Privacy principles, risks and harms

David Wright, Charles Raab

Research output: Contribution to journalArticlepeer-review

Abstract / Description of output

The protection of privacy is predicated on the individual’s right to privacy and stipulates a number of principles that are primarily focused on information privacy or data protection and, as such, are insufficient to apply to other types of privacy and to the protection of other entities beyond the individual. This article identifies additional privacy principles that would apply to other types of privacy and would enhance the consideration of risks or harms to the individual, to groups and to society as a whole if they are violated. They also relate to the way privacy impact assessment (PIA) may be conducted. There are important reasons for generating consideration of and debate about these principles. First, they help to recalibrate a focus in Europe on data protection to the relative neglect of other types of privacy. Second, it is of critical importance at a time when PIA (renamed ‘data protection impact assessment’, or DPIA) may become mandatory under the European Commission’s proposed Data Protection Regulation. Such assessment is an important instrument for identifying and mitigating privacy risks, but should address all types of privacy. Third, one can construct an indicative table identifying harms or risks to these additional privacy principles, which can serve as an important tool or instrument for a broader PIA to address other types of privacy.
Original languageEnglish
Pages (from-to)277-298
JournalInternational Review of Law, Computers and Technology
Issue number3
Early online date4 Jun 2014
Publication statusPublished - 2 Sept 2014

Keywords / Materials (for Non-textual outputs)

  • privacy principles
  • types of privacy
  • privacy risks
  • privacy impact assessmen
  • surveillance impact assessment


Dive into the research topics of 'Privacy principles, risks and harms'. Together they form a unique fingerprint.

Cite this