Datenschutz und Identitätsmanagement für Communities - Communities für Datenschutz und Identitätsmanagement at INFORMATIK 2011 - Informatik schafft Communities
Berlin 2011

Abstract: This article focuses on automating privacy risk assessment from a legal perspective and its implications for social media. End users activities in social media lead to regular changes in the overall privacy impact because they continually encounter or meddle in all forms of associations. They are exposed to regular changes in risk level as a result of regular associations requiring regular privacy risk assessments. End users can reduce their risk assessment burden if they can rely on an appropriate risk assessment tool that can inform them of their risk levels as a result of changes in associations. We have several information technology (IT) security risk assessment tools available for such purpose. However, we cannot rely on such tools for legal privacy risk assessment because of their security focused. The security focused risk assessment tools are based on the knowledge of security experts, and have strong focus on tangible assets and system security. Using such security risk assessment tools to assess legal privacy risk may affect communication, understanding and increase uncertainty in the risk estimation because such tools lack the domain knowledge. A risk assessment tool based on the legal privacy principles can reduce uncertainty in the risk estimation and enhance the risk assessment communication.