OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

pbd-se message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [pbd-se] Privacy Risk Management for Federal Information Systems Observations by Gail Magnuson

Dear all


My own high level comments:


Key points

·         “The model defines an equation and a series of inputs designed to enable (i) the identification of problems for individuals that can arise from the processing of personal information and (ii) the calculation of how such problems can be reflected in an organizational risk management approach that allows for prioritization and resource allocation to achieve agency missions while minimizing adverse events for individuals and agencies collectively”. Clearly takes into account risks affecting data subjects but only reflects them at an organizational level.

·         There is no reference on when to conduct this risk assessment. It seems to “ignore or neglect” privacy by design principles such as taking into account privacy issues from the onset of project and systems.

·         Security risk assessment vs privacy risk assessment: “A privacy risk management framework, therefore, should provide the capability to assess the risk of problems for individuals arising from the operations of the system that involve the processing of their information. Cybersecurity risk management frameworks,  standards, and best practices can be used to address risks to individuals arising from unauthorized access to their information”

·         It explicitly talks about having the “demonstration of specified privacy-preserving functionality” as a business objective.  This view will be reflected in the final version of PRIPARE PSbD methodology.

·         The framework is based on three privacy engineering objectives that have been developed for the purpose of facilitating the development and operation of privacy-preserving information systems: predictability, manageability, and disassociability. These principles can be mapped to PRIPARE’s suggested privacy principles:



Transparency and openness

Compliance with notification requirements

Limited conservation and retention


Data quality

Purpose specification and limitation (finality or legitimacy)

Purpose specification and limitation for sensitive data

Right of access

Right to object

Right to erasure


Confidentiality and security

Privacy and data protection by default

Privacy and data protection by design

·         Takes into account contextual factors that may modify the impact of a privacy issue.

·         An interesting idea is to always keep the mitigated risks at sight. Completely removing them is a risk itself as it “can create an inaccurate assessment of existing or potential risks, and often created temptation for pilots to dismiss potential risks’ existence because they were already perceived as resolved”. This view will be reflected in the final version of PRIPARE’s PSbD

·         One of the major concerns from my side is that the proposed model may neglect addressing issues that are very likely and with a high level of impact if they do not have a direct organizational impact. This approach steps away from user-centric models where data subjects and its information are the asset to protect and completely focuses on protecting the organization. It is no longer protecting data subjects from privacy issues but protecting the organization from its consequences upon them

·         A second concern is that it does not link to other efforts in terms of privacy protection. E.g. Privacy Impact Assessments largely recognize the need for assessing and managing privacy risks and that there are already PIA frameworks providing their own risk framework or model (E.g. BSI PIA assessment guideline https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/ElekAusweise/PIA/Privacy_Impact_Assessment_Guideline_Langfassung.pdf?__blob=publicationFile)

Best regards


From: pbd-se@lists.oasis-open.org [mailto:pbd-se@lists.oasis-open.org] On Behalf Of Antonio kung
Sent: Tuesday, June 16, 2015 3:09 PM
To: pmrm@lists.oasis-open.org; pbd-se@lists.oasis-open.org
Subject: Re: [pbd-se] Privacy Risk Management for Federal Information Systems Observations by Gail Magnuson


Dear all,

Some remarks from me

Antonio Kung

Le 16/06/2015 15:32, Gail Magnuson a écrit :



Attached are my observations and comments.


Best, Gail


Gail Magnuson, LLC

Gail Ann Magnuson
Mobile: 1.704.232.5648
Residence: Ponce Inlet, FL

Mailing Address
4624 Harbour Village Boulevard #4406
Ponce Inlet, FL 32127

To unsubscribe from this mail list, you must leave the OASIS TC that 
generates this mail.  Follow this link to all your TCs in OASIS at:

25 rue du general Foy
F-75008 Paris
Tel   : 33 (0) 1 44 70 61 00  Direct : 33 (0) 1 44 70 61 03
Fax   : 33 (0) 1 44 70 05 91
    -- Software Engineering Focused on Embedded Systems Technology --
            -- Connectivity Solutions for Embedded Systems --
The information contained in this transmission, which may be
confidential and proprietary, is only for the intended recipients.
Unauthorized use is strictly prohibited. If you receive this
transmission in error, please notify me immediately by telephone
or electronic mail and confirm that you deleted this transmission
and the reply from your electronic mail system. 
This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it.
As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavors to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted.

Este mensaje y los ficheros adjuntos pueden contener información confidencial destinada solamente a la(s) persona(s) mencionadas anteriormente y pueden estar protegidos por secreto profesional.
Si usted recibe este correo electrónico por error, gracias por informar inmediatamente al remitente y destruir el mensaje.
Al no estar asegurada la integridad de este mensaje sobre la red, Atos no se hace responsable por su contenido. Su contenido no constituye ningún compromiso para el grupo Atos, salvo ratificación escrita por ambas partes.
Aunque se esfuerza al máximo por mantener su red libre de virus, el emisor no puede garantizar nada al respecto y no será responsable de cualesquiera daños que puedan resultar de una transmisión de virus.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]