Fuzzy-based approach to assess and prioritize privacy risks

  • Stephen Hart
  • Anna Lisa FerraraEmail author
  • Federica Paci
Methodologies and Application


The new general data protection regulation requires organizations to conduct a data protection impact assessment (DPIA) when the processing of personal information may result in high risk to individual rights and freedoms. DPIA allows organizations to identify, assess and prioritize the risks related to the processing of personal information and select suitable mitigations to reduce the severity of the risks. The existing DPIA methodologies measure the severity of privacy risks according to analysts’ opinions about the likelihood and the impact factors of the threats. The assessment is therefore subjective to the expertise of the analysts. To reduce subjectivity, we propose a set of well-defined criteria that analysts can use to measure the likelihood and the impact of a privacy risk. Then, we adopt the fuzzy multi-criteria decision-making approach to systematically measure the severity of privacy risks while modeling the imprecision and vagueness inherent in linguistic assessment. Our approach is illustrated for a realistic scenario with respect to LINDDUN threat categories.


Privacy risks Privacy risk assessment Fuzzy set theory 


Compliance with ethical standards

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.


  1. AEPD (2017) Guia Practica de Anlisis de riesgos en los tratamientos de datos personales sujetos al RGPD). Accessed 10 Nov 2018
  2. Awasthi A, Chauhan SS, Goyal SK (2011) A multi-criteria decision making approach for location planning for urban distribution centers under uncertainty. Math Comput Model 53(1–2):98–109MathSciNetCrossRefzbMATHGoogle Scholar
  3. Camarinha-Matos LM, Falcão AJ, Vafaei N, Najdi S (eds) (2016) Technological innovation for cyber-physical systems—proceedings of 7th IFIP WG 5.5/SOCOLNET advanced doctoral conference on computing, electrical and industrial systems, DoCEIS 2016, Costa de Caparica, Portugal, 11–13 April 2016. IFIP advances in information and communication technology, vol 470. SpringerGoogle Scholar
  4. Caralli R, Stevens J, Young L, Wilson W (2007) Introducing octave allegro: improving the information security risk assessment process. Technical reportGoogle Scholar
  5. CNIL (2018) Privacy impact assessment methodology. Accessed 15 Nov 2018
  6. De Gusmao A, Camara L, Silva M, Poleto T, Costa A (2016) Information security risk analysis model using fuzzy decision theory. Int J Inf Manag 36:25–34CrossRefGoogle Scholar
  7. Deng M, Wuyts K, Scandariato R, Preneel B, Joosen W (2011) A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements. Requir Eng 16(1):3–32CrossRefGoogle Scholar
  8. ENISA (2013) Recommendations for a methodology of the assessment and severity of personal data breaches. Accessed 10 Nov 2018
  9. Kahraman C, Onar SÇ, Öztaysi B (2015) Fuzzy multicriteria decision-making: a literature review. Int J Comput Intell Syst 8(4):637–666. CrossRefzbMATHGoogle Scholar
  10. Lund MS, Solhaug B, Stlen K (2010) Model-driven risk analysis: the CORAS approach. Springer, BerlinGoogle Scholar
  11. Moore T (2017) On the harms arising from the equifax data breach of 2017. Int J Crit Infrastruct Prot 19(C):47–48. CrossRefGoogle Scholar
  12. OWASP (2014) OWASP top 10 privacy risks. Accessed 17 Nov 2018
  13. OWASP (2018) OWASP risk rating methodology. Accessed 17 Nov 2018
  14. SDM (2017) North Rhine-Westphalia State Commissioner for Data Protection and Freedom of Information: The Standard Data Protection Model (SDM) (2017)Google Scholar
  15. Shameli-Sendi A, Shajari M, Hassanabadi M, Jabbarifar M, Dagenais M (2012) Fuzzy multi-criteria decision making for information security risk assessment. Open Cybern Syst J 6:26–37MathSciNetCrossRefGoogle Scholar
  16. Stoneburner G, Goguen AY, Feringa A (2002) Sp 800-30. Risk management guide for information technology systems. Technical report, Gaithersburg, MD, USAGoogle Scholar
  17. Wagner I, Boiten E (2018) Privacy risk assessment: from art to science, by metrics, pp 225–241Google Scholar
  18. WP29 (2017) Guidelines on data protection impact assessment (DPIA) (wp248rev.01). Accessed 15 Nov 2018
  19. Wuyts K, Scandariato R, Joosen W (2014) Empirical evaluation of a privacy-focused threat modeling methodology. J Syst Softw 96:122–138CrossRefGoogle Scholar
  20. Zadeh LA (1965) Fuzzy sets. Inf Control 8(3):338–353CrossRefzbMATHGoogle Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2019

Authors and Affiliations

  • Stephen Hart
    • 1
  • Anna Lisa Ferrara
    • 2
    Email author
  • Federica Paci
    • 3
  1. 1.University of SouthamptonSouthamptonEngland
  2. 2.Università degli Studi del MoliseCampobassoItaly
  3. 3.Università degli Studi di VeronaVeronaItaly

Personalised recommendations