{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,13]],"date-time":"2025-11-13T12:34:32Z","timestamp":1763037272832,"version":"3.37.3"},"publisher-location":"Cham","reference-count":48,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030025465"},{"type":"electronic","value":"9783030025472"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-030-02547-2_11","type":"book-chapter","created":{"date-parts":[[2018,12,29]],"date-time":"2018-12-29T09:22:57Z","timestamp":1546075377000},"page":"183-204","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["\u2018Privacy by Design\u2019 in EU Law"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9271-3512","authenticated-orcid":false,"given":"Maria Grazia","family":"Porcedda","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,12,30]]},"reference":[{"key":"11_CR1","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1080\/13600869.2013.801589","volume":"28","author":"B-J Koops","year":"2014","unstructured":"Koops, B.-J., Leenes, R.: Privacy regulation cannot be hardcoded. A critical comment on the \u2018privacy by design\u2019 provision in data-protection law. Int. Rev. Law Comput. Technol. 28, 151\u2013171 (2014)","journal-title":"Int. Rev. Law Comput. Technol."},{"key":"11_CR2","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1093\/ijlit\/eaw002","volume":"24","author":"DW Schartum","year":"2016","unstructured":"Schartum, D.W.: Making privacy by design operative. Int. J. Law Inf. Technol. 24, 151\u2013175 (2016)","journal-title":"Int. J. Law Inf. Technol."},{"key":"11_CR3","unstructured":"International Conference of Data Protection and Privacy Commissioners: Joint Proposal for a Draft of International Standards on the Protection of Privacy with regard to the processing of Personal Data (The Madrid Resolution). 30th International Conference of Data Protection and Privacy Commissioners, Madrid (2009). https:\/\/icdppc.org\/wp-content\/uploads\/2015\/02\/The-Madrid-Resolution.pdf"},{"key":"11_CR4","unstructured":"Cavoukian, A.: Privacy by Design\u2026Take the Challenge (2010). http:\/\/www.privacybydesign.ca\/content\/uploads\/2010\/03\/PrivacybyDesignBook.pdf"},{"key":"11_CR5","unstructured":"Wuyts, K., Scandariato, R., Joosen, W.: LINDDUN: a privacy threat analysis framework. https:\/\/people.cs.kuleuven.be\/~kim.wuyts\/LINDDUN\/LINDDUN.pdf"},{"key":"11_CR6","unstructured":"Danezis, G., et al.: Privacy and data protection by design \u2013 from policy to engineering. ENISA (2014)"},{"key":"11_CR7","doi-asserted-by":"publisher","first-page":"331","DOI":"10.1007\/978-94-007-2903-2_16","volume-title":"European Data Protection. In Good Health?","author":"U Pagallo","year":"2012","unstructured":"Pagallo, U.: On the principle of privacy by design and its limits. In: Gutwirth, S., Leenes, R., De Hert, P., Poullet, Y. (eds.) European Data Protection. In Good Health?, pp. 331\u2013346. Springer, Dordrecht (2012). https:\/\/doi.org\/10.1007\/978-94-007-2903-2_16"},{"key":"11_CR8","unstructured":"Kamara, I.: Co-regulation in EU personal data protection: the case of technical standards and the privacy by design standardisation \u2018mandate\u2019. Eur. J. Law Technol. 8 (2017)"},{"key":"11_CR9","doi-asserted-by":"publisher","first-page":"374","DOI":"10.1093\/ijlit\/eaw012","volume":"24","author":"A Rachovitsa","year":"2016","unstructured":"Rachovitsa, A.: Engineering and lawyering privacy by design: understanding online privacy both as a technical and an international human right issues. Int. J. Law Inf. Technol. 24, 374\u2013399 (2016)","journal-title":"Int. J. Law Inf. Technol."},{"key":"11_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/978-3-319-44760-5_2","volume-title":"Privacy Technologies and Policy","author":"F Bieker","year":"2016","unstructured":"Bieker, F., Friedewald, M., Hansen, M., Obersteller, H., Rost, M.: A process for data protection impact assessment under the European general data protection regulation. In: Schiffner, S., Serna, J., Ikonomou, D., Rannenberg, K. (eds.) APF 2016. LNCS, vol. 9857, pp. 21\u201337. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-44760-5_2"},{"key":"11_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"199","DOI":"10.1007\/978-3-319-31456-3_12","volume-title":"Privacy Technologies and Policy","author":"P Tsormpatzoudi","year":"2016","unstructured":"Tsormpatzoudi, P., Berendt, B., Coudert, F.: Privacy by design: from research and policy to practice \u2013 the challenge of multi-disciplinarity. In: Berendt, B., Engel, T., Ikonomou, D., Le M\u00e9tayer, D., Schiffner, S. (eds.) APF 2015. LNCS, vol. 9484, pp. 199\u2013212. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-31456-3_12"},{"key":"11_CR12","unstructured":"Porcedda, M.G.: Cybersecurity and privacy rights in EU law. Moving beyond the trade-off model to appraise the role of technology. Ph.D. thesis. European University Institute (2017)"},{"key":"11_CR13","unstructured":"Charter of Fundamental Rights of the European Union, OJ C 303\/01. Official Journal C 303\/01, pp. 1\u201322, European Union (2007)"},{"key":"11_CR14","doi-asserted-by":"crossref","unstructured":"Brkan, M.: In search of the concept of essence of EU fundamental rights through the prism of data privacy. Maastricht Working Paper (2017)","DOI":"10.2139\/ssrn.2900281"},{"key":"11_CR15","volume-title":"The Foundations of EU Data Protection Law","author":"O Lynskey","year":"2015","unstructured":"Lynskey, O.: The Foundations of EU Data Protection Law. Oxford University Press, Oxford (2015)"},{"key":"11_CR16","unstructured":"Tzanou, M.: EU counter-terrorism measures and the question of fundamental rights: the case of personal data protection. Ph.D. thesis, European University Institute (2012)"},{"key":"11_CR17","unstructured":"ENISA: Glossary. https:\/\/www.enisa.europa.eu\/topics\/threat-risk-management\/risk-management\/current-risk\/risk-management-inventory\/glossary"},{"key":"11_CR18","unstructured":"Microsoft: Threat modeling. https:\/\/www.microsoft.com\/en-us\/sdl\/adopt\/threatmodeling.aspx"},{"key":"11_CR19","unstructured":"OWASP: Risk modeling. https:\/\/www.owasp.org\/index.php\/Threat_Risk_Modeling"},{"key":"11_CR20","unstructured":"OWASP: Threat modeling. https:\/\/www.owasp.org\/index.php\/Application_Threat_Modeling"},{"key":"11_CR21","doi-asserted-by":"crossref","unstructured":"Jouinia, M., Rabaia, L.B.A., Aissab, A.B.: Classification of security threats in information systems. In: 5th International Conference on Ambient Systems, Networks and Technologies (ANT-2014). Procedia Computer Science, pp. 489\u2013496 (2014)","DOI":"10.1016\/j.procs.2014.05.452"},{"key":"11_CR22","unstructured":"Microsoft: The STRIDE threat model. https:\/\/msdn.microsoft.com\/en-us\/library\/ee823878(v=cs.20).aspx"},{"key":"11_CR23","unstructured":"Microsoft: Applying STRIDE. https:\/\/msdn.microsoft.com\/en-us\/library\/ee798544%28v=cs.20%29.aspx"},{"key":"11_CR24","unstructured":"International Telecommunication Union: Security in Telecommunications and Information Technology. An overview of issues and the deployment of existing ITU-T Recommendations for secure telecommunications (2015). https:\/\/www.itu.int\/dms_pub\/itu-t\/opb\/tut\/T-TUT-SEC-2015-PDF-E.pdf"},{"key":"11_CR25","doi-asserted-by":"publisher","first-page":"210","DOI":"10.1007\/978-3-319-67280-9_12","volume-title":"Privacy Technologies and Policy","author":"B Berendt","year":"2017","unstructured":"Berendt, B.: Better data protection by design through multicriteria decision making: on false tradeoffs between privacy and utility. In: Schweighofer, E., Leitold, H., Mitrakas, A., Rannenberg, K. (eds.) Privacy Technologies and Policy, pp. 210\u2013230. Springer, Heidelberg (2017). https:\/\/doi.org\/10.1007\/978-3-319-67280-9_12"},{"key":"11_CR26","doi-asserted-by":"crossref","unstructured":"Hansen, M., Jensen, M., Rost, M.: Protection goals for privacy engineering. In: Security and Privacy Workshops (SPW). IEEE (2015)","DOI":"10.1109\/SPW.2015.13"},{"key":"11_CR27","unstructured":"Hoepman, J.-H.: Privacy design strategies. In: 2013 Privacy Law Scholars Conference (PLSC), Cornell University, Ithaca, NY, USA (2013)"},{"key":"11_CR28","unstructured":"Directive 95\/46\/EC of the European Parliament and of the Council of 24 October 1995 on the Protection of Individuals with regard to the Processing of Personal Data and on the Free Movement of such Data (Data Protection Directive) OJ L 281, vol. OJ L 281, pp. 31\u201350 (1995)"},{"key":"11_CR29","unstructured":"Regulation 2016\/679\/EU of the European Parliament and of the Council of 27 April 2016 on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of such data, and Repealing Directive 95\/46\/EC (General Data Protection Regulation), OJ L 119\/1 (2016)"},{"key":"11_CR30","unstructured":"European Commission: Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002\/58\/EC (Regulation on Privacy and Electronic Communications) (2017)"},{"key":"11_CR31","unstructured":"Porcedda, M.G.: On boundaries. In search for the essence of the right to the protection of personal data. In: de Hert, P., van Brakel, R., Leenes, R. (eds.) Proceedings of the 11th Computers, Privacy and Data Protection Conference, Hart (forthcoming)"},{"key":"11_CR32","unstructured":"United Nations, High Commissioner for Human Rights (OHCHR): Human Rights Indicators. A Guide to Measurement and Implementation (2012)"},{"key":"11_CR33","volume-title":"Human Rights Measurement Framework: Prototype Panels, Indicator Set and Evidence Base","author":"J Candler","year":"2011","unstructured":"Candler, J., Holder, H., Hosali, S., Payne, A.M., Tsang, T., Vizard, P.: Human Rights Measurement Framework: Prototype Panels, Indicator Set and Evidence Base. Equality and Human Rights Commission, London (2011)"},{"key":"11_CR34","unstructured":"Fundamental Rights Agency: Using indicators to measure fundamental rights in the EU: challenges and solutions (2011)"},{"key":"11_CR35","first-page":"483","volume":"38","author":"B-J Koops","year":"2017","unstructured":"Koops, B.-J., Clayton Newel, B., Timan, T., Skorvanek, I., Chokrevski, T., Galic, M.: A typology of privacy. Univ. Penn. J. Int. Law 38, 483 (2017)","journal-title":"Univ. Penn. J. Int. Law"},{"key":"11_CR36","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-94-007-5170-5_1","volume-title":"European Data Protection: Coming of Age","author":"RL Finn","year":"2013","unstructured":"Finn, R.L., Wright, D., Friedewald, M.: Seven types of privacy. In: Gutwirth, S., Leenes, R., de Hert, P., Poullet, Y. (eds.) European Data Protection: Coming of Age, pp. 3\u201332. Springer, Dordrecht (2013). https:\/\/doi.org\/10.1007\/978-94-007-5170-5_1"},{"key":"11_CR37","unstructured":"Convention for the Protection of Human Rights and Fundamental Freedoms (as amended by Protocols No 11 and 14), Council of Europe, ETS no 005, 4 November 1950, Rome (1950)"},{"key":"11_CR38","unstructured":"X and Others v. Austria, no. 19010\/07 CE:ECHR:2013:0219JUD001901007 (2013)"},{"key":"11_CR39","unstructured":"Opinion 1\/15 of the Court (Grand Chamber), ECLI:EU:C:2017:592 (2017)"},{"key":"11_CR40","doi-asserted-by":"crossref","unstructured":"Judgment of 5 October 2010 in McB, C-400\/10 PPU, ECLI:EU:C:2010:582, (2010)","DOI":"10.1002\/pmic.201090007"},{"key":"11_CR41","unstructured":"Judgment of 8 April 2014 in Digital Rights Ireland and Seitlinger and Others, Joined cases C-293\/12 and C-594\/12, ECLI:EU:C:2014:238 (2014)"},{"key":"11_CR42","doi-asserted-by":"crossref","unstructured":"Judgment of 13 May 2014 in Google Spain and Google, C-131\/12, ECLI:EU:C:2014:317 (2014)","DOI":"10.1016\/S0969-4765(14)70164-X"},{"key":"11_CR43","unstructured":"Convention for the Protection of Individuals with regard to automatic processing of personal data, Council of Europe, CETS n. 108, 28 January 1981. In: Europe, C.o. (ed.) vol. CETS No. 108, Strasbourg (1981)"},{"key":"11_CR44","doi-asserted-by":"crossref","unstructured":"Judgment of 6 October 2015 in Schrems, C-362\/14, ECLI:EU:C:2015:650 (2015)","DOI":"10.32964\/TJ14.10"},{"key":"11_CR45","unstructured":"G\u00fcrses, S., Troncoso, C., Diaz, C., Engineering privacy by design. In: Paper Discussed at the 4th Computers, Privacy & Data Protection Conference, Brussels (2011)"},{"key":"11_CR46","doi-asserted-by":"publisher","first-page":"1077","DOI":"10.1016\/j.clsr.2018.04.009","volume":"34","author":"MG Porcedda","year":"2018","unstructured":"Porcedda, M.G.: Patching the patchwork: appraising the EU regulatory framework on cyber security breaches. Comput. Law Secur. Rev. 34, 1077\u20131098 (2018)","journal-title":"Comput. Law Secur. Rev."},{"key":"11_CR47","doi-asserted-by":"crossref","unstructured":"Porcedda, M.G., Wall, D.S.: Data science, data crime and the law. In: Berlee, A., Mak, V., Tjong Tijn Tai, E. (eds.) Research Handbook on Data Science and Law. Edwar Elgar, Cheltenham (2018, forthcoming)","DOI":"10.4337\/9781788111300.00017"},{"key":"11_CR48","unstructured":"G\u00fcrses, S., Troncoso, C., Diaz, C., Engineering privacy by design reloaded. http:\/\/carmelatroncoso.com\/papers\/Gurses-APC15.pdf"}],"container-title":["Lecture Notes in Computer Science","Privacy Technologies and Policy"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-02547-2_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,11,13]],"date-time":"2019-11-13T02:25:29Z","timestamp":1573611929000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-02547-2_11"}},"subtitle":["Matching Privacy Protection Goals with the Essence of the Rights to Private Life and Data Protection"],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783030025465","9783030025472"],"references-count":48,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-02547-2_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"APF","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual Privacy Forum","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Barcelona","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Spain","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 June 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 June 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"apf2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/privacyforum.eu\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"49","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"11","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"22% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3.16","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3.0","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}}]}}