 The risk-based approach to privacy: Risk or protection for business?Giulio Coraggio and Giulia Zappaterra Journal of Data Protection & Privacy, 2018, vol. 1, issue 4, 339-344 Abstract: The so-called ‘risk-based approach’ introduced by the European General Data Protection Regulation (GDPR) is based on the concept that the privacy measures implemented by the data controllers shall be proportional to the level of risks associated with the type of data-processing activities, the evaluation of which should be subject to an objective assessment (the privacy impact assessment; PIA). To guarantee harmonisation among data protection procedures and enforcement across the EU member states, it is crucial for EU data protection supervisory authorities to cooperate in the identification of criteria for the performance of PIAs, possibly taking advantage of the examples in certain EU jurisdictions (such as the UK and France) and the International Standards Organisation (ISO). Keywords: privacy; data protection; European General Data Protection Regulation; GDPR; risk-based approach; privacy impact assessment; PIA; international standards; ISO; privacy by design; privacy by default (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:aza:jdpp00:y:2018:v:1:i:4:p:339-344 Access Statistics for this article More articles in Journal of Data Protection & Privacy from Henry Stewart Publications |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.