We leverage the FAIR Institute's Factors Analysis of Information Risk and Jaap-Henk Hoepman's Privacy Design Strategies to examine #risk through a Quantitative #PrivacyRisk Analysis developed by R. Jason Cronk and Stuart Shapiro. Learn more about risk and other #privacy topics at https://buff.ly/3G7ckK5 #riskmanagement #riskmitigation #privacybydesign #riskanalysis #riskassessment

How can we assess #privacyrisk in a reliable and precise way? Qualitative measures are not the best option. Quantitative measures, on the other hand, provide invaluable insights that lend themselves to practical use in Three Modern Quantiative Privacy Risk Models
https://enterprivacy.com/tools-resources/ #privacybydesign #privacybydefault #dataprivacy #FAIR #NIST #LINDDUN #riskmodeling #threatmodeling #riskassessment #privacyresources

"During one of the networking events, one person inquired about my methodology for threat modeling privacy, noting the new chapter in my book. I was excited to explain, but as I begun, this person expressed concern that the method “didn’t scale.” https://www.linkedin.com/pulse/invading-privacy-scale-r-jason-cronk/?trackingId=54K5k43o%2FbCFXf0RcGszbA%3D%3D #privacyrisk #threatmodeling #privacyengineering #privacybydesign #privacybydefault

"During one of the networking events, one person inquired about my methodology for threat modeling privacy, noting the new chapter in my book. I was excited to explain, but as I begun, this person expressed concern that the method “didn’t scale.” https://www.linkedin.com/pulse/invading-privacy-scale-r-jason-cronk/?trackingId=54K5k43o%2FbCFXf0RcGszbA%3D%3D #privacyrisk #threatmodeling #privacyengineering #privacybydesign #privacybydefault

We leverage the FAIR Institute's Factors Analysis of Information Risk and Jaap-Henk Hoepman's Privacy Design Strategies to examine #risk through a Quantitative #PrivacyRisk Analysis developed by R. Jason Cronk and Stuart Shapiro. Learn more about risk and other #privacy topics at https://buff.ly/3WGh926 #riskmanagement #riskmitigation #privacybydesign #riskanalysis #riskassessment

During one of the networking events, one person inquired about my methodology for threat modeling privacy, noting the new chapter in my book. I was excited to explain, but as I begun, this person expressed concern that the method "didn’t scale.” https://lnkd.in/g28M6YGq #privacyrisk #threatmodeling #privacyengineering #privacybydesign #privacybydefault

Most #riskassessment methodologies are homegrown and qualitative. Numerical models generally involve largely arbitrary quantifications. FAIR, a quantitative risk model for information security related risks, can be modified for #privacy, providing more meaningful measurements and supporting comparison of risks of similar scenarios with varying controls to organizational tolerances. Read the full IEEE Paper at https://lnkd.in/gxFHpg7B #infosec #privacyrisk #privacybydesign

People ask "What are the privacy risks of ____?" Using Daniel Solove’s Taxonomy of Privacy, there is a four step process to uncovering #privacyrisk:

1) Who is at risk? Who are you concerned about?
2) Who is threatening them? Who are the threat actors?
3) What harms could befall them? (Use Solove's Taxonomy of Harm - https://lnkd.in/dgpAD8hD)
4) How would the threat actor create this harm? What are the means by which they act?

Full infographic at https://lnkd.in/gxtn43uF #privacybydesign

Learn More about our IOPD Design Process Standard through the Certification Ecosystem. The IOPD is developing the #privacy industry’s first standard for a repeatable and comprehensive process by which a company can reduce #privacyrisk. https://lnkd.in/gB_iBmJb #privacybydesign #privacybydefault #privacycertification #privacymanagement #certificationbody #privacyengineering #designprocess #riskmanagement #resources #infographics

Before this 10 December one, we have had 4 previous editions of the DMU Privacy Round Table with 5-30 participants each time, all of which have fed into our (Isabel Wagner, myself, and colleagues') research - papers, bids, even part inspired Isabel's book. Topics have included #smartmeters #DPIA #surveillance #healthdata #surveillancecapitalism #privacyrisk #dataprotection #privacy #research #focusgroups #practice.

Thanks @xot for reminder re hashtags.

Privacy warning:

Don’t download Qatar World Cup apps, EU data authorities warn

Two World Cup apps pose serious privacy and security risks, European privacy regulators say

A message to football fans from Europe’s data protection chiefs: Qatar’s World Cup apps pose a massive privacy risk, so don’t download them.
Data collected “goes much further” than the apps’ privacy notices indicate. 
Continued....
Https://www.politico.eu/article/qatar-world-cup-app-data-warning

#worldcup #football #Qatar #privacy #privacyrisk #phone #mobilephone