Privacy principles, risks and harms

David Wright, Charles Raab

Research output: Contribution to journalArticlepeer-review

Abstract

The protection of privacy is predicated on the individual’s right to privacy and stipulates a number of principles that are primarily focused on information privacy or data protection and, as such, are insufficient to apply to other types of privacy and to the protection of other entities beyond the individual. This article identifies additional privacy principles that would apply to other types of privacy and would enhance the consideration of risks or harms to the individual, to groups and to society as a whole if they are violated. They also relate to the way privacy impact assessment (PIA) may be conducted. There are important reasons for generating consideration of and debate about these principles. First, they help to recalibrate a focus in Europe on data protection to the relative neglect of other types of privacy. Second, it is of critical importance at a time when PIA (renamed ‘data protection impact assessment’, or DPIA) may become mandatory under the European Commission’s proposed Data Protection Regulation. Such assessment is an important instrument for identifying and mitigating privacy risks, but should address all types of privacy. Third, one can construct an indicative table identifying harms or risks to these additional privacy principles, which can serve as an important tool or instrument for a broader PIA to address other types of privacy.
Original languageEnglish
Pages (from-to)277-298
JournalInternational Review of Law, Computers and Technology
Volume28
Issue number3
Early online date4 Jun 2014
DOIs
Publication statusPublished - 2 Sep 2014

Keywords

  • privacy principles
  • types of privacy
  • privacy risks
  • privacy impact assessmen
  • surveillance impact assessment

Fingerprint

Dive into the research topics of 'Privacy principles, risks and harms'. Together they form a unique fingerprint.

Cite this