Abstract
Organisations that operate in a global environment can be subject to potentially diverse and complex regulatory requirements. This paper explains some of the key issues that corporate governance faces related to privacy and some mechanisms for addressing these.
Chapter PDF
Similar content being viewed by others
References
Information Commissioner’s Office (ICO), The Privacy Dividend: The Business Case for Investing in Proactive Privacy Protection (March 2010), http://www.ico.org.uk/~/media/documents/library/Data_Protection/Detailed_specialist_guides/PRIVACY_DIVIDEND.ashx
Tressell, R.: The Ragged Trousered Philanthropists. Wordsworth Classics (2012)
Bennett, C.J., Raab, C.D.: The Governance of Privacy: Policy Instruments in Global Perspective. MIT Press, Cambridge (2006)
Warren, S., Brandeis, L.: The Right to Privacy. 4 Harvard Law Review 193 (1890)
Westin, A.: Privacy and Freedom, New York, US, Atheneum (1967)
American Institute of Certified Public Accountants (AICPA) and CICA: Generally Accepted Privacy Principles (August 2009)
Solove, D.J.: A Taxonomy of Privacy. University of Pennyslavania Law Review 154(3), 477 (2006)
Nissenbaum, H.: Privacy as Contextual Integrity. Washington Law Review, 101–139 (2004)
Swire, P., Bermann, S.: Information Privacy. Official Reference for the Certified Information Privacy Professional, CIPP (2007)
European Commission (EC): Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (1995)
Privacy Protection Study Commission: Personal Privacy in an Information Society, United Statues Privacy Protection Study Commission Fair Information Practices (1977)
Organisation for Economic Co-operation and Development (OECD): Guidelines for the Protection of Personal Data and Transborder Data Flows (1980)
OECD: Guidelines Concerning the Protection of Privacy and Transborder Flows of Personal Data (2013), http://www.oecd.org/sti/ieconomy/2013-oecd-privacy-guidelines.pdf
European Commission, Unleashing the Potential of Cloud Computing in Europe (2012), http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2012:0529:FIN:EN:PDF
European Commission, Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace (2013), http://ec.europa.eu/information_society/newsroom/cf//document.cfm?doc_id=1667
European Commission, Directive on Network and Information Security (2013), http://ec.europa.eu/digital-agenda/en/news/eu-cybersecurity-plan-protect-open-internet-and-online-freedom-and-opportunity-cyber-security
Pearson, S.: Privacy, Security and Trust in Cloud Computing. In: Pearson, S., Yee, G. (eds.) Privacy and Security for Cloud Computing, Computer Communications and Networks, pp. 3–42. Springer (2012)
The Guardian: NSA Prism program taps in to user data of Apple, Google and others (June 7, 2013), http://www.guardian.co.uk/world/2013/jun/06/us-tech-giants-nsa-data
Barabási, A.-L.: Scientists must spearhead ethical use of big data (2013), http://www.politico.com/story/2013/09/scientists-must-spearhead-ethical-use-of-big-data-97578.html
Office of the Information and Privacy Commissioner of Alberta, Office of the Privacy Commissioner of Canada, Office of the Information and Privacy Commissioner for British Colombia: Getting Accountability Right with a Privacy Management Program (April 2012)
Cavoukian, A.: Privacy by Design: Origins, Meaning, and Prospects for Assuring Privacy and Trust in the Information Era. In: Yee, G. (ed.) Privacy Protection Measures and Technologies in Business Organisations: Aspects and Standards, pp. 170–208. IGI Global (2012)
Information Commissioners Office (ICO): Privacy by Design. Report (2008), www.ico.gov.uk
Privacy Enhancing Technologies: A Review. HPL-2011-113, http://www.hpl.hp.com/techreports/2011/HPL-2011-113.html
Microsoft Corporation: Privacy Guidelines for Developing Software Products and Services, Version 2.1a (2007)
European Commission: Proposal for a Directive of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data (January 2012)
Federal Trade Commission (FTC): Protecting Consumer Privacy in an Age of Rapid Change: Recommendations for Business and PolicyMakers. FTC Report (March 2012)
Spiekermann, S., Cranor, L.F.: Engineering privacy. IEEE Transactions on Software Engineering, 1–42 (2008)
European DG of Justice: Article 29 Working Party. ‘Opinion 3/2010 on the principle of accountability (WP 173)’ (July 2010)
Felici, Pearson: MS:C-2.2, Internal Project Report, A4Cloud project (March 2013)
Information Commissioner’s Office (ICO): Binding Corporate Rules., http://www.ico.gov.uk/for_organisations/data_protection/overseas/binding_corporate_rules.aspx
Weitzner, D.J., Abelson, H., Berners-Lee, T., Feigenbaum, J., Hendler, J., Sussman, G.J.: Information accountability. Communications of ACMÂ 51(6), 87 (2008)
Center for Information Policy Leadership (CIPL): Data protection accountability: the essential elements (2009), http://www.huntonfiles.com/files/webupload/CIPL_Galway_Accountability_Paper.pdf
Bennett, C.J.: The Accountability Approach to Privacy and Data Protection: Assumptions and Caveats. In: Guagnin, D., et al. (eds.) Managing Privacy through Accountability, pp. 33–48. MacMillan (2012)
Catteddu, D., et al.: Towards a Model of Accountability for Cloud Computing Services. In: Proceedings of the DIMACS/BIC/A4Cloud/CSA International Workshop on Trustworthiness, Accountability and Forensics in the Cloud (TAFC) (May 2013)
Trilateral Research and Consulting, Privacy Impact Assessment and Risk Management, ICO report (May 2013), http://www.ico.org.uk/~/media/documents/library/Corporate/Research_and_reports/pia-and-risk-management-full-report-for-the-ico.pdf
Information Commissioner’s Office UK (ICO): Data protection guidance note: Privacy enhancing technologies (2007)
Pearson, S., Sander, T.: A Decision Support System for Privacy Compliance. In: Gupta, M., Walp, J., Sharman, R. (eds.) Threats, Countermeasures, and Advances in Applied Information Security. Information Science Reference, pp. 158–180. IGI Global, New York (2012)
EU Cloud Accountability project, http://www.a4cloud.eu
Mowbray, M., Pearson, S.: Protecting Personal Information in Cloud Computing. In: Meersman, R., Panetto, H., Dillon, T., Rinderle-Ma, S., Dadam, P., Zhou, X., Pearson, S., Ferscha, A., Bergamaschi, S., Cruz, I.F. (eds.) OTM 2012, Part II. LNCS, vol. 7566, pp. 475–491. Springer, Heidelberg (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 IFIP International Federation for Information Processing
About this paper
Cite this paper
Pearson, S. (2014). Privacy Management and Accountability in Global Organisations. In: Hansen, M., Hoepman, JH., Leenes, R., Whitehouse, D. (eds) Privacy and Identity Management for Emerging Services and Technologies. Privacy and Identity 2013. IFIP Advances in Information and Communication Technology, vol 421. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-55137-6_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-55137-6_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-55136-9
Online ISBN: 978-3-642-55137-6
eBook Packages: Computer ScienceComputer Science (R0)