Home  |  Contact info
ENISA-FORTH Summer School on Network and information Security (September 2009, Crete, Greece)
Nis Past & Future:

NIS'11  (27 June - 1 July 2011)

NIS'10  (13-17 Sep 2010)

NIS'08  (15-19 Sep 2008)

Co-organised by:
Program Get the Program in pdf format   Poster Get the Poster in pdf format

 

Mr. David Wright

Mr. David Wright

Bio:
Mr. David Wright is managing partner of Trilateral Research & Consulting, based in London. He has organised and participated in several successful consortia in FP6 and FP7. He was a partner in the SWAMI and STARC projects in FP6 and SENIOR project in FP7. He was principal author and editor of a report on privacy and trust for DG INFSO, delivered in early 2009. He is on the International Advisory Board of iNTeg-RISK, an integrated project on risks in new technologies. He is a member of working group 2 of the FP7 ThinkTrust project, the Living in a Surveillance Society COST action and the European Foresight Monitoring Network. He is the principal author and editor of Safeguards in a World of Ambient Intelligence, a book published by Springer in 2008, and author of many articles in many different peer-reviewed journals. He is also a free-lance researcher on the faculty of the Free University of Brussels (Vrije Universiteit Brussel, VUB).

Should privacy impact assessments be mandatory?

Abstract:
This presentation concerns privacy impact assessments. It argues that the creation of large databases of personal data poses significant risks of privacy intrusion, breaches and losses of personal data as well as the attendant risk of loss of public confidence in our political leaders, governments and industry, which in turn undermines the development of e-government and e-commerce. One way of instilling more trust and optimising the configuration, safety and security of projects or services using personal data is to undertake a privacy impact assessment, which can be regarded as a specialised tool of risk management. A few countries have been using privacy impact assessments in recent years. The paper examines the UK and Canadian approaches to privacy impact assessment. While there are similarities, the UK model is voluntary, whereas the Canadian approach is mandatory. The paper asks: should PIAs be mandatory and, if so, should they be mandatory for government and industry? Are there lessons to be learned from the Canadian experience?

Legal notice