The paper examines the concept and practice of privacy impact assessment (PIA). After introducing and defining the topic, the paper outlines some approaches (the ”what”, ”when”, ”who” and ”why” of PIA). The paper discusses aspects of the process from its start, where terms of reference are suggested, through its undertaking, with regard to a variety of guidelines, to the end of the process, where the PIA findings should be integrated into project decision-making. Following general coverage of the subject, the paper examines several particular issues including the relationship between PIA and privacy law, the role of lawyers, public access to PIA findings, and whether PIA should, in addition to identifying alternatives to a proposal, evaluate such alternatives. The paper closes with three appendices which set out recent articles, guidelines adopted in several jurisdictions and, for the first time, lists PIAs undertaken in Hong Kong, New Zealand and Canada.
為了持續優化網站功能與使用者體驗,本網站將Cookies分析技術用於網站營運、分析和個人化服務之目的。
若您繼續瀏覽本網站,即表示您同意本網站使用Cookies。