Conclusions and Policy Implications

  • Demetrius Klitou
Part of the Information Technology and Law Series book series (ITLS, volume 25)


This chapter sums up the book’s overall research findings and conclusions; outlines the policy implications of the conclusions; explains how PBD is a critical combination of law and technology; clarifies that PBD is not a substitute for law; provides an overview of the major changes needed in the privacy/data protection legal frameworks; outlines how PBD can and should be implemented and enforced; explains how PBD can play an important role in safeguarding, privacy, liberty and security; and clarifies how and why PBD is a potentially effective solution, but not a panacea for all privacy issues or threats.


Privacy by design Code as law Privacy-enhancing technologies Privacy-invading technologies Legislation Privacy principles Data protection 


  1. Agre PE, Rotenberg M (eds) (1997) Technology and privacy: the new landscape. MIT Press, CambridgeGoogle Scholar
  2. Albrechtslund A (2007) Ethics and technology design. Ethics Inf Technol 9:63–72CrossRefGoogle Scholar
  3. Article 29 Working Party, WP 173, Opinion 3/2010 on the principle of accountability, 13 July 2010Google Scholar
  4. Article 29 Working Party, WP 168, The future of privacy, 1 Dec 2009Google Scholar
  5. Bennett C (1992) Regulating privacy: data protection and public policy in Europe and the United States. Cornell University Press, New YorkGoogle Scholar
  6. Black H (2008) Chemical reaction: the U.S. response to REACH. Environ Health Perspect 116:A124–A127Google Scholar
  7. Borking J (2010) Assessing investments mitigating privacy risks. In: Mommers L, Franken H, van den Herik J, van der Klaauw F, and Zwenne, G-J (eds) Het binnenste buiten; Liber amicorum ter gelegenheid van het emeritaat van Prof.dr. Aernout HJ Schmidt, Hoogleraar Recht en Informatica te Leiden, eLaw@Leiden, pp 255–273Google Scholar
  8. Cannataci JA (2011) Recent developments in privacy and healthcare: different paths for RFID in Europe and North America? Int J RF Technol 2:173–187Google Scholar
  9. Cave J, van Oranje C, Schindler R, Ahehabi A, Brutscher PH-B, Robinson N (2009) Trends in connectivity technologies and their socio-economic impacts. Final report of the study: Policy Options for the Ubiquitous Internet Society. RAND EuropeGoogle Scholar
  10. Cavoukian A (2009) Privacy by designGoogle Scholar
  11. Dommering EJ (2006) Regulating technology: code is not law. In: Dommering EJ, Asscher LF (eds) Coding regulation: essays on the normative role of information technology, T.M.C. Asser Press, pp 1–17Google Scholar
  12. Floerkemeier C, Schneider R, Langheinrich M (2005) Scanning with a purpose—supporting the fair information principles in RFID Protocols. In: Murakami H, Nakashima H, Tokuda H, Yasumura M (eds) Ubiquitious computing systems. Revised selected papers from the 2nd international symposium on ubiquitous computing systems (UCS 2004), Vol 3598, pp 214–231Google Scholar
  13. Grimmelmann J (2005) Regulation by Software. Yale Law J 114:1719–1758Google Scholar
  14. Hildebrandt M, Koops B-J (2010) The challenges of ambient law and legal protection in the profiling era. Mod Law Rev 73(3):428–460CrossRefGoogle Scholar
  15. Hirsch D (2006) Protecting the inner environment: What privacy reregulation can learn from environmental law. Georgia Law Rev 41:1–64Google Scholar
  16. Lahlou S, Jegou F (2003) European disappearing computer privacy design guidelines, version 1, Ambient Agoras Report D15.4, Disappearing Computer InitiativeGoogle Scholar
  17. Langheinrich M (2001) Privacy by design—principles of privacy-aware ubiquitous systems. In: Abowd GD, Brumitt B, Shafer SA (eds) Proceedings of the third international conference on ubiquitous computing, ubicomp 2001, Springer, Berlin pp 273–291Google Scholar
  18. Pasic A (2011) Privacy by design: an industry perspective on the challenges and opportunities of privacyGoogle Scholar
  19. Porter M, van der Linde C (1995) Green and Competitive. Harvard Bus Rev 73(5):120–134Google Scholar
  20. Reidenberg J (2000) Privacy protection and the interdependence of law, technology and self-regulationGoogle Scholar
  21. RISEPTIS Advisory Board (2009) Trust in the information society: research and innovation on security, privacy and trustworthiness in the information societyGoogle Scholar
  22. Schwartz PM (2000) Beyond Lessig’s code for internet privacy: cyberspace filters, privacy-control, and fair information practices. Wisconsin Law Rev 2000(4):743–787Google Scholar
  23. Sollie P, Düwell M (eds) (2009) Evaluating new technologies: methodological problems for the ethical assessment of technology developments. SpringerGoogle Scholar
  24. US Department of Commerce, Informal Comment on the Draft General Data Protection Regulation and Draft Directive on Data Protection in Law Enforcement Investigations, 16 January 2012Google Scholar
  25. van Blarkom GW, Borking JJ, Olk JGE (eds) (2003) The handbook of privacy and privacy-enhancing technologies: the case of intelligent software agentsGoogle Scholar
  26. Williams M-A (2009) Privacy management, the law and global business strategies: a case for privacy driven design. Innovation and enterprise research laboratory, University of Technology, SydneyGoogle Scholar

Copyright information

© T.M.C. Asser Press and the author(s) 2014

Authors and Affiliations

  1. 1.Leiden UniversityLeidenThe Netherlands

Personalised recommendations