Skip to main content
  • Book
  • © 2012

Privacy Impact Assessment

  • First in-depth review of privacy impact assessments globally

  • First comparative country analysis on PIAs with a focus on data protection

  • A practical guide highlighting known issues, shortcomings, difficulties and suggesting solutions

Part of the book series: Law, Governance and Technology Series (LGTS, volume 6)

Buying options

eBook USD 229.00
Price excludes VAT (USA)
  • ISBN: 978-94-007-2543-0
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book USD 299.99
Price excludes VAT (USA)
Hardcover Book USD 299.99
Price excludes VAT (USA)

This is a preview of subscription content, access via your institution.

Table of contents (22 chapters)

  1. Front Matter

    Pages i-xxviii
  2. Setting the Scene

    1. Front Matter

      Pages 1-1
    2. Introduction to Privacy Impact Assessment

      • David Wright, Paul De Hert
      Pages 3-32
    3. Prior Checking, a Forerunner to Privacy Impact Assessments

      • Gwendal Le Grand, Emilie Barrau
      Pages 97-116
  3. Five Countries Lead the Way

    1. Front Matter

      Pages 17-17
    2. Privacy Impact Assessments in Canada

      • Robin M. Bayley, Colin J. Bennett
      Pages 161-185
    3. Privacy Impact Assessment in the UK

      • Adam Warren, Andrew Charlesworth
      Pages 205-224
    4. PIA Requirements and Privacy Decision-Making in US Government Agencies

      • Kenneth A. Bamberger, Deirdre K. Mulligan
      Pages 225-250
  4. PIA in the Private Sector: Three Examples

    1. Front Matter

      Pages 251-251
    2. PIA: Cornerstone of Privacy Compliance in Nokia

      • Tobias Bräutigam
      Pages 253-274
    3. How Siemens Assesses Privacy Impacts

      • Florian Thoma
      Pages 275-284
    4. Vodafone’s Approach to Privacy Impact Assessments

      • Stephen Deadman, Amanda Chandler
      Pages 285-304
  5. Specialised PIA: The Cases of the Financial Services Industry and the RFID PIA Framework

    1. Front Matter

      Pages 305-305
    2. The ISO PIA Standard for Financial Services

      • John Martin Ferris
      Pages 307-321

About this book

Virtually all organisations collect, use, process and share personal data from their employees, customers and/or citizens. In doing so, they may be exposing themselves to risks, from threats and vulnerabilities, of that data being breached or compromised by negligent or wayward employees, hackers, the police, intelligence agencies or third-party service providers. A recent study by the Ponemon Institute found that 70 per cent of organisations surveyed had suffered a data breach in the previous year.
Privacy impact assessment is a tool, a process, a methodology to identify, assess, mitigate or avoid privacy risks and, in collaboration with stakeholders, to identify solutions.
Contributors to this book – privacy commissioners, academics, consultants, practitioners, industry representatives – are among the world’s leading PIA experts. They share their experience and offer their insights to the reader in the policy and practice of PIA in Australia, Canada, New Zealand, the United Kingdom, the United States and elsewhere.
This book, the first such on privacy impact assessment, will be of interest to any organisation that collects or uses personal data and, in particular, to regulators, policy-makers, privacy professionals, including privacy, security and information officials, consultants, system architects, engineers and integrators, compliance lawyers and marketing professionals.
In his Foreword, surveillance studies guru Gary Marx says, “This state-of-the-art book describes the most comprehensive tool yet available for policy-makers to evaluate new personal data information technologies before they are introduced.”
This book could save your organisation many thousands or even millions of euros (or dollars) and the damage to your organisation’s reputation and to the trust of employees, customers or citizens if it suffers a data breach that could have been avoided if only it had performed a privacy impact assessment before deploying a new technology, product, service or other initiative involving personal data.


  • Data Protection
  • EU Data Protection Directives
  • Environmental Impact Assessment
  • Ethical Impact
  • European Commission
  • Freedom of Information
  • Human Rights
  • Impact Assessments
  • Liberal Democracies
  • Modern Liberal Democracy
  • PIA
  • Paperwork Reduction
  • Plain Language
  • Privacy
  • Privacy Impact Assessment
  • Protecting Privacy
  • Rights and Freedoms
  • Risk Assessment
  • Risk Management
  • Surveillance
  • Technology Impact Assesment
  • The Madrid Resolution


From the reviews:

“A volume devoted to one of the privacy tools currently in use to evaluate privacy risks. The book offers a broad and worldwide perspective, with 20–plus chapters contributed by privacy scholars, public and private sector practitioners, and regulators. It’s the first volume on the subject. … Anyone tasked with defining PIA requirements through policy, rule, or law or simply with conducting an individual PIA will be richly rewarded by reading this volume.” (Robert Gellman, First Monday, Vol. 19 (9), September, 2012)

“A handbook for those data protection and privacy professionals working in the field … . it gives a comprehensive overview of PIA around the world; it identifies open issues; and it provides the reader with best practices examples of PIA in order to improve any future PIA exercises. … This volume provides a rich set of information and reflections, experiences and examples on PIA, which makes it a truly outstanding contribution in the field—both for practitioners and for academics working in this area.” (Nils Zurawski, International Data Privacy Law, Vol. 2 (4), November, 2012)

“Taking a truly international perspective, and with contributions from a large number of leading practitioners, compliance leaders and academics, this publication is in turn historical record, academic study and empirical evaluation. … It is unquestionably an interesting read, with a wealth of experience presented from other countries and multinational companies in relation to the practical realities of using PIAs. … this book is likely to be seen as a highly valuable guide.” (Stephanie Pritchett, Privacy & Data Protection, Vol. 12 (5), June, 2012)

Editors and Affiliations

  • Trilateral Research & Consulting, London, UK

    David Wright

  • Vrije Universiteit Brussel (LSTS), Brussels, Belgium

    Paul Hert

Bibliographic Information

  • Book Title: Privacy Impact Assessment

  • Editors: David Wright, Paul Hert

  • Series Title: Law, Governance and Technology Series

  • DOI:

  • Publisher: Springer Dordrecht

  • eBook Packages: Humanities, Social Sciences and Law, Law and Criminology (R0)

  • Copyright Information: Springer Science+Business Media B.V. 2012

  • Hardcover ISBN: 978-94-007-2542-3Published: 22 December 2011

  • Softcover ISBN: 978-94-007-5402-7Published: 22 July 2012

  • eBook ISBN: 978-94-007-2543-0Published: 31 January 2012

  • Series ISSN: 2352-1902

  • Series E-ISSN: 2352-1910

  • Edition Number: 1

  • Number of Pages: XXVIII, 523

  • Number of Illustrations: 2 b/w illustrations, 22 illustrations in colour

  • Topics: Constitutional Law, Political Science, Public Law

Buying options

eBook USD 229.00
Price excludes VAT (USA)
  • ISBN: 978-94-007-2543-0
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book USD 299.99
Price excludes VAT (USA)
Hardcover Book USD 299.99
Price excludes VAT (USA)