Description
It is well known that the new legal framework for personal data protection in the European Union, applicable from May 2018, brings to the fore a plethora of novel solutions aiming, inter alia, at better safeguarding the interests of individuals whenever their personal data are being handled. One of these novelties is an obligation imposed on data controllers to conduct a data protection impact assessment (DPIA) for those processing operations that could present a “high risk” to the “rights and freedoms of natural persons”. Despite these novelties still posing questions as to their practical application, they already have caused development of dedicated guidance material, templates, tools, etc. – all aimed at making possible and facilitating their usage, including the conduct of a DPIA.Amongst these, in particular, we have recently observed a proliferation of automated tools for conducting a DPIA. Various software developers have already offered to diverse clients varied pieces of software that – upon being fed with some descriptions, etc. – would help making an analysis of the intended processing operations and often recommend measures to lower the level of risk to the individuals, maximize benefits or even – if possible – to eliminate negative consequences entirely. These tools merit academic attention not only because of their novel character, uncharted potential or vulnerabilities, doubts about their quality and effectiveness, but – more importantly – because their usage has ramifications for the level of protection of individual interests. Thus there is a need to evaluate the extent to which these tools can contribute, if ever, to offering such a protection.
To that end, we want to explore some of the existing software for conducting DPIAs and – more broadly – privacy impact assessments (PIAs). In preparation for this panel, we have invited a number of software developers to make their tools available to us in advance, for analysis and testing. Having done so, we come to this interactive panel with observations, questions, and comments, which we will deliver and discuss right after these invited developers have presented their tools. A discussion with the public will follow.
Invitees: Georg Philip Krog (Signatu, NO); Michele Marrali (Studio Storti, IT); Erwin Rigter (Privacy Company, NL); Robert Sindlinger (OneTrust, DE).
Period | 23 Feb 2018 |
---|---|
Event title | 21. Internationale Rechtsinformatik Symposium (IRIS 2018): Data Protection and LegalTech |
Event type | Conference |
Conference number | 21 |
Location | Salzburg, Austria |
Degree of Recognition | International |
Documents & Links
Related content
-
Projects
-
FORENSOR: FOREnsic evidence gathering autonomous seNSOR
Project: Fundamental