X hits on this document





54 / 100

Compatibility with risk reduction cost metrics

Approximate Information Flows

Model of information flows

Data Protection


Comprehensive framework

Frail assumptions

Incompatible with data protection law

Multilateral Security

General model



Explicit balance

Lack of process model

Fair Information Practices

Based on work by Westin in the early 1970s, the Fair Information Practices (FIPS) are among the earliest guidelines and were influential on almost all data protection legislation. The FIPS were developed specifically to help design large databanks of personal information, such as health records, financial databases, and government records (Table 3).

The FIPS are the only framework that has been used extensively in industry and by regulatory entities. Data Protection Authorities (DPA) use these guidelines to analyze specific technologies [99, 101]. The Working Party bases its analyses on a case-by-case application of the FIPS, along with other principles such as legitimacy and proportionality. The FIPS have also been adapted over time to novel technologies [191] [116] and processes (Privacy Incorporated Software Agents) [235].

However, it should be noted that since the FIPS were developed in the context of large databases of personal information held by institutions, they adopt a data protection and systems-centered viewpoint that may not be appropriate for other applications. The FIPS only suggest evaluating if data collection is commensurate with the goal of the application. In other words, the FIPS are applicable once the general structure of the planned system has been established, but they may fail an analyst in understanding whether an application is useful, acceptable to its stakeholders, and commensurate to its perceived or actual unwanted impact.

These factors hint at two situations where the FIPS may be difficult to apply. The first is in cases where technology mediates relationships between individuals (i.e., personal privacy, see Section 2.2.2) as opposed to between individuals and organizations. The second is in cases where the data is not structured and application purposes are ill-defined (e.g., exploratory applications).

Table 3. The Fair Information Practices (FIPS), OECD version.



Collection Limitation

There should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject.

end-user-privacy-in-human-computer-interaction-v57.docPage 54 of 85

Document info
Document views157
Page views157
Page last viewedTue Oct 25 15:38:59 UTC 2016