Konferenzbeitrag
Towards a Research Road Map for the Management of Privacy Risks in Information Systems
Lade...
Volltext URI
Dokumententyp
Text/Conference Paper
Dateien
Zusatzinformation
Datum
2008
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Verlag
Gesellschaft für Informatik e. V.
Zusammenfassung
Privacy risk management in information systems is a challenge to system designers and system owners. Increasing regulation requires compliance man- agement, while publicly visible incidents damage companies’ reputation in connec- tion with their treatment of customer privacy. Additionally, increasing attacks with stolen identities and fake identification are carried out against information systems. Companies need to have a privacy management strategy and a privacy-centric technology management. However, no unified methodology for privacy risk assessment, or the selection of countermeasures, exist. This article, after presenting the historic development of data protection and privacy technology research, maps out the missing knowledge areas of privacy technology deployment, and summarizes a return-on-investment approach on privacy management. We conclude with a roadmap on privacy risk management based on preliminary results on privacy threat impact analysis from the Norwegian PETweb research project.