, Washington, DC, 21 March 2007. http://www.gao.gov/new.items/d07630t.pdf
166. Government Accountability Office (GAO), Homeland Security: Prospects for Biometric US-VISIT Exit Capability Remain Unclear, GAO-07-1044T, Washington, DC, 28 June 2007. http://www.gao.gov/new.items/d071044t.pdf
167. Greenleaf, Graham, uot;Hong Kong’s ‘smart’ ID Card: Designed To Be Out of control”, Chapter 5 in Colin J. Bennett and David Lyon (eds.), Playing the Identity Card: Surveillance, Security and Identification in Global Perspective, Routledge, London, 2008. Chapter available separately at http://www.austlii.edu.au/au/journals/ALRS/2008/10.html
168. GS1 and Logica CMG, European passive RFID Market Sizing 2007-2022, Report of the BRIDGE Project, February 2007. http://www.bridge-project.eu/data/File/BRIDGE% 20WP13%20European%20passive%20RFID%20Market%20Sizing%202007-2022.pdf
169. Guenther, Oliver, and Sarah Spiekermann, “RFID and the Perception of Control: The Consumer’s View”, Communications of the ACM, Vol. 48, No. 9, 2005, pp. 73-76.
170. Guild, Elspeth, “Global Data Transfers: The Human Rights Implications”, INEX Policy Brief, No. 9, May 2009. http://www.ceps.eu/ceps/download/3400
171. Harris, David, Michael O’Boyle, Edward Bates and Carla Buckley, Law of the European Convention on Human Rights, second edition, Oxford University Press, Oxford, 2009, pp. 385-392.
172. Heath, Chip, Richard P. Larrick and Joshua Klayman, “Cognitive Repairs: How Organizational Practices Can Compensate for Individual Shortcomings”, Research in Organizational Behavior, Vol. 20, No. 1, 1998, pp. 1-37.
173. Heimer, Carol A., “Explaining Variation in the Impact of Law: Organizations, Institutions, and Professions”, in Austin Sarat and Susan S. Silbey (eds.), Studies In Law, Politics, and Society, Vol. 15, Emerald Publishing, Bingley, UK, 1995, pp. 29-59.
174. Hildebrand, Stephen G., and Johnnie B. Cannon, Environmental Analysis: The NEPA Experience, Lewis Publishers, Boca Raton, FL, 1993.
175. HM Government, Code of Practice on Consultation, Better Regulation Executive, Department for Business, Enterprise and Regulatory Reform (BERR), London, July 2008. http://www.berr.gov. uk/files/file47158.pdf
176. HM Government/BERR, Regulatory Budgets: A Consultation Document, London, August 2008. http://www.berr.gov.uk/files/file47129.pdf
177. HM Government, Summary of Simplification Plans, London, 2009.
178. Hofmann, B., “On Value-Judgements and Ethics in Health Technology Assessment”, Poiesis & Praxis, Vol. 3, No. 4, December 2005.
179. Hope-Tindall, Peter, “Privacy Impact Assessment -Obligation or Opportunity: The Choice is Ours!", Prepared for CSE ITS Conference, Ottawa, Ontario, 16 May 2002. http://www.home. inter.net/gt/grabbag/Tindall_PIA_Material.pdf
180. House of Lords, Constitution Committee -Second Report, Surveillance: Citizens and the State, London, January 2009. http://www.publications.parliament.uk/pa/ld200809/ldselect/ldconst/18/1808.htm#a56
181. Humpherson, Ed, “Auditing Regulatory Impact Assessment: UK Experience”, in Colin Kirkpatrick and David Parker (eds.), Regulatory Impact Assessment: Towards Better Regulation?, Edward Elgar, Cheltenham, 2007, pp. 132-144.
182. Information and Privacy Office, Management Board Secretariat, Ontario, Privacy Impact Assessment: A User’s Guide, June 2001. http://www.accessandprivacy.gov.on.ca/english/pia/index.html
183. Information Commissioner’s Office (ICO), “Appendix E: Jurisdictional Report for Australia” in Privacy Impact Assessments: International Study of their Application and Effects, Wilmslow, UK, December 2007. http://www.ico.gov.uk/upload/documents/library/corporate/research_and_reports/lbrouni_piastudy_appe_aus_2910071.pdf
184. Information Commissioner’s Office (ICO), Privacy Impact Assessments: International Study of their Application and Effects, Appendix I, Wilmslow, UK, December 2007. http://www.ico.gov. uk/upload/documents/library/corporate/research_and_reports/privacy_impact_assessment_ international_study.011007.pdf
185. Information Commissioner’s Office (ICO), Privacy Impact Assessment Handbook, Wilmslow, Cheshire, UK, December 2007. Version 2.0, June 2009. http://www.ico.gov.uk/for_ organisations/topic_specific_guides/pia_handbook.aspx; http://www.ico.gov.uk/upload/documents/pia_handbook_html_v2/index.html
186. Information Commissioner’s Office (ICO), Information Commissioner’s Annual Report 2009/10, Wilmslow, 2010. http://www.ico.gov.uk/upload/documents/library/corporate/detailed_ specialist_guides/annual_report_2010.pdf
187. Information Security Forum, Standard of Good Practice for Information Security, London. http://www.isfsecuritystandard.com/SOGP07/index.htm
188. Information Systems Audit and Control Association, COBIT 4.1, IT Governance Institute, Rolling Meadows, IL, 2008.
189. Internal Revenue Service, IRS Privacy Impact Assessment, Version 1.3, Washington, DC, 17 December 1996. http://www.cio.gov/documents/pia_for_it_irs_model.pdf
190. International Conference of Data Protection and Privacy Commissioners, “The Montreux Declaration -The Protection of Personal Data and Privacy in a Globalised World: A Universal Right Respecting Diversities”, adopted by the 27th Conference in Montreux, Switzerland, 16 September 2005.
191. International Conference of Data Protection and Privacy Commissioners, Privacy Impact Assessment Issues and Approaches for Regulators, Workshop Workbook, 29th Conference, Montreal, September 2007. http://www.privacyconference2007.gc.ca/workbooks/Terra_ Incognita_workbook12_bil.pdf
192. International Conference of Data Protection and Privacy Commissioners, “Resolution on the Urgent Need for Protecting Privacy in a Borderless World, and for Reaching a Joint Proposal for Setting International Standards on Privacy and Personal Data Protection”, adopted by the 30th Conference in Strasbourg, France, on 17 October 2008.
193. International Conference of Data Protection and Privacy Commissioners, Resolution on International Standards of Privacy, 31st Conference, Madrid, November 2009. http://www.privacyconference2009.org/dpas_space/space:reserved/documentos_adoptados/common/2009_Madrid/estandares_resolucion_madrid_en.pdf
194. International Organization for Standardization (ISO), Information Technology -Security techniques -Information Security Risk Management, International Standard, ISO/IEC 27005: 2008(E), First edition, Geneva, 15 June 2008.
195. International Organization for Standardization, ISO 22307: 2008 Financial services -Privacy impact assessment, Geneva, 2008. http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=40897
196. Jacobs, Colin, “The Evolution and Development of Regulatory Impact Assessment in the UK”, in Colin Kirkpatrick and David Parker (eds.), Regulatory Impact Assessment: Towards Better Regulation?, Edward Elgar, Cheltenham, 2007, pp. 106-131.
197. Johnson, Bobbie, “Finland Makes Broadband Access a Legal Right”, The Guardian, 14 October 2009. http://www.guardian.co.uk/technology/2009/oct/14/finland-broadband
198. Karkkainen, Bradley C., “Toward a Smarter NEPA: Monitoring and Managing Government’s Environmental Performance”, Columbia Law Review, Vol. 102, No. 4, May 2002, pp. 904-906.
199. Karol, Thomas J., A Guide to Cross-Border Privacy Impact Assessments, Deloitte & Touche, 2001. http://www.isaca.org/Knowledge-Center/Research/ResearchDeliverables/Pages/A-Guide-To-Cross-Border-Privacy-Impact-Assessments.aspx
200. Karol, Thomas J., “Cross-Border Privacy Impact Assessments: An Introduction”, ISACA Journal, Vol. 3, 2001. http://www.isaca.org/Journal/Past-Issues/2001/Volume-3/Pages/Cross-Border-Privacy-Impact-Assessments.aspx
201. Karygiannis, Tom, Bernard Eydt, Greg Barber, Lynn Bunn and Ted Phillips, Guidelines for Securing Radio Frequency Identification (RFID) Systems, NIST Special Publication 800-98, National Institute of Standards and Technology, Gaithersburg, MD, April 2007.
202. Kelvin, P., “A social-psychological examination of privacy”, British Journal of Social and Clinical Psychology, Vol. 12, 1973, pp. 248-261.
203. Kirkpatrick, Colin, and David Parker (eds.), Regulatory Impact Assessment: Towards Better Regulation?, Edward Elgar, Cheltenham, 2007.
204. Kirkpatrick, Colin, David Parker and Yin-Fang Zhang, “Regulatory Impact Assessment and Regulatory Governance in Developing Countries”, Public Administration and Development, Vol. 24, Issue 4, Oct 2004, pp. 333-344.
205. Kirkpatrick, Colin, and David Parker, “Regulatory Impact Assessment in Developing and Transition Economies: A Survey of Current Practice”, Public Money and Management, Vol. 24, No. 5, 2004, pp. 291-296.
206. Korff, D., and I. Brown, Different Approaches to New Privacy Challenges in Particular in the Light of Technological Developments, European Commission, DG Justice, Freedom and Security, Brussels, 2010. http://ec.europa.eu/justice/policies/privacy/docs/studies/new_ privacy_challenges/final_report_en.pdf
207. Kroes, Neelie, “Smart Tags -Working Together to Protect Privacy”, SPEECH/11/236, at the Privacy and Data Protection Impact Assessment Framework Signing Ceremony, Brussels, 6 April 2011. http://europa.eu/rapid/pressReleasesAction.do?reference=SPEECH/11/236&format=HTML&aged=0&language=en&guiLanguage=en
208. Langevoort, Donald C., “Monitoring: The Behavioral Economics of Corporate Compliance with Law”, Columbia Business Law Review, Vol. 2002, No. 1, pp. 71-118.
209. LaPerrière, René, “The ‘Quebec Model’ of Data Protection: A Compromise Between Laissez-Fair and Public Control in a Technological Era”, in Colin J. Bennett and Rebecca Grant (eds.), Visions of Privacy: Policy Choices for the Digital Age, University of Toronto Press, Toronto, 1999.
210. Leake, Jonathan, “Strip Search: Camera that Sees Through Clothes from 80ft Away”, The Sunday Times, 9 March 2008. http://www.timesonline.co.uk/tol/news/uk/science/article3512019.ece
211. Lee, Norman, and Colin Kirkpatrick, “Evidence-Based Policy-Making in Europe: An Evaluation of European Commission Integrated Impact Assessments”, Impact Assessment and Project Appraisal, Vol. 24, No. 1, 2006, pp. 22-33.
212. Leenes, Ronald, Bert-Jaap Koops and Paul De Hert (eds.), Constitutional Rights and New Technologies: A Comparative Study, T.M.C. Asser Press (Information Technology & Law Series, Vol. 15), The Hague, 2008.
213. Lessig, Lawrence, Code and Other Laws of Cyberspace, Basic Books, New York, 1999.
214. Lewis, Paul, “Big Brother is Watching: Surveillance Box to Track Drivers is Backed”, The Guardian, 31 March 2009. http://www.guardian.co.uk/uk/2009/mar/31/surveillance-transportcommunication-box
215. Lichtblau, Eric, and James Risen, “Bank Data Is Sifted by U.S. in Secret to Block Terrorism”, The New York Times, 23 June 2006.
216. Linden Consulting, Privacy Impact Assessments: International Study of their Application and Effects, prepared for the [UK] Information Commissioner’s Office, October 2007. http://www.ico.gov.uk/upload/documents/library/corporate/research_and_reports/privacy_impact_ assessment_international_study.011007.pdf
217. Lipton, Eric, “Bowing to Critics, U.S. to Alter Design of Electronic Passports”, The New York Times, 27 April 2005. http://www.nytimes.com/2005/04/27/politics/27passport.html?scp= 11&sq=biometric+passport&st=nyt
218. Lupia, Arthur, and Mathew D. McCubbins, The Democratic Dilemma: Can Citizens Learn What They Need to Know?, Cambridge University Press, New York, 1998.
219. Lyon, David (ed.), Surveillance as Social Sorting: Privacy, Risk, and Digital Discrimination, Routledge, London, 2003.
220. MacDonald, Reagan, “EESC Condemns Body Scanners as a Breach of Fundamental rights”, EDRigram, 23 February 2011, Number 9.4, sub 2. www.edri.org.
221. Maiese, Michelle, “Principles of Justice and Fairness”, Beyond Intractability.org, July 2003. http://www.beyondintractability.org/essay/principles_of_justice/
222. Majone, Giandomenico, “From the Positive to the Regulatory State”, Journal of Public Policy, Vol. 17, No. 2, May 1997, pp. 139-167.
223. Management Board Secretariat, Government of Ontario, Privacy Impact Assessment: A User’s Guide, 1999, revised 2001. http://www.accessandprivacy.gov.on.ca/english/pia/index.html
224. Marks, Paul, "‘Pre-crime’ Detector Shows Promise”, New Scientist, 23 September 2008. http://www.newscientist.com/blogs/shortsharpscience/2008/09/precrime-detector-is-showing-p.html
225. Marx, Gary T., “Ethics for the New Surveillance”, The Information Society, Vol. 14, 1998, pp. 171-185.
226. Marx, Gary T., “Identity and Anonymity: Some Conceptual Distinctions and Issues for Research”, in J. Caplan and J. Torpey (eds.), Documenting Individual Identity, Princeton University Press, Princeton, NJ, 2001.
227. Marx, Gary T., “What’s New About the ‘New Surveillance’? Classifying for Change and Continuity”, Surveillance & Society, Vol. 1, No. 1, 2002, pp. 9-29. http://www.surveillanceand-society.org/journalv1i1.htm
228. Marx, Gary T., “Turtles, Firewalls, Scarlet Letters and Vacuum Cleaners: Rules about Personal Information”, in W. Aspray and P. Doty (eds.), Making Privacy, Scarecrow Press, Lanham, MD, 2011.
229. Mashaw, Jerry L., “Norms, Practices, and the Paradox of Difference: A Preliminary Inquiry into Agency Statutory Interpretation”, Administrative Law Review, Vol. 57, No. 2, 2005.
230. Maurer, Robert, One Small Step Can Change Your Life: The Kaizen Way, Workman, New York, 2004.
231. Medicare Australia, “Privacy Impact Assessment (PIA) -Increased MBS Compliance Audits”, Canberra, 28 April 2009. http://www.health.gov.au/internet/main/publishing.nsf/Content/C010759A8FB2E35DCA25759300011241/$File/Privacy%20Impact%20Assessment% 20for%20the%20IMCA%20initiative.pdf
232. Meingast, Marci, Jennifer King and Deirdre K. Mulligan, “Embedded RFID and Everyday Things: A Case Study of the Security and Privacy Risks of the U.S. e-Passport”, Proceedings of IEEE International Conference on RFID, 2007, pp. 4-5. http://www.truststc.org/pubs/157/Meingast_ King_Mulligan_RFID2007_Final.pdf
233. Meyer, JohnW., and Brian Rowan, “Institutionalized Organizations: Formal Structure as Myth and Ceremony”, American Journal of Sociology, Vol. 83, 1977, pp. 340-363.
234. Ministry of Citizens’ Services [British Colombia], Privacy Impact Assessment Process webpage. http://www.cio.gov.bc.ca/cio/priv_leg/foippa/pia/pia_index.page
235. Ministry of Justice, Undertaking Privacy Impact Assessments: The Data Protection Act 1998, London, 2010. http://www.justice.gov.uk/guidance/docs/pia-guidance-08-10.pdf
236. Monaghan, Angela, “EU Laws to Cost UK £184bn by 2010, Think Tank Says”, The Telegraph, 21 December 2009. http://www.telegraph.co.uk/news/worldnews/europe/6859987/EU-lawsto-cost-UK-184bn-by-2010-think-tank-says.html
237. Monahan, Torin (ed.), Surveillance and Security: Technological Politics and Power in Everyday Life, Routledge, New York, 2006.
238. Moor, James H., “What is Computer Ethics?", in Terrell Ward Bynum (ed.), Computers & Ethics, Blackwell, 1985, pp. 266-275.
239. Moor, James H., “Why we need better ethics for emerging technologies”, Ethics and Information Technology, Vol. 7, No. 3, September 2005, pp. 111-119.
240. Mowbray, Alastair, “The Creativity of the European Court of Human Rights”, Human Rights Law Review, Vol. 5, No. 1, 2005, pp. 57-79.
241. Munday, Roderick, “In theWake of ‘Good Governance’: Impact Assessments and the Politicisation of Statutory Interpretation”, The Modern Law Review, Vol. 71, No. 3, 2008, pp. 385-412.
242. Myslewski, Rik, “Apple Tweaks Privacy Policy to Juice Location Tracking”, The Register, 22 June 2010. http://www.theregister.co.uk/2010/06/22/apple_location_terms_and_conditions/
243. Nardell, Gordon, “Levelling up: Data Privacy and the European Court of Human Rights”, in Serge Gutwirth, Yves Poullet and Paul De Hert (eds.), Data Protection in a Profiled World, Springer, Dordrecht, 2010, pp. 43-52.
244. National Audit Office, Better Regulation: Making Good Use of Regulatory Impact Assessments, HC 329 2001-2, NAO, London, 2001-2.
245. National Audit Office, Evaluation of Regulatory Impact Assessments Compendium Report 2003-04, HC 358 2003-4, NAO, London, 2004.
246. National Audit Office, Evaluation of Regulatory Impact Assessments Compendium Report 2004-05, HC 341 2004-5, NAO, London, 2005.
247. National Audit Office, Evaluation of Regulatory Impact Assessments Compendium Report 2005-06, HC 1305 2005-6, NAO, London, 2006.
248. National Audit Office, Assessing the Impact of Proposed New Policies, Report by the Comptroller and Auditor General, HC 185 Session 1010-11, NAO, London, 1 July 2010. http://www.nao. org.uk/publications/1011/impact_assessments.aspx
249. National Commission on Terrorist Attacks upon the United States, Tenth Public Hearing: Law Enforcement and the Intelligence Committee, Testimony of Attorney General John Ashcroft, 13 April 2004. http://www.9-11commission.gov/hearings/hearing10/ashcroft_statement.pdf
250. National Institute for Standards and Technology (NIST), Risk Management Guide for Information Technology Systems, Recommendations of the National Institute of Standards and Technology, NIST Special Publication 800-30, July 2002.
251. National Policing Improvement Agency (NPIA), Police National Database -Privacy Impact Assessment Report, National Policing Improvement Agency, London, 2009. http://www.npia. police.uk/en/docs/Privacy_Impact_Assessment.pdf
252. National Research Council, Committee on Risk Perception and Communications, Improving Risk Communication, National Academy Press, Washington, DC, 1989. http://www.nap.edu/openbook.php?record_id=1189&page=R1
253. New Zealand Privacy Commissioner, “A Compilation of Materials in Relation to Privacy Impact Assessment”, NZPC, 1997.
254. Nissenbaum, Helen, “Values in the Design of Computer Systems”, Computers in Society, Vol. 28, No. 1, March 1998, pp. 38-39.
255. Nissenbaum, Helen, “Privacy as Contextual Integrity”, Washington Law Review, Vol. 79, No. 1, 2004, pp. 101-139. http://www.nyu.edu/projects/nissenbaum/main_cv.html
256. Nissenbaum, Helen, Privacy in Context: Technology, Policy, and the Integrity of Social Life, Stanford University Press, Stanford, CA, 2010.
257. Northern Territory Information Commissioner, “ALRC Review of Privacy: Submissions on Issues Paper 31", January 2007.
258. Office for National Statistics (ONS), Report of a Privacy Impact Assessment Conducted by the Office for National Statistics in Relation to the 2011 Census England and Wales, London, 2009. http://www.ons.gov.uk/census/2011-census/2011-census-project/commitmentto-confidentiality/privacy-impact-assessment--pia--on-2011-census.pdf
259. Office of Management and Budget, Making Sense of Regulation: 2001 Report to Congress on the Costs and Benefits of Regulations and Unfunded Mandates on State, Local and Tribe Entities, OMB, Washington, DC, 2001.
260. Office of Management and Budget, Fiscal Year 2009 Report to Congress on Implementation of The Federal Information Security Management Act of 2002. http://www.whitehouse.gov/sites/default/files/omb/assets/egov_docs/FY09_FISMA.pdf
261. Office of Management and Budget, OMB Guidance for Implementing the Privacy Provisions of the E-Government Act of 2002, 26 September 2003. http://www.whitehouse.gov/omb/memoranda/m03-22.html
262. Office of the Australian Privacy Commissioner, “The Use of Data Matching in Commonwealth Administration -Guidelines”, 1992, revised February 1998. http://www.privacy.gov.au/publications/dmcomadmin.pdf
263. Office of the Australian Privacy Commissioner (OAPC), Privacy and Public Key Infrastructure: Guidelines for Agencies using PKI to Communicate or Transact with Individuals, December 2001. http://www.privacy.gov.au/materials/types/download/8809/6609
264. Office of the Australian Privacy Commissioner, Submission to the Joint Committee of Public Accounts and Audit (JCPAA) on Management and Integrity of Electronic Information in the Commonwealth, January 2003. http://www.privacy.gov.au/publications/jcpaasubs.doc
265. Office of the Australian Privacy Commissioner, Privacy Impact Assessment Guide, August 2006. http://www.privacy.gov.au/publications/PIA06.pdf
266. Office of the Australian Privacy Commissioner, “Privacy Impact Assessment Guide”, August 2006. http://www.privacy.gov.au/publications/PIA06.pdf. Revised version, May 2010. http://www.privacy.gov.au/materials/types/download/9509/6590
267. Office of the Information and Privacy Commissioner for British Columbia, Privacy Impact Assessment Template, Victoria, BC, 2008. http://www.oipc.bc.ca/index.php?option= com_content&view=article&catid=16%3Aresources-for-public-bodies&id=80%3Apublicsector-g-privacy-impact-assessment-pia&Itemid=76
268. Office of the Information and Privacy Commissioner for British Columbia, 2009-2010 Annual Report, July 2010.
269. Office of the Information and Privacy Commissioner (OIPC) of Alberta, PIAs, Registry. http://www.oipc.ab.ca/pages/PIAs/Registry.aspx. Recent PIA summaries are on the What’s New page. http://www.oipc.ab.ca/pages/PIAs/WhatsNew.aspx
270. Office of the Information and Privacy Commissioner (OIPC) of Alberta, “Commissioner Accepts Privacy Impact Assessment for the Alberta Security Screening Directive”, Press release, 16 January 2003. http://www.oipc.ab.ca/pages/NewsReleases/default.aspx?id=519
271. Office of the Information and Privacy Commissioner (OIPC) of Alberta, Investigation Report F2003-IR-005, Edmonton Police Service, 6 August 2003. http://www.oipc.ab.ca/downloads/documentloader.ashx?id=2081
272. Office of the Information and Privacy Commissioner (OIPC) of Alberta, Privacy Impact Assessment Requirements for Use with the Health Information Act. http://www.oipc.ab.ca/Content_Files/Files/PIAs/PIA_Requirements_2010.pdf
273. Office of the Information and Privacy Commissioner (OIPC) of Ontario and the United States Department of Justice, Office of Justice Programs, Privacy Impact Assessment for Justice Information Systems, August 2000. http://www.ipc.on.ca/English/Resources/Discussion-Papers/Discussion-Papers-Summary/?id=326
274. Office of the Privacy Commissioner, Privacy Impact Assessment Guide, Sydney, NSW, August 2006, revised May 2010. http://www.privacy.gov.au.
275. Office of the Privacy Commissioner of Canada (OPC), “A Citizen Profile in All But Name-HRDC’s Longitudinal Labour Force File”, in Annual Report to Parliament, Cat. No. IP 30-1/2000, Minister of Public Works and Government Services Canada, Ottawa, 2000.
276. Office of the Privacy Commissioner of Canada (OPC), Fact Sheet on Privacy Impact Assessment. http://www.priv.gc.ca/fs-fi/02_05_d_33_e.cfm
277. Office of the Privacy Commissioner of Canada (OPC), Assessing the Privacy Impacts of Programs, Plans, and Policies, Audit Report, Ottawa, 2007. www.privcom.gc.ca
278. Office of the Privacy Commissioner of Canada (OPC), Annual Report to Parliament 2008, Report on the Privacy Act.http://www.priv.gc.ca/information/ar/200809/200809_pa_e.cfm
279. Office of the Privacy Commissioner of Canada (OPC), Letter in response to the Privacy Impact Assessment (PIA) completed by the Canadian Air Transport Security Authority (CATSA) in anticipation of the deployment of millimetre wave (MMW) screening technology at selected Canadian airport, October 2009. http://www.priv.gc.ca/pia-efvp/let_20100108_e.cfm
280. Office of the Privacy Commissioner of Canada (OPC), Audit of the Passenger Protect Program, Transport Canada, November 2009. http://www.priv.gc.ca/information/pub/ar-vr/ar-vr_ppp_ 200910_e.cfm
281. Office of the Privacy Commissioner of Canada (OPC), “Message from the Privacy Commissioner of Canada” [regarding 2008-9] Contribution of Priorities to the Strategic Outcome. http://www.tbs-sct.gc.ca/dpr-rmr/2008-2009/inst/nd6/nd601-eng.asp
282. Office of the Privacy Commissioner of Canada (OPC), Investigation finds that RCMP handled polling appropriately, Report of Findings, Complaint under the Privacy Act. http://www.priv. gc.ca/cf-dc/pa/2009-10/pa_20091216_e.cfm
283. Office of the Victorian Privacy Commissioner (OVPC), “Privacy Impact Assessments -A Guide”, August 2004.
284. Office of the Victorian Privacy Commissioner (OVPC), “Submission to the Commonwealth Senate Legal and Constitutional Committee on its Inquiry into the Privacy Act 1988 (Cth)", March 2005. http://www.privacy.vic.gov.au/dir100/priweb.nsf/download/ED6E90678C836311CA2570110019833A/$FILE/Sen%20Leg%20Con%20Ctte%20sub.pdf
285. Office of the Victorian Privacy Commissioner (OVPC), Privacy Impact Assessments -A guide for the Victorian Public Sector, Edition 2, Melbourne, April 2009. http://www.privacy.vic.gov.au/privacy/web2.nsf/pages/publication-types?opendocument&Subcategory=Guidelines&s=2
286. Office of the Victorian Privacy Commissioner (OVPC), Accompanying Guide -A guide to completing Parts 3 to 5 of your Privacy Impact Assessment Report, Melbourne, April 2009. http://www.privacy.vic.gov.au/privacy/web2.nsf/pages/publication-types? opendocument&Subcategory=Guidelines&s=2
287. Office of the Victorian Privacy Commissioner (OVPC), Privacy Impact Assessment Report template, Melbourne, April 2009. http://www.privacy.vic.gov.au/privacy/web2.nsf/files/privacyimpact-assessment-report-template
288. Ontario Information and Privacy Commissioner (OIPC), Privacy Guidelines for RFID Information Systems, June 2006.
289. Ontario Information and Privacy Commissioner (OIPC), Privacy by Design, Toronto, 2009. http://www.ipc.on.ca/images/Resources/privacybydesign.pdf
290. Oracle, “Oracle Welcomes New EU Policy on e-Inclusion”. http://www.oracle.com/us/corporate/european-union/new-e-inclusion-policy-070508.html
291. Organisation for Economic Co-operation and Development (OECD), Guidelines Governing the Protection of Privacy and Transborder Flows of Personal Data, OECD, Paris, 23 Sept 1980. http://www.oecd.org/document/18/0,3343, en_2649_34255_1815186_1_1_1_1,00.html
292. Organisation for Economic Co-operation and Development (OECD), Recommendation on Improving the Quality of Government Regulation, OECD, Paris, 1995.
293. Organisation for Economic Co-operation and Development (OECD), The OECD Report on Regulatory Reform: Synthesis, OECD, Paris, 1997.
294. Organisation for Economic Co-operation and Development (OECD), “Regulatory Performance: Ex Post Evaluation of Regulatory Tools and Institutions”, Working Party on Regulatory Management and Reform, Draft Report by the Secretariat, OECD, Paris, 2004.
295. Organisation for Economic Co-operation and Development (OECD), RFID Guidance and Reports, OECD Digital Economy Papers, No. 150, OECD Publishing, Paris, 2008.
296. Organisation for Economic Co-operation and Development (OECD), Risk and Regulatory Policy: Improving the Governance of Risk, OECD Directorate for Public Governance and Territorial Development, Paris, April 2010.
297. Orlikowski, Wanda J., and C. Suzanne Iacono, “Research Commentary: Desperately Seeking the “IT” in IT Research-A Call to Theorizing the IT Artifact”, Information Systems Research, Vol. 12, No.2, June 2001, pp. 121-134.
298. Oxford Internet Institute, “Me, My Spouse and the Internet: Meeting, Dating and Marriage in the Digital Age”, January 2008. http://www.oii.ox.ac.uk/research/projects/?id=47.
299. Palm, Elin, and Sven Ove Hansson, “The Case for Ethical Technology Assessment (eTA)", Technological Forecasting & Social Change, Vol. 73, 2006, pp. 543-558.
300. Payment Card Industry Security Standards Council, Payment Card Industry Data Security Standard. https://www.pcisecuritystandards.org/security_standards/pci_dss_download.html.
301. Pearson, S., “Trusted Computing: Strengths, Weaknesses and Further Opportunities for Enhancing Privacy, Trust Management”, in Peter Herrmann, Valérie Issarny and Simon Shiu (eds.), iTrust 2005, Proceedings, Lecture Notes in Computer Science, 3477/2005, Springer, Dordrecht, 2005, pp. 305-320
302. Pearson, S., and A. Charlesworth, “Accountability as a Way Forward for Privacy Protection in the Cloud”, in M.G. Jaatun, G. Zhao and C. Rong (eds.), CloudCom 2009: Proceedings, Lecture Notes in Computer Science, 5931/2009, Springer, Dordrecht, 2009, pp. 131-144.
303. Peev, Gerri, “Labour in Retreat as ID Card Plan is Axed”, The Scotsman, 1 July 2009. http://thescotsman.scotsman.com/uk/Labour-in-retreat-as-.5415982.jp
304. Pfeffer, Jeffrey, and Gerald Salancik, The External Control of Organizations: A Resource Dependence Perspective, Harper and Row, London, 1978.
305. Phillips, David, and Michael Curry, “Privacy and the Phenetic Urge: Geodemographics and the Changing Spatiality of Local Practice”, in David Lyon (ed.), Surveillance as Social Sorting: Privacy, Risk, and Digital Discrimination, Routledge, London, 2003.
306. Privacy and Data Protection Impact Assessment Framework for RFID Applications, 12 January 2011. http://cordis.europa.eu/fp7/ict/enet/policy_en.html
307. Privacy Commissioner of Canada, Assessing the Privacy Impacts of Programs, Plans, and Policies, Audit Report, October 2007. http://www.priv.gc.ca/information/pub/ar-vr/pia_200710_e.cfm
308. Privacy NSW, “Submission on the Review of the Privacy and Personal Information Protection Act 1998", 24 June 2004. http://www.lawlink.nsw.gov.au/lawlink/privacynsw/ll_pnsw.nsf/vwFiles/sub_ppipareview.pdf/$file/sub_ppipareview.pdf#target=%27_blank%27
309. Privacy NSW, “Submission in response to the Review of Privacy Issues Paper of the Australian Law Reform Commission” Privacy NSW, February 2007. http://www.lawlink.nsw.gov.au/lawlink/privacynsw/ll_pnsw.nsf/vwFiles/sub_alrc2007.pdf/$file/sub_alrc2007.pdf
310. Province of BC, “Privacy Impact Assessments: Mitigating Risks -Maximizing Benefits”, Presentation for Private Sector Privacy in a Changing World, PIPA Conference 2007, Vancouver, 20-21 September 2006. http://www.verney.ca/pipa2007/presentations/420.pdf
311. Queensland Government Chief Information Officer (QGCIO), “Information Standard No 42 -Information Privacy”, 2001. http://www.qgcio.qld.gov.au/SiteCollectionDocuments/Architecture%20and%20Standards/Information%20Standards/Current/is42.pdf
312. Queensland Government Chief Information Officer, “Information Standard No 42A -Information Privacy for the Queensland Department of Health”, 2001. http://www.qgcio.qld.gov.au/SiteCollectionDocuments/Architecture%20and%20Standards/Information%20Standards/Current/is42a.pdf
313. Queensland Government Chief Information Office, “Queensland Government Information Security Classification Framework”, Version 1.0.1, April 2008. http://www.qgcio.qld.gov.au/SiteCollectionDocuments/Architecture%20and%20Standards/QGISCF%20v1.0.1.doc
314. Queensland Transport and Main Roads, “New Queensland Driver Licence -Privacy Impact Assessment”, 30 September 2010. http://www.tmr.qld.gov.au/~/media/7496f017-55bb-4853-8c7b-da9150800707/new_qld_licence:privacy_impact_assess.pdf
315. Raab, Charles, “Privacy, Social Values, and the Public Interest”, Politische Vierteljahresschrift, Special Issue 46(2011) on “Politik und die Regulierung von Information”.
316. Raab, Charles, Kirstie Ball, Steve Graham, David Lyon, David Murakami Wood and Clive Norris, The Surveillance Society -An Update Report on Developments Since the 2006 Report on the Surveillance Society, Information Commissioner’s Office, Wilmslow, Cheshire, November 2010. http://www.ico.gov.uk/news/current_topics.aspx
317. Radaelli, Claudio M., “Diffusion Without Convergence: How Political Context Shapes the Adoption of Regulatory Impact Assessment”, Journal of European Public Policy, Vol. 12, No. 5, 2005, pp. 924-943.
318. Rallo Lombarte, Artemi, “El derecho al olvido y su protección”, Fundación Telefónica, Revista TELOS, No. 85, October-December 2010, pp. 104-108.
319. Råman, Jari, “European Court of Human Rights: Failure to Take Effective Information Security Measures to Protect Sensitive Personal Data Violates Right to Privacy -I v. Finland, no. 20511/03, 17 July 2008", Computer Law & Security Report, Vol. 24, No. 6, 2008, pp. 562-564.
320. Randerson, James, “Eye in the Sky: Police Use Drone to Spy on V Festival”, The Guardian, 21 August 2007. http://www.guardian.co.uk/uk_news/story/0,,2152983,00.html
321. Reding, Viviane, Vice-President of the European Commission responsible for Justice, Fundamental Rights and Citizenship, “Towards a True Single Market of Data Protection”, SPEECH/10/386, Meeting of the Article 29Working Party re “Review of the Data Protection Legal Framework”, Brussels, 14 July 2010. http://europa.eu/rapid/pressReleasesAction.do?reference=SPEECH/10/386
322. Regan, Priscilla M., Legislating Privacy: Technology, Social Values, and Public Policy, University of North Carolina Press, Chapel Hill, NC, 1995.
323. Regulatory Policy Committee, Reviewing Regulation: An Independent Report on the Analysis Supporting Regulatory Proposals, December 2009 -May 2010, RPC, London, July 2010. http://regulatorypolicycommittee.independent.gov.uk/rpc/wp-content/uploads/2010/08/RPC-Report-Final-Version-August-2010.pdf
324. Reidenberg, Joel R., “Lex Informatica: The Formulation of Information Policy Rules through Technology”, Texas Law Review, Vol. 76, No. 3, February 1998, pp. 553-584.
325. Renda, Andrea, Impact Assessment in the EU: The State of the Art and the Art of the State, CEPS, Brussels, 1 January 2006.
326. Renn, Ortwin, Risk Governance, Earthscan, London, 2008.
327. Richards, Jonathan, “Top officials to be held to account for data losses”, The Times, 22 April 2008. http://technology.timesonline.co.uk/tol/news/tech_and_web/article3797278.ece
328. Robinson, N., H. Graux, M. Botterman and L. Valeri, Review of the European Data Protection Directive, Information Commissioner’s Office, Wilmslow, 2009. http://www.ico.gov.uk/upload/documents/library/data_protection/detailed_specialist_guides/review_of_eu_dp_ directive.pdf
329. Rössler, Beate, “Soziale Dimensionen des Privaten”, Politische Vierteljahresschrift, Special Issue 46 (2011) on “Politik und die Regulierung von Information”.
330. Royal Canadian Mounted Police (RCMP), Privacy Impact Assessment Executive Summaries. http://www.rcmp-grc.gc.ca/pia-efvp/index-eng.htm
331. Saarenpää, Ahti, “The Importance of Information Security in Safeguarding Human and Fundamental Rights”, Stockholm, 18 November 2008.
332. Salinger & Co, “Privacy Impacts of the Anti-Money Laundering and Counter-Terrorism Financing Bill and Rules, 2006, A Privacy Impact Assessment for the Australian Government Attorney-General’s Department”, 15 September 2006. http://www.ag.gov.au/www/agd/rwpattach.nsf/VAP/(CFD7369FCAE9B8F32F341DBE097801FF)~88Privacy+impact+assessment+aml-06. pdf/$file/88Privacy+impact+assessment+aml-06.pdf
333. Sample, Ian, “Security Firms Working on Devices to Spot Would-be Terrorists in Crowd”, The Guardian, 9 August 2007. http://www.guardian.co.uk/science/2007/aug/09/terrorism
334. Sample, Ian, “Government Abandons Lie Detector Tests for Catching Benefit Cheats”, The Guardian, 9 November 2010. http://www.guardian.co.uk/science/2010/nov/09/lie-detectortests-benefit-cheats
335. Sax, Joseph L., “The (Unhappy) Truth About NEPA”, Oklahoma Law Review, Vol. 26, May 1973, pp. 239-278.
336. Schaar, Peter, “Privacy by Design”, Identity in the Information Society, Vol. 3, No. 2, April 2010, pp. 267-274.
337. Scheinin, Martin, Presentation at the INEX Roundtable on Body Scanners, Brussels, 27 January 2011. http://www.ceps.eu/event/roundtable-body-scanners
338. Schmid, Viola, “Radio Frequency Identification Law Beyond 2007", in Christian Floerkemeier, Marc Langheinrich, Elgar Fleisch, Friedemann Mattern and Sanjay E. Sarma (eds.), The Internet of Things, Proceedings of IOT 2008, LNCS 4952, Springer-Verlag, Berlin, 2008.
339. Schoeman, Ferdinand D. (ed.), Philosophical Dimensions of Privacy: An Anthology, Cambridge University Press, Cambridge, UK, 1984.
340. Schwartz, Paul, “Data Processing and Government Administration: The Failure of the American Legal Response to the Computer”, Hastings Law Journal, Vol. 43, 1992, pp. 1321-1399.
341. ScienceDaily, “Intelligent Surveillance System to Detect Aberrant Behavior by Drivers and Pedestrians”, 21 September 2009. http://www.sciencedaily.com/releases/2009/09/090918100010.htm
342. Scott, W. Richard, Organizations: Rational, Natural and Open Systems, fourth edition, Prentice Hall, Englewood Cliffs, NJ, 1998.
343. Senate Committee on Homeland Security and Governmental Affairs, “Government Privacy Protections Fall Short, Lieberman Calls for Leadership, Greater Commitment of Resources”, Press release, Washington, DC, 30 July 2003. http://hsgac.senate.gov/public/index. cfm?FuseAction=Press.MajorityNews&ContentRecord_id=96af45f1-8460-4a3b-aea0-7ef37c689403&Region_id=&Issue_id
344. Senate Committee on Homeland Security and Governmental Affairs, “DHS Violates Privacy Impact Requirements with US Visit Technology”, Press release, Washington, DC, 4 December 2003. http://hsgac.senate.gov/public/index.cfm?FuseAction=Press. MajorityNews&ContentRecord_id=8103bcce-8436-4e87-82f4-fe04642e6db2&Region_id= &Issue_id=
345. Senate Community Affairs Legislation Committee, “Healthcare Identifiers Bill 2010 and Healthcare Identifiers (Consequential Amendments) Bill 2010", Report, March 2010. http://www.aph.gov.au/senate/committee/clac_ctte/healthcare_identifier/report/index.htm
346. Senate Finance and Public Administration Committee (SFPAC), “Human Services (Enhanced Service Delivery) Bill 2007 [Provisions]”, March 2007. http://www.aph.gov.au/senate/committee/fapa_ctte/access_card/report/index.htm
347. Senate Finance and Public Administration Committee, “Australian Privacy Principles -Exposure Draft”, June 2010. http://www.aph.gov.au/Senate/committee/fapa_ctte/priv_exp_drafts/guide/exposure_draft.pdf
348. Senate Standing Committee on Legal and Constitutional Affairs, “Provisions of the Anti-Money Laundering and Counter-Terrorism Financing Bill 2006, and the Anti-Money Laundering and Counter-Terrorism Financing (Transitional Provisions and Consequential Amendments) Bill 2006", Report, November 2006, Chapter 4. http://www.aph.gov.au/senate/committee/legcon_ ctte/completed_inquiries/2004-07/aml_ctf06/report/index.htm
349. Service Alberta, FOIP Guidelines and Practices (2009), section 9.3 Privacy Impact Assessments. http://www.servicealberta.gov.ab.ca/foip/documents/chapter9.pdf
350. Simitis, Spiros, “Reviewing Privacy in an Information Society”, University of Pennsylvania Law Review, Vol. 135, No. 3, 1987, pp. 707-746.
351. Sollie, Paul, “Ethics, Technology Development and Uncertainty: An Outline for Any Future Ethics of Technology”, Journal of Information, Communications & Ethics in Society, Vol. 5, No. 4, 2007, pp. 293-306.
352. Sollie, Paul, and Marcus Düwell, Evaluating New Technologies: Methodological Problems for the Ethical Assessment of Technology Developments, Springer, Dordrecht, 2009.
353. Solove, Daniel J., “A Taxonomy of Privacy”, University of Pennsylvania Law Review, Vol. 154, No. 3, January 2006, pp. 477-560.
354. Solove, Daniel, Understanding Privacy, Harvard University Press, Cambridge, MA, 2008.
355. South Australian Department of Health (SADOH), Code of Fair Information Practice, July 2004. http://www.health.sa.gov.au/Portals/0/Health-Code-July04.pdf
356. South Australian Department of Premier and Cabinet, Cabinet Administrative Instruction No. 1 of 1989: PC012 -Information Privacy Principles Instruction, 1989. http://www.premcab.sa.gov. au/pdf/circulars/Privacy.pdf
357. Special Committee to Review the Freedom of Information and Protection of Privacy Act, Legislative Assembly of BC, Report, May 2010. http://www.leg.bc.ca/cmt/39thparl/session-2/foi/reports/PDF/Rpt-FOI-39-2-Rpt-2010-MAY-31.pdf
358. Spiekermann, Sarah, User Control in Ubiquitous Computing: Design Alternatives and User Acceptance, Shaker Verlag, Aachen, 2008.
359. Spiekermann, Sarah, PIA II -A Proposal for a Privacy Impact Assessment Framework for RFID Applications, Vienna University of Economics and Business, 2011. http://cordis.europa.eu/fp7/ict/enet/policy_en.html.Published there under the title: German Industry Alternative Proposal on the RFID Privacy and Data Protection Impact Assessment Framework [21 October 2010].
360. Spiekermann, Sarah, and Lorrie Faith Cranor, “Engineering Privacy”, IEEE Transactions on Software Engineering, Vol. 35, No. 1, January/February 2009, pp. 67-82.
361. State of New York Public Service Commission, Privacy Policy Statement No. 1: A Privacy Impact Statementin “Statement of Policy on Privacy in Telecommunications”, 22 March 1991, reprinted in Longworth Associates, Telecommunications and Privacy Issues: Report for the Ministry of Commerce, Wellington, 1992.
362. Steering Committee for Human Rights (Cddh), Committee of Experts for the Development of Human Rights (DH-DEV), Working Group on the Environment (GT-DEV-ENV), Decisionmaking Process in Environmental Matters and Public Participation in Them, Draft nr. GT-DEV-ENV(2011)_Draft_11_PII-SecA-ChV, Strasbourg, 21 December 2010. http://www.coe.int/t/e/human_rights/cddh/3._committees/07.%20other%20committees%20and% 20working%20groups/08.gt-dev-env/working%20docs/GT-DEV-ENV_2011__Draft_11_PIISecA-ChV.pdf
363. Stern, Paul C., and Harvey V. Fineberg (eds.), Understanding Risk: Informing Decisions in a Democratic Society, Committee on Risk Characterization, National Research Council, National Academy Press, Washington, DC, 1996.
364. Stewart, Blair, “Privacy impact assessments”, Privacy Law and Policy Reporter, Vol. 3, No. 4, July 1996. http://www.austlii.edu.au/au/journals/PLPR/1996/39.html
365. Stewart, Blair, “PIAs -an early warning system”, Privacy Law and Policy Reporter, Vol. 3, No. 7, October/November 1996. http://www.austlii.edu.au/au/journals/PLPR/1996/65.html
366. Stewart, Blair, “Privacy Impact Assessment Towards a Better Informed Process for Evaluating Privacy Issues Arising from New Technologies”, Privacy Law and Policy Reporter, Vol. 5, No. 8, February 1999. http://www.austlii.edu.au/au/journals/PLPR/1999/8.html
367. Stewart, Blair, “Privacy Impact Assessment: Some Approaches, Issues and Examples”, 2002. http://jeb.cerps.org.tw/files/JEB2002-009.pdf Stewart, Blair, “Privacy Impact Assessment Roundup”, Privacy Law & Policy Reporter, Vol. 9, No. 5, September 2002. http://www.austlii.edu.au/au/journals/PLPR/2002/index.html
368. Stewart, Blair, Privacy Impact Assessment Handbook, Office of the Privacy Commissioner, Auckland, March 2002, revised June 2007.
369. Stoneburner, Gary, Alice Goguen and Alexis Feringa, National Institute for Standards and Technology (NIST), Risk Management Guide for Information Technology Systems, Recommendations of the National Institute of Standards and Technology, NIST Special Publication 800-30, July 2002.
370. Swire, Peter, “The Administration Response to the Challenges of Protecting Privacy”, Draft, 8 January 2000. www.peterswire.net/stanford7.doc
371. Tancock, David, Siani Pearson and Andrew Charlesworth, The Emergence of Privacy Impact Assessments, HP Labs Technical Report (HPL-2010-63), 2010. http://www.hpl.hp.com/techreports/2010/HPL-2010-63.html
372. Tancock, David, Siani Pearson and Andrew Charlesworth, “A Privacy Impact Assessment Tool for Cloud Computing”, in Proceedings of the Second IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2010), Indiana University, USA, 30 November-3 December 2010, pp. 667-676. http://ieeexplore.ieee.org/xpl/freeabs_all.jsp? arnumber=5708516
373. Taylor, Serge, Making Bureaucracies Think: The Environmental Impact Statement Strategy of Administrative Reform, Stanford University Press, Stanford, CA, 1984.
374. Tetlock, Philip E., “Accountability: The Neglected Social Context of Judgment and Choice”, in Barry M. Staw and L.L. Cummings (eds.), Research in Organizational Behavior, Vol. 7, 1985, pp. 297-332.
375. The Economist, “Surveillance Technology: If Looks Could Kill”, 23 October 2008. http://www.economist.com/science/displaystory.cfm?story_id=12465303
376. The Inquirer, “Head Taxman Quits After 25 Million Peoples’ Data Lost”, 20 November 2007. http://www.theinquirer.net/gb/inquirer/news/2007/11/20/head-taxman-quits-million.
377. The New York Times, “GPS and Privacy Rights”, Editorial, 14 May 2009. http://www.nytimes.com/2009/05/15/opinion/15fri3.html
378. The Washington Post, “Gallery: Anti-deception technologies”, 18 July 2010. http://projects. washingtonpost.com/top-secret-america/articles/a-hidden-world-growing-beyond-control/
379. Thomas, Richard, and Mark Walport, Data Sharing Review Report, 11 July 2008. www.justice. gov.uk/docs/data-sharing-review-report.pdf
380. Treasury Board of Canada Secretariat, “A Guide to Preparing Treasury Board Submissions”, Ottawa [n.d.]. http://www.tbs-sct.gc.ca/pubs_pol/opepubs/TBM_162/gptbs-gppct09-eng.asp# d4.
381. Treasury Board of Canada Secretariat, Archived -Privacy Impact Assessment Policy, 2 May 2002. http://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=12450§ion=text
382. Treasury Board of Canada Secretariat, Privacy Impact Assessment Guidelines: A Framework to Manage Privacy Risks, Ottawa, 31 August 2002. http://www.tbs-sct.gc.ca/pubs_pol/ciopubs/pia-pefr/paipg-pefrld1-eng.asp
383. Treasury Board of Canada Secretariat, Communications Policy of the Government of Canada, Policy Statement, November 2004. http://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id= 12316§ion=text#sec5.10
384. Treasury Board Secretariat of Canada, Privacy Impact Assessment Audit Guide, as archived. ttp://www.collectionscanada.gc.ca/webarchives/20071211001631/www.tbs-sct.gc.ca/ia-vi/policies-politiques/pia-efvp/pia-efvp_e.asp
385. Treasury Board of Canada Secretariat, A Guide to Preparing Treasury Board Submissions, Ottawa, December 2007. http://www.tbs-sct.gc.ca/pubs_pol/opepubs/tbm_162/gptbs-gppct-eng.asp
386. Treasury Board of Canada Secretariat, Policy on Privacy Protection, Ottawa, April 2008.
387. Treasury Board of Canada Secretariat, Directive on Privacy Impact Assessment, Ottawa, 1 April 2010. http://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=18308§ion=text
388. Treasury Board of Canada Secretariat, Directive on Privacy Practices, Ottawa, April 2010. http://www.tbs-sct.gc.ca/pol/doc-eng.aspx?section=text&id=18309
389. Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein, EuroPrise Criteria, Version 1.0, Kiel, Germany, 2009.
390. UK Border Agency (UKBA), Report of a Privacy Impact Assessment Conducted by the UK Border Agency in Relation to the High Value Data Sharing Protocol Amongst the Immigration Authorities of the Five Country Conference, London, 2009.
391. UK Cabinet Office, Better Policy Making: A Guide to Regulatory Impact Assessment, Regulatory Impact Unit, London, 2003.
392. UK Cabinet Office, Data Handling Procedures in Government: Final Report, London, June 2008. http://www.cabinetoffice.gov.uk/reports/data_handling.aspx
393. UPI, “Chertoff: RFID program to be abandoned”, 9 February 2007.
394. US Department of Health, Education andWelfare, Secretary’s Advisory Committee on Automated Personal Data Systems, Records, Computers and the Rights of Citizens, July 1973. http://epic. org/privacy/hew1973report
395. US Department of Homeland Security, US-VISIT Program, Increment 1, Privacy Impact Assessment, Washington, DC, 18 December 2003. http://www.dhs.gov/xlibrary/assets/privacy/privacy_pia_usvisit_inc1.pdf
396. US Department of Homeland Security, Transportation Security Administration (TSA), Airport Access Control Pilot Project Privacy Impact Assessment, 18 June 2004. http://www.dhs.gov/xlibrary/assets/privacy/privacy_pia_aacpp.pdf
397. US Department of Homeland Security, Privacy Act of 1974; Systems of Records, 1 July 2005. http://www.dhs.gov/xlibrary/assets/privacy/privacy_sorn_usvisit_aidms.pdf
398. US Department of Homeland Security, “Department of Homeland Security Announces Appointments to Data Privacy and Integrity Advisory Committee”, Press release, 23 February 2005. http://www.dhs.gov/xnews/releases/press_release_0625.shtm
399. US Department of Homeland Security, Privacy Impact Assessment for the Naturalization Redesign Test Pilot, 17 January 2007. http://www.dhs.gov/xlibrary/assets/privacy/privacy_pia_uscis_ nrtp.pdf
400. US Department of Homeland Security, Privacy Impact Assessments: The Privacy Office Official Guidance, Washington, DC, June 2010. http://www.dhs.gov/files/publications/gc_ 1209396374339.shtm
401. US Government Printing Office, Protection of Privacy in the DHS Intelligence Enterprise, Hearings before the Subcommittee on Intelligence, Information Sharing, and Terrorism Risk Assessment of the House Homeland Security Committee, 109th Cong, 2d Sess (2006), in CQ Congressional Testimony (statement of Maureen Cooney, Acting Chief Privacy Officer, Department of Homeland Security).
402. van Drooghenbroeck, Sébastien, La proportionalité dans de le droit de la convention européenne des droits de l’homme, Bruylant, Brussels, 2001.
403. Van Gorp, Anke, “Ethics in and During Technological Research: An Addition to IT Ethics and Science Ethics”, in Paul Sollie and Marcus Düwell (eds.), Evaluating New Technologies, Springer Science, Dordrecht, 2009.
404. van Lieshout, Marc, Luigi Grossi, Graziella Spinelli et al., RFID Technologies: Emerging Issues, Challenges and Policy Options, European Commission, Joint Research Centre, Institute for Prospective Technological Studies, Office for Official Publications of the European Communities, Luxembourg, 2007.
405. Vedder, Anton, The Values of Freedom, Aurelia Domus Artium, Utrecht, 1995.
406. Vedder, Anton, and Bart Custers, “Whose Responsibility Is It Anyway? Dealing with the Consequences of New Technologies”, in Paul Sollie and Marcus Düwell (eds.), Evaluating New Technologies, Springer Science, Dordrecht, 2009.
407. Verbeek, Peter-Paul, “The Moral Relevance of Technological Artifacts”, in Paul Sollie and Marcus Düwell (eds.), Evaluating New Technologies, Springer Science, Dordrecht, 2009.
408. Vibert, Frank, The EU’s New System of Regulatory Impact Assessment -A Scorecard, European Policy Forum, London, 2004.
409. Victorian Department of Education and Early Childhood Development, “Privacy Impact Assessment Report: The Ultranet”, Melbourne, 19 March 2010. http://www.eduweb.vic.gov. au/edulibrary/public/ultranet/ultranet-pia.pdf
410. von Schomberg, René, “From the Ethics of Technology Towards an Ethics of Knowledge Policy & Knowledge Assessment”, Working document from the European Commission Services, January 2007.
411. Waldron, Jeremy, Law and Disagreement, Oxford University Press, Oxford, 1999.
412. Walsh, James P., “Managerial and Organizational Cognition: Notes from a Trip Down Memory Lane”, Organization Science, Vol. 6, No. 3, May-June 1995, pp. 280-321.
413. Warren, Adam, Robin Bayley, Colin Bennett, Andrew Charlesworth, Roger Clarke and Charles Oppenheim, “Privacy Impact Assessments: International Experience as a Basis for UK Guidance”, Computer Law & Security Report, Vol. 24, No. 3, 2008, pp. 233-242.
414. Warren, Samuel, and Louis D. Brandeis, “The Right to Privacy”, Harvard Law Review, Vol. IV, No. 5, 15 December 1890.
415. Waters Nigel, “Privacy Impact Assessment -Traps for the Unwary”, Privacy Law & Policy Reporter, Vol. 7, No. 9, February 2001. http://www.austlii.edu.au/au/journals/PLPR/2001/10. html
416. Waters, Nigel, "‘Surveillance-Off’: Beyond Privacy Impact Assessment -Design Principles to Minimize Privacy Intrusion”, Paper for the 16th Annual Privacy Laws and Business International Conference: Transforming Risk Assessment into Everyday Compliance with Data Protection Law, St John’s College, Cambridge, England, 7-9 July 2003.
417. Waters, Nigel, “Getting through Privacy Impact Assessments”, 29th International Conference of Data Protection and Privacy Commissioners, Privacy Impact Assessment Issues and Approaches for Regulators, Workshop Workbook, Montreal, September 2007. http://www.privacyconference2007.gc.ca/workbooks/Terra_Incognita_workbook12_bil.pdf
418. Weiser, Marc, “The Computer for the 21st Century”, Scientific American, Vol. 265, No. 3, September 1991, pp. 94-104.
419. Welsh, Brandon C., and David P. Farrington, Crime Prevention Effects of Closed Circuit Television: A Systematic Review, Home Office Research, Development and Statistics Directorate, August 2002.
420. Westin, Alan, Privacy and Freedom, Atheneum, New York, 1967.
421. Whitman, James Q., “The Two Western Cultures of Privacy: Dignity Versus Liberty”, The Yale Law Journal, Vol. 113, 2004, pp. 1151-1221.
422. Wichelman, Allan F., “Administrative Agency Implementation of the National Environmental Policy Act of 1969: A Conceptual Framework for Explaining Differential Response”, Natural Resources Journal, Vol. 16, 1976, pp. 296-300.
423. Wiener, Norbert, The Human Use of Human Beings: Cybernetics and Society, Houghton Mifflin, New York, 1950.
424. Williams, Rachel, “CCTV Cameras to be Given ‘Ears’", The Guardian, 24 June 2008. http://www.guardian.co.uk/uk/2008/jun/24/ukcrime1
425. Winner, Langdon, “Do Artifacts Have Politics?", in Donald MacKenzie and Judy Wajcman (eds.), The Social Shaping of Technology, second edition, Open University Press, Philadelphia, 1999.
426. Wray, Richard, “T-Mobile Confirms Biggest Phone Customer Data Breach”, The Guardian, 17 November 2009. http://www.guardian.co.uk/uk/2009/nov/17/t-mobile-phone-data-privacy
427. Wright, David, “Should Privacy Impact Assessment Be Mandatory?", Communications of the ACM, Vol. 54, No. 8, August 2011, pp. 121-131.
428. Wright, David, “An Ethical Impact Assessment Framework for Information Technology”, Ethics and Information Technology, Vol. 13, No. 3, 2011.
429. Wright, David, Kush Wadhwa, Paul De Hertand Dariusz Kloza (eds.), “A Privacy Impact Assessment Framework (PIAF) Deliverable D1", A Report of the PIAF Consortium Prepared for the European Commission, September 2011. www.piafproject.eu
430. Yost, Nicolas C., and James W. Rubin, “Administrative Implementation of and Judicial Review under the National Environmental Policy Act”, in Sheldon M. Novick, Donald W. Stever and Margaret G. Mellon (eds.), The Law of Environmental Protection, West Publishing, St. Paul, MN, USA, 2007.
431. BVerfG, 1 BvR 209/83 vom 15.12.1983.
432. BVerfG, 1 BvR 370/07 und 1 BvR 595/07 vom 30.4.2008, “OnlineDurchsuchung”.
433. BVerfGE 65 E 40, “Volkszählung”, Judgment of 15 December 1983.
434. Court of Justice of the European Union, Huber v. Germany, Judgment of 16 December 2008, Case C-524/06.
435. Court of Justice of the European Union, National Farmers Union, Judgment of 5 May 1998, Case no. C-157/96.
436. Court of Justice of the European Union ECJ, Opinion of Advocate General Poiares Maduro in Case C-524/06 (Heinz Huber v Germany), delivered on 3 April 2008.
437. Court of Justice of the European Union, United Kingdom v. Commission, Judgment of 5 May 1998, Case no. C-180/96.
438. ECtHR, A.D. and O.D. v. The United Kingdom, Judgment of 2 April 2010, Application no. 28680/06.
439. ECtHR, Airey v. Ireland, Judgment of 9 October 1979, Series A-32, Application no. 6289/73.
440. ECtHR, Amann v. Switzerland, Judgment of 16 February 2000, Application no. 27798/95, ECHR 2000-II.
441. ECtHR, Ashworth and others v. The United Kingdom, Admissibility decision of 20 January 2004, Application no. 39561/98.
442. ECtHR, Association for European Integration and Human Rights and Ekimdzhiev v. Bulgaria, Judgment of 28 June 2007, Application no. 62540/00.
443. ECtHR, Copland v. The United Kingdom, Judgment of 3 April 2007, Application no. 62617/00.
444. ECtHR, Craxi (no. 2) v. Italy, Judgment of 17 July 2003, Application no. 25337/94.
445. ECtHR, Dudgeon v. The United Kingdom, Judgment of 22 October 1981, Series A-45, Application no. 7525/76.
446. ECtHR, Fägerskiöld v. Sweden, Admissibility Decision of 26 February 2008.
447. ECtHR, Giacomelli v. Italy, Judgment of 2 November 2006, Application no. 59909/00.
448. ECtHR, Guerra and others v. Italy, Judgment of 19 February 1998, Reports 1998-I, Application no. 14967/89.
449. ECtHR, Handyside v. The United Kingdom, Judgment of 7 December 1976, Series A-24, Application no. 5493/72.
450. ECtHR, Hatton v. The United Kingdom, Judgment of 2 October 2001, Application no. 36 022/97.
451. ECtHR, I. v. Finland, Judgment of 17 July 2008, European Human Rights Cases (EHRC), Vol. 9, No. 9, 10 September 2008, pp. 1136-1140, Application no. 20511/03.
452. ECtHR, Iordachi and others v. Moldova, Judgment of 10 February 2009, Application no. 25198/02.
453. ECtHR, Klass and others v. Germany, Judgment of 6 September 1978, Series A-28, Application no. 5029/71.
454. ECtHR, Kruslin v. France, Judgment of 24 April 1990, Series A-176 A, Application no. 11801/85.
455. ECtHR, Lambert v. France, Judgment of 24 August 1998, Reports, 1998 V, Application no. 23618/94.
456. ECtHR, Leander v. Sweden, Judgment of 26 March 1987, Series A-116, Application no. 9248/81.
457. ECtHR, Liberty and others v. The United Kingdom, Judgment of 1 July 2008, Application no. 58243/00.
458. ECtHR, Loizidou v. Turkey (prel. obj.), Judgment of 23 March 1995, Series A-310, Application no. 15318/89.
459. ECtHR, Lopez Ostra v. Spain, Judgment of 9 December 1994, Series A-303-C, Application no. 16798/90.
460. ECtHR, Malone v. The United Kingdom, 2 August 1984, Series A-82, Application no. 8691/79.
461. ECtHR, Marckx v. Belgium, Judgment of 13 June 1979, Series A-31, Application no. 6833/74.
462. ECtHR, Messina v. Italy (no. 2), Judgment of 28 September 2000, ECHR 2000-X, Application no. 25498/94.
463. ECtHR, Olsson v. Sweden, Judgment of 24 March 1988, Series A-130, Application no. 10465/83.
464. District Of Columbia District Court, Electronic Privacy Information Center v. U.S. Transportation Security Administration, Case No. 03-1846, 2006 WL 626925, 2006.
465. E-Government Act of 2002, Pub L No 107-347, 116 Stat 2899, 44 U.S.C. § 101, 2006. http://www.gpo.gov/fdsys/pkg/PLAW-107publ347/content-detail.html
466. E-Government Act of 2002, Pub L No 107-347, 116 Stat 2899, 44 U.S.C. § 3501 note (2000 & Supp 2002). http://www.gpo.gov/fdsys/pkg/PLAW-107publ347/content-detail.html
467. Great Falls Historic District Study Act of 2001, Pub L No 107-59, 115 Stat 407. http://www.gpo. gov/fdsys/pkg/PLAW-107publ59/content-detail.html
468. Homeland Security Act of 2002, Pub L No 107-296, 116 Stat 2135, 2007. http://www.gpo.gov/fdsys/pkg/PLAW-107publ296/content-detail.html
469. Homeland Security Act of 2002, Pub L No 107-296, 116 Stat 2135, 6 U.S.C. § 142, 2007.
470. Homeland Security Act of 2002, Pub L No 107-296, 116 Stat 2135, 6 U.S.C. § 142(a)(6), 2007.
471. Intelligence Reform and Terrorism Prevention Act of 2004, Pub L No 108-458 § 1061(c)(4), 118 Stat 3638, 3884 (2004), 5 U.S.C. § 601 note (2000 & Supp 2004). http://www.gpo.gov/fdsys/pkg/PLAW-108publ458/content-detail.html
472. Intelligence Reform and Terrorism Prevention Act of 2004, Pub L No 108-458, 118 Stat 3638, 3819. http://www.gpo.gov/fdsys/pkg/PLAW-108publ458/content-detail.html
473. National Environmental Policy Act of 1969, Pub L No 91-190, 83 Stat. 852, 42 U.S.C. §§ 4321-4347, 2000.
474. National Environmental Policy Act of 1969, Pub L No 91-190, 83 Stat. 852, 42 U.S.C. § 4332(2)(C), 2000.
475. Protection and enhancement of environmental quality, Executive Order No. 11514, 35 Fed. Reg. 4247, 1970. http://www.archives.gov/federal-register/codification/executive-order/11514.html
476. U.S. Department of Homeland Security, Privacy Act of 1974; Systems of Records, 70 Fed. Reg. 38699-38700, 2005. http://frwebgate2.access.gpo.gov/cgi-bin/PDFgate.cgi? WAISdocID=pU4etl/5/2/0&WAISaction=retrieve
477. U.S. Department of State, Electronic Passport, 70 Fed. Reg. 8305, 2005. http://frwebgate3.access. gpo.gov/cgi-bin/PDFgate.cgi?WAISdocID=o4OYOy/22/2/0&WAISaction=retrieve
478. U.S. Supreme Court, Kleppe v Sierra Club, Case No. 75-552, 427 U.S. 390, 1975. http://supreme. justia.com/us/427/390/