Loughborough University
Leicestershire, UK
LE11 3TU
+44 (0)1509 263171
Loughborough University

Loughborough University Institutional Repository

Please use this identifier to cite or link to this item: https://dspace.lboro.ac.uk/2134/4481

Title: Privacy Impact Assessments: international experience as a basis for UK guidance
Authors: Warren, Adam P.
Bayley, Robin
Charlesworth, Andrew
Bennett, Colin
Clarke, Roger
Oppenheim, Charles
Issue Date: 2008
Publisher: Elsevier Ltd. / © Adam Warren, Robin Bayley, Andrew Charlesworth, Colin Bennett, Roger Clarke, Charles Oppenheim
Citation: WARREN, A.P. ... et al, 2008. Privacy Impact Assessments: international experience as a basis for UK guidance. Computer Law and Security Report, 24 (3), pp. 233-242
Abstract: In July 2007, the UK Information Commissioner’s Office commissioned a team of researchers, coordinated by Loughborough University, to conduct a study into Privacy Impact Assessments (PIAs). This was with a view to developing PIA guidance for the UK. The project resulted in two key deliverables: a study of the use of PIAs in other jurisdictions, identifying lessons to be learnt for the UK; and a handbook that can be used to guide organisations through the PIA process, taking into account the provisions of the UK Data Protection Act (DPA) 1998. This paper draws on the original research undertaken as part of that assignment to provide an overview of the ICO-funded project and the extent to which PIAs can be used in the current UK context. Firstly, the authors consider the findings of the comparative study and how the UK experience can be informed by developments overseas. Secondly, the paper outlines the development of the handbook during the course of the project and the extent to which it has been influenced by the overseas experience and the current UK political context. Thirdly, aspects of the handbook itself are considered and explained. Particular attention is paid to: its format; its key features; and feedback received on an interim version from a focus group of experienced data protection and project management practitioners. Finally, the paper concludes by stating why the study and the handbook provide appropriate tools for guidance in the current UK context, and how they can be developed further.
Description: This article was subsequently published in the journal Computer Law & Security Report [Elsevier / © The authors]. The definitive version is available at: http://www.sciencedirect.com/science/journal/02673649. Whilst this paper was submitted in response to referee comments, it may not exactly match the final published versions.
Version: Not specified
DOI: 10.1016/j.clsr.2008.03.003
URI: https://dspace.lboro.ac.uk/2134/4481
ISSN: 0267-3649
Appears in Collections:Published Articles (Geography)
Published Articles (Information Science)

Files associated with this item:

File Description SizeFormat
CLSRpaper_revd_280208.pdf129.97 kBAdobe PDFView/Open

 

SFX Query

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.