An evaluation of privacy impact assessment guidance documents

Roger Clarke*

*Corresponding author for this work

    Research output: Contribution to journalArticlepeer-review

    26 Citations (Scopus)


    † Privacy Impact Assessments (PIAs) have become mainstream in many jurisdictions since the mid-1990s. † Considerable experience has been gained, and the features of effective PIA processes are capable of being described and communicated. † A range of guidance documents have been published, but they vary considerably in their quality. † This paper draws on the literature and the author's professional experience in order to present a list of criteria whereby the quality of a PIA guidance document can be judged. It then applies the criteria to a dozen documents published by government agencies in ten jurisdictions. † Several guidance documents are found to be of high quality, but several others have significant weaknesses and the remainder describe processes that are so deficient that the appropriateness of referring to them as PIAs is in serious doubt.

    Original languageEnglish
    Pages (from-to)111-120
    Number of pages10
    JournalInternational Data Privacy Law
    Issue number2
    Publication statusPublished - 1 May 2011


    Dive into the research topics of 'An evaluation of privacy impact assessment guidance documents'. Together they form a unique fingerprint.

    Cite this