Privacy Management and Accountability in Global Organisations

Siani Pearson

doi:10.1007/978-3-642-55137-6_3

IFIP PrimeLife International Summer School on Privacy and Identity Management for Life

Privacy and Identity 2013: Privacy and Identity Management for Emerging Services and Technologies pp 33-52

Privacy Management and Accountability in Global Organisations

Authors
Authors and affiliations

Siani Pearson

Conference paper

DOI: 10.1007/978-3-642-55137-6_3

Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 421)

Cite this paper as:: Pearson S. (2014) Privacy Management and Accountability in Global Organisations. In: Hansen M., Hoepman JH., Leenes R., Whitehouse D. (eds) Privacy and Identity Management for Emerging Services and Technologies. Privacy and Identity 2013. IFIP Advances in Information and Communication Technology, vol 421. Springer, Berlin, Heidelberg

Abstract

Organisations that operate in a global environment can be subject to potentially diverse and complex regulatory requirements. This paper explains some of the key issues that corporate governance faces related to privacy and some mechanisms for addressing these.

Keywords

Accountability compliance data protection privacy risk security

Preview

Unable to display preview. Download preview PDF.

References

1.
Information Commissioner’s Office (ICO), The Privacy Dividend: The Business Case for Investing in Proactive Privacy Protection (March 2010), http://www.ico.org.uk/~/media/documents/library/Data_Protection/Detailed_specialist_guides/PRIVACY_DIVIDEND.ashx
2.
Tressell, R.: The Ragged Trousered Philanthropists. Wordsworth Classics (2012)
3.
Bennett, C.J., Raab, C.D.: The Governance of Privacy: Policy Instruments in Global Perspective. MIT Press, Cambridge (2006)Google Scholar
4.
Warren, S., Brandeis, L.: The Right to Privacy. 4 Harvard Law Review 193 (1890)
5.
Westin, A.: Privacy and Freedom, New York, US, Atheneum (1967)
6.
American Institute of Certified Public Accountants (AICPA) and CICA: Generally Accepted Privacy Principles (August 2009)
7.
Solove, D.J.: A Taxonomy of Privacy. University of Pennyslavania Law Review 154(3), 477 (2006)CrossRefGoogle Scholar
8.
Nissenbaum, H.: Privacy as Contextual Integrity. Washington Law Review, 101–139 (2004)
9.
Swire, P., Bermann, S.: Information Privacy. Official Reference for the Certified Information Privacy Professional, CIPP (2007)
10.
European Commission (EC): Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (1995)
11.
Privacy Protection Study Commission: Personal Privacy in an Information Society, United Statues Privacy Protection Study Commission Fair Information Practices (1977)
12.
Organisation for Economic Co-operation and Development (OECD): Guidelines for the Protection of Personal Data and Transborder Data Flows (1980)
13.
OECD: Guidelines Concerning the Protection of Privacy and Transborder Flows of Personal Data (2013), http://www.oecd.org/sti/ieconomy/2013-oecd-privacy-guidelines.pdf
14.
European Commission, Unleashing the Potential of Cloud Computing in Europe (2012), http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2012:0529:FIN:EN:PDF
15.
European Commission, Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace (2013), http://ec.europa.eu/information_society/newsroom/cf//document.cfm?doc_id=1667
16.
European Commission, Directive on Network and Information Security (2013), http://ec.europa.eu/digital-agenda/en/news/eu-cybersecurity-plan-protect-open-internet-and-online-freedom-and-opportunity-cyber-security
17.
Pearson, S.: Privacy, Security and Trust in Cloud Computing. In: Pearson, S., Yee, G. (eds.) Privacy and Security for Cloud Computing, Computer Communications and Networks, pp. 3–42. Springer (2012)
18.
The Guardian: NSA Prism program taps in to user data of Apple, Google and others (June 7, 2013), http://www.guardian.co.uk/world/2013/jun/06/us-tech-giants-nsa-data
19.
Barabási, A.-L.: Scientists must spearhead ethical use of big data (2013), http://www.politico.com/story/2013/09/scientists-must-spearhead-ethical-use-of-big-data-97578.html
20.
Office of the Information and Privacy Commissioner of Alberta, Office of the Privacy Commissioner of Canada, Office of the Information and Privacy Commissioner for British Colombia: Getting Accountability Right with a Privacy Management Program (April 2012)
21.
Cavoukian, A.: Privacy by Design: Origins, Meaning, and Prospects for Assuring Privacy and Trust in the Information Era. In: Yee, G. (ed.) Privacy Protection Measures and Technologies in Business Organisations: Aspects and Standards, pp. 170–208. IGI Global (2012)
22.
Information Commissioners Office (ICO): Privacy by Design. Report (2008), www.ico.gov.uk
23.
Privacy Enhancing Technologies: A Review. HPL-2011-113, http://www.hpl.hp.com/techreports/2011/HPL-2011-113.html
24.
Microsoft Corporation: Privacy Guidelines for Developing Software Products and Services, Version 2.1a (2007)
25.
European Commission: Proposal for a Directive of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data (January 2012)
26.
Federal Trade Commission (FTC): Protecting Consumer Privacy in an Age of Rapid Change: Recommendations for Business and PolicyMakers. FTC Report (March 2012)
27.
Spiekermann, S., Cranor, L.F.: Engineering privacy. IEEE Transactions on Software Engineering, 1–42 (2008)
28.
European DG of Justice: Article 29 Working Party. ‘Opinion 3/2010 on the principle of accountability (WP 173)’ (July 2010)
29.
Felici, Pearson: MS:C-2.2, Internal Project Report, A4Cloud project (March 2013)
30.
Information Commissioner’s Office (ICO): Binding Corporate Rules., http://www.ico.gov.uk/for_organisations/data_protection/overseas/binding_corporate_rules.aspx
31.
Weitzner, D.J., Abelson, H., Berners-Lee, T., Feigenbaum, J., Hendler, J., Sussman, G.J.: Information accountability. Communications of ACM 51(6), 87 (2008)CrossRefGoogle Scholar
32.
Center for Information Policy Leadership (CIPL): Data protection accountability: the essential elements (2009), http://www.huntonfiles.com/files/webupload/CIPL_Galway_Accountability_Paper.pdf
33.
Bennett, C.J.: The Accountability Approach to Privacy and Data Protection: Assumptions and Caveats. In: Guagnin, D., et al. (eds.) Managing Privacy through Accountability, pp. 33–48. MacMillan (2012)
34.
Catteddu, D., et al.: Towards a Model of Accountability for Cloud Computing Services. In: Proceedings of the DIMACS/BIC/A4Cloud/CSA International Workshop on Trustworthiness, Accountability and Forensics in the Cloud (TAFC) (May 2013)
35.
Trilateral Research and Consulting, Privacy Impact Assessment and Risk Management, ICO report (May 2013), http://www.ico.org.uk/~/media/documents/library/Corporate/Research_and_reports/pia-and-risk-management-full-report-for-the-ico.pdf
36.
Information Commissioner’s Office UK (ICO): Data protection guidance note: Privacy enhancing technologies (2007)
37.
Pearson, S., Sander, T.: A Decision Support System for Privacy Compliance. In: Gupta, M., Walp, J., Sharman, R. (eds.) Threats, Countermeasures, and Advances in Applied Information Security. Information Science Reference, pp. 158–180. IGI Global, New York (2012)CrossRefGoogle Scholar
38.
EU Cloud Accountability project, http://www.a4cloud.eu
39.
Mowbray, M., Pearson, S.: Protecting Personal Information in Cloud Computing. In: Meersman, R., Panetto, H., Dillon, T., Rinderle-Ma, S., Dadam, P., Zhou, X., Pearson, S., Ferscha, A., Bergamaschi, S., Cruz, I.F. (eds.) OTM 2012, Part II. LNCS, vol. 7566, pp. 475–491. Springer, Heidelberg (2012)CrossRefGoogle Scholar

Copyright information

Authors and Affiliations

Siani Pearson
- 1

1.Security and Cloud LabHewlett-PackardBristolUK

Personalised recommendations

Actions

Buy eBook

USD 79.99

Instant download
Readable on all devices
Own it forever
Local sales tax included if applicable

Privacy Management and Accountability in Global Organisations

Abstract

Keywords

Preview

Copyright information

Authors and Affiliations

Personalised recommendations

Cookies