PRIVACY IMPACT ASSESSMENT

Integrating the privacy requirement in the information system design is not an easy task. First of all, privacy is a complex, multiple, and contextual concept in itself. In addition, the issue of privacy is not a primary requirement of the system, and sometimes even this requirement can come into conflict with other (functional or non-functional) requirements of the information system. Therefore, it is of utmost importance to precisely define the objectives of privacy in the process of realizing privacy by design. One way to define the objectives of the information system in terms of the privacy requirement is to conduct a privacy impact assessment or a privacy risk analysis. Conducting a privacy impact assessment is in line with the principles of technical and integrated data protection under Article 25 of the General Data Protection Regulation – GDPR. In accordance with the principles of technical and integrated data protection, a privacy impact assessment should be carried out before the processing itself with the aim of using it as a tool for decision-making, in particular for the selection of appropriate technical protection measures. Although the General Data Protection Regulation does not prescribe any specific methodology or standard for privacy impact assessment in the guidelines of the Article 29 Working Group on Data Protection, there are recommendations for the use of international standards. This paper presents the method of privacy impact assessment based on the recommendations of the French Data Protection Agency and the recommendations of international standards ISO/IEC 29134 and ISO/IEC 27005.