A Guide to End-to-End Privacy Accountability

AutorButin, Denis; Métayer, Daniel Le
ArtConference Proceedings
AbstraktAccountability is considered a tenet of privacy management, yet implementing it effectively is no easy task. It requires a systematic approach with an overarching impact on the design and operation of IT systems. This article, which results from a multidisciplinary project involving lawyers, industry players and computer scientists, presents guidelines for the implementation of consistent sets of accountability measures in organisations. It is based on a systematic analysis of the Draft General Data Protection Regulation. We follow a systematic approach covering the whole life cycle of personal data and considering the three levels of privacy proposed by Bennett, namely accountability of policy, accountability of procedures and accountability of practice.
In1st International Workshop on TEchnical and LEgal aspects of data pRIvacy and SEcurity (TELERISE 2015)