Projects per year
Abstract
This policy brief lays the foundations for a method for data protection impact assessment (DPIA) in the European Union (EU). First, as a prerequisite, it proposes a generic method for impact assessment, which is intended to be used – when tailored to the particular context – in multiple domains of practice, such as environment, technology development or regulation (Section 2). Next, building on this generic method and interpreting the requirements of the General Data Protection Regulation (GDPR), this policy brief lays the foundations for a specific method for the process of DPIA in the EU, which is also intended to be adapted to the context of use (Section 3). In particular, the policy brief aims to clarify two crucial aspects of this specific method, which have thus far proved to be the most contentious. These aspects are the appraisal techniques (that is, the necessity and proportionality assessment, and risk appraisal), and stakeholder involvement (including public participation) in decision-making. Section 4 summarises the findings and calls for further guidance, clarification and tailoring down. This policy brief is addressed predominantly to policy-makers who develop methods for impact assessment, practitioners who tailor these methods to the context in which they are used and assessors who conduct the assessment process in accordance with these methods
| Original language | English |
|---|---|
| Pages | 1-8 |
| Number of pages | 8 |
| Volume | 1 |
| No. | 2019 |
| Specialist publication | d.pia.lab Policy Brief |
| DOIs | |
| Publication status | Published - 5 Nov 2019 |
Keywords
- data protection impact assessment
- DPIA
- privacy impact assessment
- PIA
- GDPR
- data protection
- privacy
- risk
- risk to a right
- stakeholder involvement
- public participation
- method
- Impact assessment
- environmental impact assessment
- EIA
- technology assessment
- European Union
- EU
- data protection authorities
- DPA
- data protection officer
- DPO
Fingerprint
Dive into the research topics of 'Towards a method for data protection impact assessment: Making sense of GDPR requirements'. Together they form a unique fingerprint.Projects
- 4 Finished
-
EU572: HR-RECYCLER: Hybrid Human-Robot RECYcling plant for electriCal and eLEctRonic equipment
De Hert, P., Kloza, D., Mendes Roda, S. J., Ioannidis, N. & Vazquez Maymir, S.
1/12/18 → 30/11/22
Project: Fundamental
-
EU573: SYSTEM: SYnergy of integrated Sensors and Technologies for urban sEcured environMent
De Hert, P. & Vazquez Maymir, S.
1/09/18 → 28/02/22
Project: Fundamental
-
EU565: PERSONA: Privacy, ethical regulatory and social no-gate crossing point solutions acceptance
De Hert, P., Kloza, D., Casiraghi, S., Calvi, A., Ioannidis, N. & Burgess, J. P.
1/09/18 → 28/02/21
Project: Fundamental
Research output
- 1 Chapter
-
The concept of impact assessment
Kloza, D., Van Dijk, N., Casiraghi, S., Vazquez Maymir, S. & Tanas, A., 12 Jul 2021, Border Control and New Technologies. Addressing Integrated Impact Assessment . Burgess, J. P. & Kloza, D. (eds.). Brussels: ASP, p. 31-48 18 p.Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review
Open AccessFile55 Downloads (Pure)