Tag Archives: PIA

In line with an established tradition that the members of VUB-LSTS partake in the Internationales Rechtsinformatik Symposion IRIS, our Brussels Laboratory for Data Protection & Privacy Impact Assessments (d.pia.lab) will organise – at the upcoming, 21st edition of the IRIS conference – a panel dedicated to the automation of privacy- and data protection impact assessments. The panel will take place on Friday, 23 February 2018 from 16:00 till 17:30 in Salzburg, Austria and will be held in English.

robot! by iwouldificould via CC BY-NC-ND 2.0

robot! by iwouldificould

It is well known that the new legal framework for personal data protection in the European Union, applicable from May 2018, brings to the fore a plethora of novel solutions aiming, inter alia, at better safeguarding the interests of individuals whenever their personal data are being handled. One of these novelties is an obligation imposed on data controllers to conduct a data protection impact assessment (DPIA) for those processing operations that could present a “high risk” to the “rights and freedoms of natural persons”. Despite these novelties still posing questions as to their practical application, they already have caused development of dedicated guidance material, templates, tools, etc. – all aimed at making possible and facilitating their usage, including the conduct of a DPIA.

Read More


Risk par Bruce Guenter (2011, CC BY 2.0) avons le plaisir de vous inviter à la journée d’étude « Vie privée, données personnelles et risques. Quels paramètres pour leur cohabitation à venir ? » qui se tiendra le 8 décembre 2017 à Paris.

Avec l’entrée en vigueur du Règlement Général sur la Protection des Données Personnelles (RGPD) le 28 mai 2018, l’Europe écrira une nouvelle page dans l’évolution rapide du numérique.

Il s’agit d’un mouvement à double tranchant : d’un côté les données personnelles sont de plus en plus souvent mises au service d’un prédictibilité calculée, supposée ou réelle, d’un avenir imprévisible et dont l’incertitudes s’impose de manière croissante ; de l’autre côté de nouvelles formes de gestion de risque sont en train de se développer au service des entreprises soucieuses des risques juridiques et commerciaux générés par le RGPD.

Read More

Danger Smart Meters

picture by Environmental Illness Network (via Flickr; CC BY-NC-ND 2.0)

On 21 October 2015 in Vienna, Austria, LSTS researchers Dr Niels van Dijk and Dariusz Kloza will give an opening lecture at the Cybersecurity Lecture Series 2015, organised by the Austrian Institute of Technology (AIT) and the Technische Universität Wien.

The lecture, titled “Seven deadly sins against privacy and personal data protection in the (European) smart grids roll-out“, will be based on a recently published book chapter by Dariusz Kloza, Niels van Dijk and Paul De Hert, printed as “Assessing the European Approach to Privacy and Data Protection in Smart Grids. Lessons for Emerging Technologies” in “Smart Grid Security. Innovative Solutions for a Modernized Grid“, edited by Florian Skopik and Paul Smith (Elsevier, 2015).

The authors argue that smart grids offer novel means of energy governance and promise an adequate response to environmental, societal and technical developments of the 21st century. Yet, at the same time, they are capable of invading the sacrosanctity of the most privacy-sensitive place – the home. This lecture will sketch several societal challenges that smart grids pose and amongst these the threat of abusive surveillance practices. It will next overview and critically assess the “light” regulatory approach that the European Union (EU) has taken as a response thereto. By pointing out the seven major drawbacks of this “light” approach, it will argue that its core element, i.e. a data protection impact assessment (DPIA) framework, is rather a missed opportunity. In conclusion, impact assessments of emerging technologies must be inclusive, easy to use and flexible, satisfying certain quality criteria.

More information as well as the registration form can be found here.

The Centre for the Study of the Sciences and the Humanities (SVT) at the University of Bergen (UiB), Norway, will host a mini-seminar on impact assessments between law and regulation on Monday, 15 June 2015.

victorian risk assessment cartoon

picture by johnbullas (@flickr)

This mini-seminar will deal with new uses of impact assessments, for instance dealing with risks to rights and freedoms posed by new digital technologies. It will pose the question of who should get to perform such assessments, drawing upon whose expertise, and how interdisciplinary teams should come together in the making of assessments of future risks. It especially targetes the domains between law and regulatory activities, and asks whether the two are increasingly becoming conflated. The mini-seminar will proceed by brief presentations followed by questions and discussions.

The presentations will draw upon the recently finished EPINET project (Integrated Assessment of Societal Impacts of Emerging Science and Technology from within Epistemic Networks; 2012-2015), of which Kjetil Rommetveit was the lead investigator, and VUB-LSTS researcher Dariusz Kloza’s recently co-authored book on Smart Grid Security.


13:00 – 13:15: Introduction
13:15 – 14:00: Dariusz Kloza (Vrije Universiteit Brussel, VUB): Doing impact assessments in H2020 research projects
14:15 – 15:00: Kjetil Rommetveit (SVT) and Dariusz Kloza (VUB): Data protection impact assessments and the EU’s Better Regulations Package

Further information:

picture by verbeeldingskr8 (@flickr)

On Wednesday 14 August 2013 two LSTS researchers, Dariusz Kloza and Gertjan Boulet, will give a talk on privacy at the Centre for Internet and Society (CIS) in Bangalore, India. The Centre for Internet and Society is a non-profit research organization that works on policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, and openness (including open government data, free/open source software, open standards, open access to scholarly literature, open educational resources, and open video), and engages in academic research on digital natives and digital humanities.

Read More

by opensourceway (@flickr)

The PIAF project has come to an end. Since January 2011, for 22 months, the consortium comprising Vrije Universiteit Brussel – Research Group on Law, Science, Technology & Society (VUB-LSTS)Trilateral Research & Consulting LLP and Privacy International has conducted research on privacy impact assessment for the European Commission’s Directorate-General Justice.

On the occasion of publication of the final deliverable on the recommendations for a PIA policy for the EU (December 2012), edited by Paul De Hert, Dariusz Kloza and David Wright, the consortium has issued the following press release:

PIAF consortium releases final report:
Privacy impact assessments should be mandatory and engage stakeholders

Press release
19 Dec 2012

Privacy impact assessments should be mandatory and must engage stakeholders in the process, says a consortium in its final report to the European Commission after a multi-country research project.

Read More

The PIAF Project consortium, comprising the Vrije Universiteit Brussel – Research Group on Law, Science, Technology & Society (VUB-LSTS)Trilateral Research & Consulting LLP and Privacy International, for the recent 22 months has been conducting research on privacy impact assessment (PIA).

The project comes to an end in October 2012. Having held its final conference in September 2012 in Brussels, the members of the consortium will now present the final research results and will seek feedback on the 34th International Conference of Data Protection and Privacy Commissioners as well as on one of the side-events, i.e. the 2012 Public Voice Meeting, both held in Punta del Este, Uruguay on 22-24 October 2012.

Among the consortium members, David Wright (Trilateral) will talk on a panel titled Exploring lines of work: research and projects and Gus Hosein (Privacy International) – on a panel on biometrics.

Both Gus Hosein and Dariusz Kloza (VUB-LSTS) will also talk on the Public Voice meeting. Gus will be a panelist on the Emerging Trends in the Internet Global Village: Cross Cultural Views of Privacy, Freedom of Expression and Human Rights on Data Collection, Retention and Use, and Darek – on the Civil Society’s Challenge in Preserving Civic Participation.

The full agendas of both events are available here and here, respectively.