Privacy by design and privacy impact assessments

 In IT & Internet

Current developments

‘Cloud Computing’, ‘Big Data’, ‘the internet of things’ and computer-related crime greatly influence the development of privacy law. Numerous new products may entail far-reaching consequences for privacy issues. It is of the utmost importance to assess the privacy impact, so that penalties can be avoided and products won’t have to be modified later on to make them meet new legal requirements. Issues such as data protection and transparent, reliable and verifiable processing of these data play an essential role.

Current legislation

As a result of technical developments new privacy laws continuously need to be drafted. In the Netherlands EU Directive 95/46/EC has been transposed in the Personal Data Protection Act and the Dutch Data Protection Authority issued guidelines in March 2013. The Personal Data Protection Act will be amended and in 2016 the new EU privacy regulation will enter into force. This regulation will have direct effect in all EU member states.

Business and industry will have to take the fullest account of the far-reaching impact these measures will have for the protection of privacy. Risk analyses will have to be made to guarantee a suitable level of protection so that data leaks and unlawful data processing may be prevented.

Everyday reality is that privacy legislation is usually overtaken by events. However, the existing rules offer some kind of flexibility, so that we can be held to a certain extent to adapt privacy measures to the state of the art. Companies are obliged to analyse possible privacy risks and take protective measures.

Privacy by design

Privacy by design is the new trend when protective measures are called for. It means that privacy risks should be mapped before a system that could affect privacy issues is built or put into operation. Privacy protection is not going to disappear, as some of the social media gurus claim. On the contrary, privacy protection – like green energy – is seen as a unique selling point.

Privacy Impact Assessment (PIA)

Security companies have developed so-called penetration tests to check existing systems for protection against hacking and unwanted access to personal data.

A Privacy Impact Assessment (PIA) is a new phenomenon. NOREA, the professional organization of IT auditors has published a kind of PIA manual. Most consumer appliances, such as medical devices, robots and sensors in health care, and all kinds of ‘connected devices’ will soon send privacy sensitive data to the cloud. To avoid creating an obstacle to further progress, the privacy impact should be assessed in time so that suitable measures can be taken for the protection of privacy. Business and industry will have to take these measures themselves and a PIA is an essential tool in that process. Legal advice is a prerequisite when seeking the boundaries of what is legally possible.

We will be pleased to advise you.
Bob Cordemeyer,  Irvette Tempelman

Recent Posts
  • 17 March 2020

    Hanneke Slager
    Following the recent developments in connection with the Coronavirus (COVID-19), we hereby inform you of the measures that we have taken to ensure the continuity and quality of the services we provide to you.
    Read More
  • 16 March 2020

    Fine for Dutch tennis association for unlawfully selling personal data

    Bob Cordemeyer
    The Dutch DPA imposed a fine of 525,000 euros for the unlawful sale of personal data by the Dutch national tennis association the KNLTB. In 2018, the KNLTB unlawfully provided personal data of a few hundred thousands of its members to two sponsors against payment.
    Read More
  • 16 December 2019

    On 1 January 2020 the Balanced Labour Market Act (Wet Arbeidsmarkt in Balans (WAB)) takes effect.

    Marion Hagenaars
    This Act is meant to improve the balance between fixed and flexible employment agreements. Once again, employment law is changed in important parts. Apart from that, the Dutch Supreme Court has ruled on the issue of ‘dormant employment’.
    Read More

Leave a Comment

Top