Privacy Impact Assessments - How Much Privacy Is Enough?

Explore the concept of Privacy Impact Assessments (PIAs) in this 46-minute LASCON conference talk. Discover how PIAs differ from security risk assessments and their role in Privacy by Design. Learn to model and measure privacy impacts using real-world examples like item tracking devices. Understand privacy risk, privacy harm, and privacy rights infringement concepts. Examine typical assessment methodologies and explore the changing landscape of privacy concerns, including data breaches and international data transfers. Gain insights into categorizing problematic data actions, available controls, and tools for conducting PIAs. Delve into privacy goals, risk assessments, and national privacy legislation to enhance your understanding of privacy engineering in application security.

Introduction
Impact Assessment 1
Privacy Impact Analysis
What has changed
The adversary has changed
Data breach
What hasnt changed
Risk assessments
Privacy goals
Privacy risk assessments
International data transfer
Toolbox
When to do a privacy impact assessment
How to categorize problematic data actions
What are the controls available
Tools
Where to learn more
Recap
Summary
Options
National privacy legislation