References
- Council of Europe. Europen convention on human rights. Europan Court of Human Rights. 1950 Nov 4 [Accessed 2018 Aug 10]. https://www.echr.coe.int/documents/convention_eng.pdf
- European Parliament and European Council. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. 1995 Oct 24 [Accessed 2019 Jul 21]. https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:31995L0046&from=EN
- European Parliament and Council of the European Union.Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR). 2016 Apr 16 [Accessed 2019 Jul 24]. https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679&from=SL\
- Information and Privacy Commissioner and Registratiekamers. Privacy-enhancing technologies: the path to anonymity. 1995 [Accessed 2019 Jul 24]. http://www.ontla.on.ca/library/repository/mon/10000/184530.pdf
- Enterprise Privacy Group. Privacy by design. An Overview of Privacy Enhancing Technologies. 2008 [Accessed 2019 Jul 24]. http://www.dsp.utoronto.ca/projects/surveillance/docs/pbd_pets_paper.pdf
- Cavoukian A. Privacy by design. The 7 Foundational Principles. 2009 [Accessed 2019 Jul 24]. https://www.ipc.on.ca/wpcontent/uploads/Resources/7foundationalprinciples.pdf
- Cavoukian A. Privacy by design. Strong privacy protection - Now, and well into the future. A Report on the State of PbD to the 33rd International Conference of Data Protection and Privacy Commissioners. 2011 [Accessed 2019 Jul 24]. https://www.ipc.on.ca/wp-content/uploads/Resources/PbDReport.pdf
- Huth D, Matthes F. “Appropriate technical and organizational measures”: identifiyng privacy engineering approaches to meet GDPR requirements. Paper presented at: twenty-fifth Americas conference on information systems; 2019 Aug 15–17; Cancún, México.
- Gurses S, Troncoso C, Diaz C. Engineering privacy by design. 2011 [Accessed 2019 Jul 24]. https://www.esat.kuleuven.be/cosic/publications/article-1542.pdf
- Bellotti V, Sellen A. Design for privacy in ubiquitous computing environments. Proceedings of the Third European Conference on Computer-Supported Cooperative Work; 1993 September 13–17; Milan, Italy ECSCW ’93, p. 77–92. doi:10.1007/978-94-011-2094-4_6
- Hong JI, Ng JD, Lederer S, Landay JA. Privacy risk models for designing privacy-sensitive ubiquitous computing systems. Proceedings of the 2004 Conference on Designing Interactive Systems Processes, Practices, Methods, and Techniques - DIS ’04; 2004 Aug 1–4; Cambridge, MA, p. 91. doi:10.1145/1013115.1013129.
- Jensen C, Tullio J, Potts C, Mynatt ED. 2005. STRAP: a structured analysis framework for privacy. Georgia Institute of Technology, Graphics, Visualization and Usability Center; 2005 May 2 [accessed 2019 Sep 15]. http://smartech.gatech.edu/handle/1853/4450
- Kalloniatis C, Kavakli E, Gritzalis S. Addressing privacy requirements in system design: the PriS method. Requirements Eng. 2008;13(3):241–55. doi:10.1007/s00766-008-0067-3.
- Spiekermann S, CranorLF. Engineering privacy. IEEE Trans Softw Eng. 2009;35(1):67–82. doi:10.1109/TSE.2008.88.
- DengM, Wuyts K, Scandariato R, Wouter BP. A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements. Requirements Eng. 2011;16(1):3–32. doi:10.1007/s00766-010-0115-7.
- Hoepman JH. Privacy design strategies. IFIP International Information Security Conference, 2014; Berlin, Heidelberg: Springer, 446–59. doi:10.1007/978-3-642-55415-5.
- Notario N Crespo A, Martin YS Del Alamo JM, Metayer D Le Antignac T, KungA, Kroener I, Wright D. PRIPARE: integrating privacy best practices into a privacy engineering methodology. Proceedings - 2015 IEEE Security and Privacy Workshops (SPW); 2015 May 21–22; San Jose, CA, 151–158. doi:10.1109/SPW.2015.22
- Cavoukian A. Privavcy by design in law, policy and practice. A White Paper for Regulators, Decision-makers and Policy-makers. 2011 [Accessed 2019 Jul 27]. http://www.ontla.on.ca/library/repository/mon/25008/312239.pdf
- International Organization for Standardization and International Electrotechnical Commission (ISO/IEC).ISO/IEC 27001. 2013 [Accessed 2019 Jul 24]. www.iso.org
- Schaar P. Privacy by design. Identity Inf Soc. 2010;3:267–74. doi:10.1007/s12394-010-0055-x.
- Rubinstein IS. Regulating privacy by design. Berkeley Technol Law J. 2011;26(3):1409–56. doi:10.15779/Z38368N.
- Article 29 Data Protection Working Party. Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679. 2017 [Accessed 2019 Jul 24]. http://ec.europa.eu/newsroom/document.cfm?doc_id=47711
- AICPA/CICA. Privacy maturity model. 2011 [Accessed 2019 Jul 24]. https://iapp.org/media/pdf/resource_center/aicpa_cica_privacy_maturity_model_final-2011.pdf
- CNIL. Privacy Impact Assessment (PIA): methodology. 2018 [Accessed 2019 Jul 24]. https://www.cnil.fr/sites/default/files/atoms/files/cnil-pia-1-en-methodology.pdf
- CNIL. Privacy Impact Assessment (PIA): knowledge bases. 2018 [Accessed 2019 Jul 24]. https://www.cnil.fr/sites/default/files/atoms/files/cnil-pia-3-en-knowledgebases.pdf
- ENISA. Privacy and data protection by design - from policy to engineering. 2014 [Accessed 2019 Jul 24]. https://www.enisa.europa.eu/publications/privacy-and-data-protection-by-design/at_download/fullReport
- European Data Protection Supervisor. Opinion 5/2018. Preliminary Opinion on privacy by design. 2018 [Accessed 2019 Jul 24]. https://edps.europa.eu/sites/edp/files/publication/18-05-31_preliminary_opinion_on_privacy_by_design_en_0.pdf