DPIA in context: Applying DPIA to assess privacy risks of cyber physical systems

Authors: Henriksen-Bulmer, J., Faily, S. and Jeary, S.

Journal: Future Internet

Volume: 12

Issue: 5

eISSN: 1999-5903

DOI: 10.3390/FI12050093

Abstract:

Cyber Physical Systems (CPS) seamlessly integrate physical objects with technology, thereby blurring the boundaries between the physical and virtual environments. While this brings many opportunities for progress, it also adds a new layer of complexity to the risk assessment process when attempting to ascertain what privacy risks this might impose on an organisation. In addition, privacy regulations, such as the General Data Protection Regulation (GDPR), mandate assessment of privacy risks, including making Data Protection Impact Assessments (DPIAs) compulsory. We present the DPIA Data Wheel, a holistic privacy risk assessment framework based on Contextual Integrity (CI), that practitioners can use to inform decision making around the privacy risks of CPS. This framework facilitates comprehensive contextual inquiry into privacy risk, that accounts for both the elicitation of privacy risks, and the identification of appropriate mitigation strategies. Further, by using this DPIA framework we also provide organisations with a means of assessing privacy from both the perspective of the organisation and the individual, thereby facilitating GDPR compliance. We empirically evaluate this framework in three different real-world settings. In doing so, we demonstrate how CI can be incorporated into the privacy risk decision-making process in a usable, practical manner that will aid decision makers in making informed privacy decisions.

http://eprints.bournemouth.ac.uk/34036/

Source: Scopus

DPIA in Context: Applying DPIA to Assess Privacy Risks of Cyber Physical Systems

Authors: Henriksen-Bulmer, J., Faily, S. and Jeary, S.

Journal: FUTURE INTERNET

Volume: 12

Issue: 5

eISSN: 1999-5903

DOI: 10.3390/fi12050093

http://eprints.bournemouth.ac.uk/34036/

Source: Web of Science (Lite)

DPIA in Context: Applying DPIA to Assess Privacy Risks of Cyber Physical Systems

Authors: Henriksen-Bulmer, J., Faily, S. and Jeary, S.

Journal: Future Internet

Volume: 12

Issue: 5

Pages: 1-24

Publisher: MDPI AG

ISSN: 1999-5903

DOI: 10.3390/fi12050093

Abstract:

Cyber Physical Systems (CPS) seamlessly integrate physical objects with technology, thereby blurring the boundaries between the physical and virtual environments. While this brings many opportunities for progress, it also adds a new layer of complexity to the risk assessment process when attempting to ascertain what privacy risks this might impose on an organisation. In addition, privacy regulations, such as the General Data Protection Regulation (GDPR), mandate assessment of privacy risks, including making Data Protection Impact Assessments (DPIAs) compulsory. We present the DPIA Data Wheel, a holistic privacy risk assessment framework based on Contextual Integrity (CI), that practitioners can use to inform decision making around the privacy risks of CPS. This framework facilitates comprehensive contextual inquiry into privacy risk, that accounts for both the elicitation of privacy risks, and the identification of appropriate mitigation strategies. Further, by using this DPIA framework we also provide organisations with a means of assessing privacy from both the perspective of the organisation and the individual, thereby facilitating GDPR compliance. We empirically evaluate this framework in three different real-world settings. In doing so, we demonstrate how CI can be incorporated into the privacy risk decision-making process in a usable, practical manner that will aid decision makers in making informed privacy decisions.

http://eprints.bournemouth.ac.uk/34036/

Source: Manual

DPIA in Context: Applying DPIA to Assess Privacy Risks of Cyber Physical Systems.

Authors: Henriksen-Bulmer, J., Faily, S. and Jeary, S.

Journal: Future Internet

Volume: 12

Pages: 93

DOI: 10.3390/fi12050093

http://eprints.bournemouth.ac.uk/34036/

Source: DBLP