A pragmatic approach to privacy risk optimization: privacy by design for business practices [Book Review]


This paper introduces Nymity’s Privacy Risk Optimization Process (PROP), a process that enables the implementation of privacy into operational policies and procedures, which embodies in Privacy by Design for business practices. The PROP is based on the International Organization for Standardization (ISO) concept that risk can be positive and negative; and further defines Risk Optimization as a process whereby organizations strive to maximize positive risks and mitigate negative ones. The PROP uses these concepts to implement privacy into operational policies and procedures. This paper was produced by Nymity and the Office of the Information and Privacy Commissioner of Ontario, Canada. It was presented by Terry McQuay, President of Nymity, at Privacy by Design: The Definitive Workshop, in Madrid, Spain, on November 2nd, 2009. The workshop was hosted by Dr. Ann Cavoukian, Information and Privacy Commissioner of Ontario, Canada, and Yoram Hacohen, Head of the Israeli Law, Information and Technology Authority.

Download options


    Upload a copy of this work     Papers currently archived: 72,855

External links

Setup an account with your affiliations in order to access resources via your University's proxy server

Through your library


Added to PP

30 (#385,970)

6 months
2 (#257,900)

Historical graph of downloads
How can I increase my downloads?

References found in this work

No references found.

Add more references

Citations of this work

No citations found.

Add more citations

Similar books and articles

Privacy by design: delivering the promises. [REVIEW]Peter Hustinx - 2010 - Identity in the Information Society 3 (2):253-255.
Privacy by Design.Peter Schaar - 2010 - Identity in the Information Society 3 (2):267-274.
Four Challenges for a Theory of Informational Privacy.Luciano Floridi - 2006 - Ethics and Information Technology 8 (3):109–119.
Online Privacy as a Corporate Social Responsibility: An Empirical Study.Irene Pollach - 2011 - Business Ethics, the Environment and Responsibility 20 (1):88-102.
Biobank Research and the Right to Privacy.Lars Øystein Ursin - 2008 - Theoretical Medicine and Bioethics 29 (4):267-285.
The Internet and Japanese Conception of Privacy.Masahiko Mizutani, James Dorsey & James H. Moor - 2004 - Ethics and Information Technology 6 (2):121-128.
Privacy and Personal Identity.Wade L. Robison - 1997 - Ethics and Behavior 7 (3):195 – 205.