Projects per year
Abstract
This Policy Brief proposes a template for a report from a process of data protection impact assessment (DPIA) in the European Union (EU). Grounded in the previously elaborated framework (cf. Policy Brief No. 1/2017) and method for impact assessment (cf. Policy Brief No. 1/2019), the proposed template conforms to the requirements of Articles 35–36 of the General Data Protection Regulation (GDPR) and reflects best practices for impact assessment, offering at the same time five novel aspects. First, it aims at comprehensiveness to arrive at the most robust advice for decision making. Second, it aims at efficiency, that is, to produce effects with the least use of resources. Third, it aims at exploring and accommodating the perspectives of various stakeholders, although the perspective of individuals dominates; it, therefore, fosters fundamental rights thinking by, for example, requiring justification for each choice, hence going beyond a mere ‘tick-box’ exercise. Fourth, it aims at adhering to the legal design approach to guide the assessors in a practical, easy and intuitive manner throughout the 11-step assessment process, providing necessary explanations for each step, while being structured in expandable and modifiable tables and fields to fill in. Fifth, it assumes its lack of finality as it will need to be revised as experience with its use grows. The template is addressed predominantly to assessors entrusted by data controllers to perform the assessment process, yet it may also assist data protection authorities (DPA) in the EU to develop (tailored down) templates for DPIA for their own jurisdictions.
Original language | English |
---|---|
Pages | 1-52 |
Number of pages | 52 |
Volume | 2020 |
No. | 1 |
Specialist publication | d.pia.lab Policy Brief |
DOIs | |
Publication status | Published - 11 Sep 2020 |
Keywords
- data protection
- data protection impact assessment
- DPIA
- GDPR
- template
- risk assessment
- proportionality
- necessity
- risk to a right
- risk
- impact assessment
- stakeholder participation
- fundamental rights
- human rights
- DPA
- PIA
- privacy impact assessment
Fingerprint
Dive into the research topics of 'Data protection impact assessment in the European Union: developing a template for a report from the assessment process'. Together they form a unique fingerprint.-
EU572: HR-RECYCLER: Hybrid Human-Robot RECYcling plant for electriCal and eLEctRonic equipment
De Hert, P., Kloza, D., Mendes Roda, S. J., Ioannidis, N. & Vazquez Maymir, S.
1/12/18 → 30/11/22
Project: Fundamental
-
EU573: SYSTEM: SYnergy of integrated Sensors and Technologies for urban sEcured environMent
De Hert, P. & Vazquez Maymir, S.
1/09/18 → 28/02/22
Project: Fundamental
-
EU565: PERSONA: Privacy, ethical regulatory and social no-gate crossing point solutions acceptance
De Hert, P., Kloza, D., Casiraghi, S., Calvi, A., Ioannidis, N. & Burgess, J. P.
1/09/18 → 28/02/21
Project: Fundamental
Research output
- 1 Chapter
-
The concept of impact assessment
Kloza, D., Van Dijk, N., Casiraghi, S., Vazquez Maymir, S. & Tanas, A., 12 Jul 2021, Border Control and New Technologies. Addressing Integrated Impact Assessment . Burgess, J. P. & Kloza, D. (eds.). Brussels: ASP, p. 31-48 18 p.Research output: Chapter in Book/Report/Conference proceeding › Chapter
Open AccessFile21 Downloads (Pure)
Activities
- 1 Research and Teaching at External Organisation
-
Introduction to the concept of (data protection) impact assessment
Dariusz Kloza (Lecturer)3 Feb 2021Activity: Other › Research and Teaching at External Organisation
File