Towards a privacy impact assessment methodology to support the requirements of the general data protection regulation in a big data analytics context: A systematic literature review. Issue 44 (April 2022)
- Record Type:
- Journal Article
- Title:
- Towards a privacy impact assessment methodology to support the requirements of the general data protection regulation in a big data analytics context: A systematic literature review. Issue 44 (April 2022)
- Main Title:
- Towards a privacy impact assessment methodology to support the requirements of the general data protection regulation in a big data analytics context: A systematic literature review
- Authors:
- Georgiadis, Georgios
Poels, Geert - Abstract:
- Abstract: Big Data Analytics enables today's businesses and organisations to process and utilise the raw data that is generated on a daily basis. While Big Data Analytics has improved efficiency and created many opportunities, it has also increased the risk of personal data being compromised or breached. The General Data Protection Regulation (GDPR) mandates Data Protection Impact Assessment (DPIA) as a means of identifying appropriate controls to mitigate risks associated with the protection of personal data. However, little is currently known about how to conduct such a DPIA in a Big Data Analytics context. To this end, we conducted a systematic literature review with the aim of identifying privacy and data protection risks specific to the Big Data Analytics context that could negatively impact individuals' rights and freedoms when they occur. Based on a sample of 159 articles, we applied a thematic analysis to all identified risks which resulted in the definition of nine Privacy Touch Points that summarise the identified risks. The coverage of these Privacy Touch Points was then analysed for ten Privacy Impact Assessment (PIA) methodologies. The insights gained from our analysis will inform the next phase of our research, in which we aim to develop a comprehensive DPIA methodology that will enable data processors and data controllers to identify, analyse and mitigate privacy and data protection risks when storing and processing data involving Big Data Analytics.
- Is Part Of:
- Computer law & security review. Issue 44(2022)
- Journal:
- Computer law & security review
- Issue:
- Issue 44(2022)
- Issue Display:
- Volume 44, Issue 44 (2022)
- Year:
- 2022
- Volume:
- 44
- Issue:
- 44
- Issue Sort Value:
- 2022-0044-0044-0000
- Page Start:
- Page End:
- Publication Date:
- 2022-04
- Subjects:
- Big data analytics -- Data protection -- Data protection directive -- General data protection regulation -- Governance -- Information security -- Privacy -- Privacy impact assessment -- Systematic literature review
Computers -- Law and legislation -- Periodicals
Computer security -- Law and legislation -- Periodicals
Electronic commerce -- Law and legislation -- Periodicals
Data protection -- Law and legislation -- Periodicals
Computer security -- Law and legislation
Computers -- Law and legislation
Data protection -- Law and legislation
Electronic commerce -- Law and legislation
Periodicals
343.0999 - Journal URLs:
- http://www.elsevier.com/journals ↗
- DOI:
- 10.1016/j.clsr.2021.105640 ↗
- Languages:
- English
- ISSNs:
- 2212-473X
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 21439.xml