{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T00:36:27Z","timestamp":1771979787570,"version":"3.50.1"},"reference-count":166,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2024,6,26]],"date-time":"2024-06-26T00:00:00Z","timestamp":1719360000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2024,6,26]],"date-time":"2024-06-26T00:00:00Z","timestamp":1719360000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/100007797","name":"University of Helsinki","doi-asserted-by":"crossref","id":[{"id":"10.13039\/100007797","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["DISO"],"published-print":{"date-parts":[[2024,8]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Impact assessments are increasingly employed and debated as instruments for mitigating the fundamental rights risks associated with artificial intelligence, platforms and personal data processing. However, before their adoption in connection with technology and fundamental rights, impact assessments have been used for decades to mitigate large undertakings\u2019 environmental and social impacts. An impact assessment is a process for collecting information to identify a future action\u2019s effects and mitigate its unwanted effects. This article proposes that impact assessments represent a distinct legal design pattern with core elements that can be replicated in new legal contexts requiring ex-ante identification and mitigation of foreseeable risks. The tensions between diverging interests, temporality, epistemics and economics characterise this legal design pattern. The impact assessment process seeks to resolve these tensions by enabling translation between the regulator, the executor of the planned action and the stakeholders impacted by it. Awareness of the underlying patterns allows the lawmaker or the regulator to learn across diverse impact assessment models. Design pattern thinking advances research both on law and regulation by uncovering the tensions underling the design solution, as well as pattern interaction between legally mandated impact assessments and those representing other regulatory instruments. Finally, the approach raises awareness of the instrument\u2019s shortcomings, including spheres where relying on complementary legal design patterns, such as precautionary principle, is more justified.<\/jats:p>","DOI":"10.1007\/s44206-024-00111-4","type":"journal-article","created":{"date-parts":[[2024,6,26]],"date-time":"2024-06-26T09:03:00Z","timestamp":1719392580000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Impact Assessment as a Legal Design Pattern\u2014A \u201cTimeless Way\u201d of Managing Future Risks?"],"prefix":"10.1007","volume":"3","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3231-1797","authenticated-orcid":false,"given":"Alina","family":"Wernick","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,6,26]]},"reference":[{"key":"111_CR2","unstructured":"Ada Lovelace Institute. (2022). Algorithmic impact assessment: user guide. https:\/\/www.adalovelaceinstitute.org\/resource\/aia-user-guide\/"},{"issue":"1","key":"111_CR3","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1111\/eulj.12014","volume":"19","author":"A. Alemanno","year":"2013","unstructured":"Alemanno, A., & Meuwese, A. (2013). Impact assessment of EU non-legislative rulemaking: The missing link in \u2018New Comitology\u2019. European Law Journal, 19(1), 76\u201392.","journal-title":"European Law Journal"},{"key":"111_CR5","volume-title":"The timeless way of building","author":"C. Alexander","year":"1979","unstructured":"Alexander, C. (1979). The timeless way of building (Vol. 1). Oxford University Press."},{"key":"111_CR4","volume-title":"A pattern language","author":"C. Alexander","year":"1977","unstructured":"Alexander, C., Angel, S., Fiksdahl-King, I., Ishikawa, S., Jacobson, M., & Silverstein, M. (1977). A pattern language. Oxford University Press."},{"key":"111_CR1","unstructured":"Algorithmic Accountability Act of 2022, S.3572 \u2014 117th Congress. (2021\u20132022). https:\/\/www.congress.gov\/bill\/117th-congress\/senate-bill\/3572\/text"},{"key":"111_CR6","doi-asserted-by":"publisher","unstructured":"Almada, M. (2023). Regulation by design and the governance of technological futures. European Journal of Risk Regulation, 1\u201313. https:\/\/doi.org\/10.1017\/err.2023.37","DOI":"10.1017\/err.2023.37"},{"issue":"1","key":"111_CR7","first-page":"182","volume":"11","author":"A. Alvesalo-Kuusi","year":"2022","unstructured":"Alvesalo-Kuusi, A., Malik, H. M., Viljanen, M., & Lepinkainen, N. (2022). Dynamics of social harms in an algorithmic context. International Journal for Crime, Justice and Social Democracy, 11(1), 182\u2013195.","journal-title":"International Journal for Crime, Justice and Social Democracy"},{"key":"111_CR8","unstructured":"American Data Privacy and Protection Act, H.R.8152 \u2014 117th Congress. (2021\u20132022). https:\/\/www.congress.gov\/bill\/117th-congress\/house-bill\/8152\/text"},{"key":"111_CR9","unstructured":"Article 29 Data Protection Working Party. (2017). Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is \u201clikely to result in a high risk\u201d for the purposes of Regulation 2016\/679. 17\/EN WP 248 rev.01 Version 4 October 2017."},{"key":"111_CR10","unstructured":"Artificial Intelligence Act [AIA]. (2024). Proposal for a regulation of the European Parliament and of the Council laying down harmonised rules on artificial intelligence (Artificial Intelligence Act) and amending certain Union legislative acts - Analysis of the final compromise text with a view to agreement. 2021\/0106(COD."},{"key":"111_CR11","unstructured":"Australian Government. (n.d.). Privacy impact assessments. Office of the Australian Information Commissioner. https:\/\/www.oaic.gov.au\/privacy\/privacy-guidance-for-organisations-and-government-agencies\/privacy-impact-assessments"},{"key":"111_CR12","doi-asserted-by":"publisher","DOI":"10.1093\/oso\/9780195070705.001.0001","volume-title":"Responsive regulation: Transcending the deregulation debate","author":"J. Ayres","year":"1992","unstructured":"Ayres, J., & Braithwaite, J. (1992). Responsive regulation: Transcending the deregulation debate. Oxford University Press."},{"key":"111_CR13","volume-title":"Understanding regulation: Theory, strategy, and practice","author":"R. Baldwin","year":"2012","unstructured":"Baldwin, R., Cave, M., & Lodge, M. (2012). Understanding regulation: Theory, strategy, and practice. Oxford University Press. http:\/\/ebookcentral.proquest.com\/lib\/bsb\/detail.action?docID=829488"},{"key":"111_CR14","doi-asserted-by":"publisher","first-page":"115","DOI":"10.14361\/9783839456743","volume-title":"Unlocking Luhmann: A keyword introduction to systems theory","author":"C. Baraldi","year":"2021","unstructured":"Baraldi, C., Corsi, G., & Esposito, E. (2021a). Interpenetration and structural coupling in Baraldi. In G. Corsi & E. Esposito (eds), Unlocking Luhmann: A keyword introduction to systems theory (1st, pp. 115\u2013120). Transcript Verlag. https:\/\/doi.org\/10.14361\/9783839456743","edition":"1st"},{"key":"111_CR15","doi-asserted-by":"publisher","first-page":"37","DOI":"10.14361\/9783839456743","volume-title":"Unlocking Luhmann: A keyword introduction to systems theory","author":"C. Baraldi","year":"2021","unstructured":"Baraldi, C., Corsi, G., & Esposito, E. (2021b). Autopoiesis. In C. Baraldi, G. Corsi, & E. Esposito (eds), Unlocking Luhmann: A keyword introduction to systems theory (1st, pp. 37\u201340). Transcript Verlag. https:\/\/doi.org\/10.14361\/9783839456743","edition":"1st"},{"issue":"1","key":"111_CR16","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1093\/idpl\/ipw027","volume":"7","author":"R. Binns","year":"2017","unstructured":"Binns, R. (2017). Data protection impact assessments: A meta-regulatory approach. International Data Privacy Law, 7(1), 22\u201335. https:\/\/doi.org\/10.1093\/idpl\/ipw027","journal-title":"International Data Privacy Law"},{"key":"111_CR17","doi-asserted-by":"publisher","DOI":"10.1093\/acprof:oso\/9780198262947.001.0001","volume-title":"Rules and regulators","author":"J. Black","year":"1997","unstructured":"Black, J. (1997). Rules and regulators. Clarendon Press."},{"key":"111_CR18","unstructured":"Black, J. (2005). The emergence of risk-based regulation and the new public risk management in the United Kingdom. Public Law, 512\u2013549."},{"key":"111_CR19","doi-asserted-by":"publisher","first-page":"185","DOI":"10.1787\/9789264082939-11-en","volume-title":"Risk and regulatory policy. Improving the governance of risk","author":"J. Black","year":"2010","unstructured":"Black, J. (2010). Risk-based regulation: Choices, practices and lessons being learnt. In Risk and regulatory policy. Improving the governance of risk (pp. 185\u2013236). OECD. https:\/\/www.oecd-ilibrary.org\/governance\/risk-and-regulatory-policy\/risk-regulation-and-governance-institutions_9789264082939-9-en"},{"issue":"2","key":"111_CR20","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1111\/j.1467-9930.2010.00318.x","volume":"32","author":"J. Black","year":"2010","unstructured":"Black, J., & Baldwin, R. (2010). Really responsive risk-based regulation. Law & Policy, 32(2), 181\u2013213.","journal-title":"Law & Policy"},{"issue":"1","key":"111_CR21","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1111\/j.1748-5991.2011.01124.x","volume":"6","author":"J. Black","year":"2012","unstructured":"Black, J., & Baldwin, R. (2012). When risk-based regulation aims low: Approaches and challenges. Regulation & Governance, 6(1), 2\u201322.","journal-title":"Regulation & Governance"},{"issue":"3","key":"111_CR22","doi-asserted-by":"publisher","first-page":"899","DOI":"10.1093\/ejil\/chx042","volume":"28","author":"J. Bonnitcha","year":"2017","unstructured":"Bonnitcha, J., & McCorquodale, R. (2017). The concept of \u2018Due Diligence\u2019 in the UN guiding principles on business and human rights. European Journal of International Law, 28(3), 899\u2013919. https:\/\/doi.org\/10.1093\/ejil\/chx042","journal-title":"European Journal of International Law"},{"key":"111_CR23","unstructured":"Borchers, J. (2000) Interaction Design Patterns: Twelve theses. https:\/\/apps.hci.rwth-aachen.de\/borchers-old\/publications\/chi2k\/CHI2K-Borchers.pdf"},{"key":"111_CR24","first-page":"15","volume-title":"Risk and regulatory policy. Improving the governance of risk","author":"G. Bounds","year":"2010","unstructured":"Bounds, G. (2010). Challenges to designing regulatory policy frameworks to manage risks. In Risk and regulatory policy. Improving the governance of risk (pp. 15\u201344). OECD. https:\/\/www.oecd-ilibrary.org\/governance\/risk-and-regulatory-policy\/risk-regulation-and-governance-institutions_9789264082939-9-en"},{"issue":"7","key":"111_CR25","doi-asserted-by":"publisher","first-page":"1466","DOI":"10.2307\/1288556","volume":"80","author":"J. Braithwaite","year":"1982","unstructured":"Braithwaite, J. (1982). Enforced self-regulation: A new strategy for corporate crime control. Michigan Law Review, 80(7), 1466\u20131507. https:\/\/doi.org\/10.2307\/1288556","journal-title":"Michigan Law Review"},{"key":"111_CR26","unstructured":"Brussels Privacy Hub. (2023). More than 150 university professors from all over Europe and beyond are calling on European institutions to include a fundamental rights impact assessment in the future regulation of artificial intelligence. https:\/\/brusselsprivacyhub.com\/2023\/09\/12\/brussels-privacy-hub-and-other-academic-institutions-ask-to-approve-a-fundamental-rights-impact-assessment-in-the-eu-artificial-intelligence-act\/"},{"issue":"4","key":"111_CR27","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1080\/07349165.1991.9726070","volume":"9","author":"R. J. Burdge","year":"1991","unstructured":"Burdge, R. J. (1991). A brief history and major trends in the field of impact assessment. Impact Assessment, 9(4), 93\u2013104. https:\/\/doi.org\/10.1080\/07349165.1991.9726070","journal-title":"Impact Assessment"},{"issue":"1","key":"111_CR28","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1080\/07349165.1996.9725886","volume":"14","author":"R. J. Burdge","year":"1996","unstructured":"Burdge, R. J., & Vanclay, F. (1996). Social impact assessment: A contribution to the state of the art series. Impact Assessment, 14(1), 59\u201386.","journal-title":"Impact Assessment"},{"issue":"3","key":"111_CR29","doi-asserted-by":"publisher","first-page":"126","DOI":"10.18261\/olr.8.3.2","volume":"8","author":"L. A. Bygrave","year":"2022","unstructured":"Bygrave, L. A. (2022). Security by design: Aspirations and realities in regulatory context. Oslo Law Review, 8(3), 126\u2013177.","journal-title":"Oslo Law Review"},{"issue":"6","key":"111_CR30","doi-asserted-by":"publisher","first-page":"1089","DOI":"10.2307\/1340059","volume":"85","author":"G. Calabresi","year":"1972","unstructured":"Calabresi, G., & Melamed, A. D. (1972). Property rules, liability rules, and inalienability: One view of the cathedral. Harvard Law Review, 85(6), 1089\u20131128.","journal-title":"Harvard Law Review"},{"key":"111_CR31","unstructured":"Cambridge Dictionary. (n.d. a). Impact assessment. In Cambridge.org dictionary. Retrieved from https:\/\/dictionary.cambridge.org\/dictionary\/english\/impact-assessment"},{"key":"111_CR32","unstructured":"Cambridge Dictionary. (n.d. b). Risk assessment. In Cambridge.org dictionary. Retrieved from https:\/\/dictionary.cambridge.org\/dictionary\/english\/risk-assessment"},{"key":"111_CR166","unstructured":"Cambridge Dictionary (n.d. c.) Risk. In Cambridge.org dictionary Retrieved from https:\/\/dictionary.cambridge.org\/dictionary\/english\/risk"},{"key":"111_CR33","first-page":"12","volume-title":"Information and privacy commissioner of Ontario, Canada","author":"A. Cavoukian","year":"2009","unstructured":"Cavoukian, A. (2009). Privacy by design: The 7 foundational principles. In Information and privacy commissioner of Ontario, Canada (Vol. 5, pp. 12)."},{"issue":"2","key":"111_CR34","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1016\/j.clsr.2009.02.002","volume":"25","author":"R. Clarke","year":"2009","unstructured":"Clarke, R. (2009). Privacy impact assessment: Its origins and development. Computer Law & Security Review, 25(2), 123\u2013135.","journal-title":"Computer Law & Security Review"},{"issue":"4","key":"111_CR35","doi-asserted-by":"publisher","first-page":"398","DOI":"10.1016\/j.clsr.2019.04.008","volume":"35","author":"R. Clarke","year":"2019","unstructured":"Clarke, R. (2019). Regulatory alternatives for AI. Computer Law & Security Review, 35(4), 398\u2013409.","journal-title":"Computer Law & Security Review"},{"key":"111_CR38","unstructured":"Council of Europe [CoE]. (2023a). Revised Zero Draft [Framework] Convention on artificial intelligence, human rights, democracy and the rule of law. Retrieved January 6, 2023, from https:\/\/rm.coe.int\/cai-2023-01-revised-zero-draft-framework-convention-public\/1680aa193f"},{"key":"111_CR39","unstructured":"Council of Europe [CoE]. (2023b). Consolidated working draft of the framework convention on artificial intelligence, human rights, democracy and the rule of law. Retrieved July 7, 2023, from https:\/\/rm.coe.int\/cai-2023-18-consolidated-working-draft-framework-convention\/1680abde66"},{"key":"111_CR40","unstructured":"Council of Europe [CoE]. (2024). 10.1. Committee on Artificial Intelligence (CAI) Draft framework convention on artificial intelligence, human rights, democracy and the rule of law. 15 March 2024. CM(2024)52-prov1."},{"key":"111_CR36","unstructured":"Council of Europe [CoE] & Ad Hoc Committee On Artificial Intelligence [CAHAI]. (2020). Feasibility study. https:\/\/rm.coe.int\/cahai-2020-23-final-eng-feasibility-study-\/1680a0c6da"},{"key":"111_CR37","unstructured":"Council of Europe [CoE] & Ad Hoc Committee On Artificial Intelligence [CAHAI]. (2021). Possible elements of a legal framework on artificial intelligence based on the Council of Europe\u2019s standards on human rights, democracy and the rule of law. https:\/\/rm.coe.int\/cahai-2021-09rev-elements\/1680a6d90d"},{"key":"111_CR152","unstructured":"Council of Europe [CoE] & Yeung, K. (2019) Responsibility and AI. https:\/\/rm.coe.int\/responsability-and-ai-en\/168097d9c5"},{"key":"111_CR41","unstructured":"Davis, O., & Strauss, D. (2024) A look at proposed US state private sector AI legislation. IAPP. https:\/\/iapp.org\/news\/a\/a-look-at-proposed-u-s-state-private-sector-ai-legislation\/"},{"issue":"1","key":"111_CR43","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1207\/s15327051hci2101_3","volume":"21","author":"A. Dearden","year":"2006","unstructured":"Dearden, A., & Finlay, J. (2006). Pattern languages in HCI: A critical review. Human\u2013Computer Interaction, 21(1), 49\u2013102.","journal-title":"Human\u2013Computer Interaction"},{"issue":"2","key":"111_CR42","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1177\/016934410902700202","volume":"27","author":"G. De Beco","year":"2009","unstructured":"De Beco, G. (2009). Human rights impact assessments. Netherlands Quarterly of Human Rights, 27(2), 139\u2013166.","journal-title":"Netherlands Quarterly of Human Rights"},{"key":"111_CR44","doi-asserted-by":"publisher","first-page":"2311","DOI":"10.1007\/s12525-022-00597-1","volume":"32","author":"E. Dickhaut","year":"2022","unstructured":"Dickhaut, E., Li, M. M., Janson, A., & Leimeister, J. M. (2022). The role of design patterns in the development and legal assessment of lawful technologies. Electron Markets, 32, 2311\u20132331. https:\/\/doi.org\/10.1007\/s12525-022-00597-1","journal-title":"Electron Markets"},{"key":"111_CR45","unstructured":"DIGITALEUROPE. (2023). AI Act trilogues: A vision for futureproofing, governance and innovation in Europe. https:\/\/cdn.digitaleurope.org\/uploads\/2023\/10\/231016-Final-DE-AI-Act-trilogue-paper.pdf"},{"issue":"2","key":"111_CR46","doi-asserted-by":"publisher","first-page":"147","DOI":"10.1111\/rmir.12016","volume":"16","author":"G. Dionne","year":"2013","unstructured":"Dionne, G. (2013). Risk management: History, definition, and critique. Risk Management and Insurance Review, 16(2), 147\u2013166.","journal-title":"Risk Management and Insurance Review"},{"key":"111_CR168","doi-asserted-by":"crossref","unstructured":"Diver, L. (2024) Using design patterns to build and maintain the Rule of Law. DISO","DOI":"10.31235\/osf.io\/587zd"},{"key":"111_CR47","unstructured":"EDRi. (2021). An EU Artificial Intelligence Act for Fundamental Rights A Civil Society Statement. https:\/\/edri.org\/wp-content\/uploads\/2021\/12\/Political-statement-on-AI-Act.pdf"},{"key":"111_CR49","doi-asserted-by":"crossref","unstructured":"E-Government Act. Public Law 107\u2013347\u2013 Dec 17 2002. 116 Stat. 2899.","DOI":"10.1023\/A:1020095319056"},{"issue":"1","key":"111_CR50","doi-asserted-by":"publisher","first-page":"35","DOI":"10.1080\/14615517.2012.660356","volume":"30","author":"A. M. Esteves","year":"2012","unstructured":"Esteves, A. M., Franks, D., & Vanclay, F. (2012). Social impact assessment: The state of the Art. Impact Assessment and Project Appraisal, 30(1), 35\u201344. https:\/\/doi.org\/10.1080\/14615517.2012.660356","journal-title":"Impact Assessment and Project Appraisal"},{"key":"111_CR51","unstructured":"European Center for Not-for-Profit Law [ECNL]. (2023). Framework for Meaningful Engagement. https:\/\/ecnl.org\/publications\/framework-meaningful-engagement-human-rights-impact-assessments-ai"},{"key":"111_CR52","unstructured":"European Commission [EC]. (2000). Communication from the Commission on the precautionary principle. COM(2000) 1 final."},{"key":"111_CR53","unstructured":"European Commission [EC]. 2021a. EU Grants how to complete your ethics self-assessment. https:\/\/ec.europa.eu\/info\/funding-tenders\/opportunities\/docs\/2021-2027\/common\/guidance\/how-to-complete-your-ethics-self-assessment_en.pdf"},{"key":"111_CR54","unstructured":"European Commission [EC]. (2021b). Better Regulation Guidelines. https:\/\/commission.europa.eu\/document\/download\/d0bbd77f-bee5-4ee5-b5c4-6110c7605476_en?filename=swd2021_305_en.pdf"},{"key":"111_CR55","unstructured":"European Data Protection Supervisor [EDPS]. (2023). Opinion 44\/2023 on the Proposal for Artificial Intelligence Act in the light of legislative developments. https:\/\/edps.europa.eu\/system\/files\/2023-10\/2023-0137_d3269_opinion_en.pdf"},{"key":"111_CR56","unstructured":"European Parliament [EP]. (2023). Artificial Intelligence Act Proposal. Consolidated version. https:\/\/www.europarl.europa.eu\/meetdocs\/2014_2019\/plmrep\/COMMITTEES\/CJ40\/DV\/2023\/05-11\/ConsolidatedCA_IMCOLIBE_AI_ACT_EN.pdf"},{"key":"#cr-split#-111_CR57.1","unstructured":"European Parliament [EP]. (2024). Corporate sustainability due diligence amendments adopted by the European Parliament on 1 June 2023 on the proposal for a directive of the European Parliament and of the Council on Corporate Sustainability Due Diligence and amending Directive"},{"key":"#cr-split#-111_CR57.2","unstructured":"(EU) 2019\/1937 (COM(2022)0071- C9-0050\/2022- 2022\/0051(COD). P9_TA(2023)0209. https:\/\/www.europarl.europa.eu\/doceo\/document\/TA-9-2023-0209_EN.pdf"},{"key":"111_CR58","unstructured":"European Union Agency for Fundamental Rights [FRA]. (2021). Getting the future right. Artificial Intelligence and fundamental rights. Summary. https:\/\/fra.europa.eu\/sites\/default\/files\/fra_uploads\/fra-2021-artificial-intelligence-summary_en.pdf"},{"key":"111_CR59","doi-asserted-by":"publisher","unstructured":"Fraser, H., & Bello Y Villarino, J.-M. (2023). Acceptable risks in Europe\u2019s proposed AI act: Reasonableness and other principles for deciding how much risk management is enough. European Journal of Risk Regulation, 1\u201316. https:\/\/doi.org\/10.1017\/err.2023.57","DOI":"10.1017\/err.2023.57"},{"key":"111_CR60","unstructured":"Fujitsu. (2022). AO Ethics Impact Assessment Practice Guide. https:\/\/www.fujitsu.com\/global\/about\/research\/technology\/aiethics\/#anc-03"},{"key":"111_CR61","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-47910-4_21","volume-title":"ECOOP\u2019 93 \u2014 Object-Oriented Programming. Lecture Notes in Computer Science","author":"E. Gamma","year":"1993","unstructured":"Gamma, E., Helm, R., Johnson, R., & Vlissides, J. (1993). Design patterns: Abstraction and reuse of object-oriented design. In O. M. Nierstrasz (Ed.), ECOOP\u2019 93 \u2014 Object-Oriented Programming. Lecture Notes in Computer Science (Vol. 707). Springer. https:\/\/doi.org\/10.1007\/3-540-47910-4_21"},{"issue":"2","key":"111_CR62","doi-asserted-by":"publisher","first-page":"279","DOI":"10.1016\/j.clsr.2017.12.003","volume":"34","author":"R. Gellert","year":"2018","unstructured":"Gellert, R. (2018). Understanding the notion of risk in the general data protection regulation. Computer Law & Security Review, 34(2), 279\u2013288.","journal-title":"Computer Law & Security Review"},{"key":"111_CR63","doi-asserted-by":"publisher","DOI":"10.1093\/oso\/9780198837718.001.0001","volume-title":"The risk-based approach to data protection","author":"R. Gellert","year":"2020","unstructured":"Gellert, R. (2020). The risk-based approach to data protection. Oxford University Press."},{"issue":"4","key":"111_CR64","doi-asserted-by":"publisher","first-page":"485","DOI":"10.1111\/j.1748-5991.2010.01090.x","volume":"4","author":"S. Gilad","year":"2010","unstructured":"Gilad, S. (2010). It runs in the family: Meta-regulation and its siblings. Regulation & Governance, 4(4), 485\u2013506.","journal-title":"Regulation & Governance"},{"issue":"2","key":"111_CR65","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1080\/13669877.2018.1517381","volume":"23","author":"M. E. Gon\u00e7alves","year":"2020","unstructured":"Gon\u00e7alves, M. E. (2020). The risk-based approach under the new EU data protection regulation: A critical perspective. Journal of Risk Research, 23(2), 139\u2013152.","journal-title":"Journal of Risk Research"},{"key":"111_CR68","unstructured":"Government of Canada. (n.d.). Algorithmic Impact Assessment Tool. https:\/\/www.canada.ca\/en\/government\/system\/digital-government\/digital-government-innovations\/responsible-use-ai\/algorithmic-impact-assessment.html"},{"key":"111_CR66","doi-asserted-by":"publisher","first-page":"373","DOI":"10.4337\/9781788970006","volume-title":"Handbook of human rights impact assessments","author":"N. G\u00f6tzmann","year":"2019","unstructured":"G\u00f6tzmann, N. (2019). The concept of accountability in HRIA. In N. G\u00f6tzmann (Ed.), Handbook of human rights impact assessments (pp. 373\u2013389). Edward Elgar."},{"issue":"1","key":"111_CR67","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1080\/14615517.2015.1096036","volume":"34","author":"N. G\u00f6tzmann","year":"2016","unstructured":"G\u00f6tzmann, N., Vanclay, F., & Seier, F. (2016). Social and human rights impact assessments: What can they learn from each other? Impact Assessment and Project Appraisal, 34(1), 14\u201323.","journal-title":"Impact Assessment and Project Appraisal"},{"key":"111_CR69","doi-asserted-by":"crossref","unstructured":"Gunningham, G., Grabosky, P., & Sinclair, D. (eds). (1998a). Smart regulation: Designing environmental policy (1st ed.). Clarendon Press.","DOI":"10.1093\/oso\/9780198268574.001.0001"},{"key":"111_CR70","doi-asserted-by":"publisher","first-page":"37","DOI":"10.1093\/oso\/9780198268574.003.0002","volume-title":"Smart regulation: Designing environmental policy","author":"N. Gunningham","year":"1998","unstructured":"Gunningham, N., Sinclair, D., & Grabosky, P. (1998b) Instruments for environmental protection. In N. Gunningham, P. Grabosky, & D. Sinclair (Eds.), Smart regulation: Designing environmental policy (1st ed., pp. 37\u201388). Clarendon Press."},{"issue":"4","key":"111_CR71","doi-asserted-by":"publisher","first-page":"1143","DOI":"10.54648\/COLA2018095","volume":"55","author":"P. Hacker","year":"2018","unstructured":"Hacker, P. (2018). Teaching fairness to artificial intelligence: Existing and novel strategies against algorithmic discrimination under EU law. Common Market Law Review, 55(4), 1143\u20131185.","journal-title":"Common Market Law Review"},{"key":"111_CR72","doi-asserted-by":"publisher","first-page":"61","DOI":"10.4324\/9781315242002-5","volume-title":"Surveillance, crime and social control","author":"K. D. Haggerty","year":"2017","unstructured":"Haggerty, K. D., & Ericson, R. V. (2017). The surveillant assemblage. In D. Wilson & C. Norris (Eds.), Surveillance, crime and social control (pp. 61\u201378). Routledge."},{"key":"111_CR73","doi-asserted-by":"publisher","first-page":"181","DOI":"10.22459\/RT.02.2017.11","volume-title":"Regulatory theory: Foundations and applications","author":"F. Haines","year":"2017","unstructured":"Haines, F. (2017). Regulation and risk. In P. Drahos (Ed.), Regulatory theory: Foundations and applications (pp. 181\u2013196). ANU Press. http:\/\/www.jstor.org\/stable\/j.ctt1q1crtm.19"},{"key":"111_CR75","unstructured":"High-Level Expert Group on Artificial Intelligence (HLEG). (2019). Ethics guidelines for trustworthy AI (pp. 1\u201339) [Guidelines]. European Commission. https:\/\/ec.europa.eu\/newsroom\/dae\/document.cfm?doc_id=60419"},{"key":"111_CR76","doi-asserted-by":"publisher","DOI":"10.4337\/9781849808774","volume-title":"Smart technologies and the end(s) of law: Novel entanglements of law and technology","author":"M. Hildebrandt","year":"2015","unstructured":"Hildebrandt, M. (2015). Smart technologies and the end(s) of law: Novel entanglements of law and technology. Edward Elgar Publishing."},{"key":"111_CR77","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1007\/s12599-015-0373-5","volume":"57","author":"A. Hoffmann","year":"2015","unstructured":"Hoffmann, A., Schulz, T., Zirfas, J., Hoffmann, H., Ro\u00dfnagel, A., & Leimeister, J. M. (2015). Legal compatibility as a characteristic of sociotechnical systems. Business and Information Systems Engineering, 57, 103\u2013113. https:\/\/doi.org\/10.1007\/s12599-015-0373-5","journal-title":"Business and Information Systems Engineering"},{"issue":"6877","key":"111_CR78","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1038\/416123a","volume":"416","author":"H. Hoffmann-Riem","year":"2002","unstructured":"Hoffmann-Riem, H., & Wynne, B. (2002). In risk assessment, one has to admit ignorance. Nature, 416(6877), 123\u2013123.","journal-title":"Nature"},{"key":"111_CR79","unstructured":"IAIA. (2009). What is impact assessment?. https:\/\/www.iaia.org\/pdf\/special-publications\/What%20is%20IA_web.pdf"},{"key":"111_CR80","unstructured":"IAIA. (2021). The state of digital impact assessment practice. https:\/\/www.iaia.org\/uploads\/pdf\/State%20of%20Digital%20IA%20Practice_converted.pdf"},{"key":"111_CR81","unstructured":"International Association for Impact Assessment [IAIA]. (n.d.). https:\/\/www.iaia.org\/wiki-details.php?ID=4"},{"key":"111_CR82","unstructured":"ISO. (2018). ISO 31000:2018 risk management\u2013 guidelines. https:\/\/www.iso.org\/obp\/ui\/#iso:std:iso:31000:ed-2:v1:en"},{"key":"111_CR83","unstructured":"ISO\/IEC. (2019). IEC 31010:2019 risk management risk assessment techniques."},{"key":"111_CR84","unstructured":"ISO\/IEC. (2023). International standard ISO\/IEC FDIS 29134 information technology \u2014 security techniques \u2014 guidelines for privacy impact assessment. Final Draft. https:\/\/cdn.standards.iteh.ai\/samples\/86012\/581fe0fea8ae4a41844e5dc528c4e120\/ISO-IEC-FDIS-29134.pdf"},{"key":"111_CR85","doi-asserted-by":"crossref","unstructured":"Iwaya, L. H., Alaqra, A. S., Hansen, M., & Fischer-H\u00fcbner, S. (2024). Privacy impact assessments in the wild: A scoping review. arXiv preprint arXiv:2402.11193.","DOI":"10.1016\/j.array.2024.100356"},{"key":"111_CR86","first-page":"111","volume-title":"Handbook of environmental impact assessment","author":"U. Jha-Thakur","year":"2022","unstructured":"Jha-Thakur, U., Khosravi, F., & Hoare, D. (2022). The theory and practice of scoping: Delivering proportionate EIA reports. In A. Fonseca (Ed.), Handbook of environmental impact assessment (pp. 111\u2013125). Edward Elgar Publishing."},{"key":"111_CR87","doi-asserted-by":"publisher","first-page":"1347","DOI":"10.2139\/ssrn.4195066","volume":"103","author":"M. E. Kaminski","year":"2023","unstructured":"Kaminski, M. E. (2023). Regulating the risks of AI (August 19, 2022). Boston University Law Review, 103, 1347. https:\/\/doi.org\/10.2139\/ssrn.4195066","journal-title":"Boston University Law Review"},{"key":"111_CR88","doi-asserted-by":"publisher","first-page":"68","DOI":"10.1145\/3351095.3372875","volume-title":"Proceedings of the 2020 Conference on fairness, accountability, and transparency","author":"M. E. Kaminski","year":"2020","unstructured":"Kaminski, M. E., & Malgieri, G. (2020). Multi-layered explanations from algorithmic impact assessments in the GDPR. In Proceedings of the 2020 Conference on fairness, accountability, and transparency (pp. 68\u201379)."},{"key":"111_CR160","doi-asserted-by":"crossref","unstructured":"Kaminski, M. E., & Malgieri, G. (2021). Algorithmic impact assessments under the GDPR: producing multi-layered explanations. International Data Privacy Law, 11(2), 125-144.","DOI":"10.1093\/idpl\/ipaa020"},{"issue":"2","key":"111_CR89","doi-asserted-by":"publisher","first-page":"86","DOI":"10.1080\/14615517.2013.782978","volume":"31","author":"D. Kemp","year":"2013","unstructured":"Kemp, D., & Vanclay, F. (2013). Human rights and impact assessment: Clarifying the connections in practice. Impact Assessment and Project Appraisal, 31(2), 86\u201396. http:\/\/www.tandfonline.com\/doi\/full\/10.1080\/14615517.2013.782978","journal-title":"Impact Assessment and Project Appraisal"},{"key":"111_CR90","volume-title":"Data protection impact assessments in the European Union: Complementing the new legal framework towards a more robust protection of individuals","author":"D. Kloza","year":"2017","unstructured":"Kloza, D., Van Dijk, N., Gellert, R., B\u00f6r\u00f6cz, I., Tanas, A., Mantovani, E., & Quinn, P. (2017). Data protection impact assessments in the European Union: Complementing the new legal framework towards a more robust protection of individuals. d.pia.lab PolicyBrief No. 1. Brussels Laboratory for Data Protection & Privacy Impact Assessment. ISSN2565\u20139936."},{"key":"111_CR91","doi-asserted-by":"publisher","unstructured":"Konopczy\u0144ski, F. (2023). One act to rule them all: What is at stake in the AI Act trilogue? VerfBlog. https:\/\/verfassungsblog.de\/one-act-to-rule-them-all\/. https:\/\/doi.org\/10.17176\/20230818-062853-0","DOI":"10.17176\/20230818-062853-0"},{"issue":"2","key":"111_CR92","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1080\/13600869.2013.801589","volume":"28","author":"B. J. Koops","year":"2014","unstructured":"Koops, B. J., & Leenes, R. (2014). Privacy regulation cannot be hardcoded. A critical comment on the \u2018privacy by design\u2019 provision in data-protection law. International Review of Law, Computers & Technology, 28(2), 159\u2013171.","journal-title":"International Review of Law, Computers & Technology"},{"issue":"1","key":"111_CR93","doi-asserted-by":"publisher","first-page":"81","DOI":"10.33137\/cal.v8i1.36281","volume":"8","author":"R. Koulu","year":"2021","unstructured":"Koulu, R. (2021). Crafting digital transparency: Implementing legal values into algorithmic design. Critical Analysis of Law, 8(1), 81\u2013100.","journal-title":"Critical Analysis of Law"},{"key":"111_CR94","doi-asserted-by":"crossref","unstructured":"Koulu, R., Peters, A., & Pohle, J. (2021). Finding design patterns in law: An exploratory approach. (HIIG Discussion Paper Series No. 3).","DOI":"10.2139\/ssrn.3814234"},{"key":"111_CR158","doi-asserted-by":"publisher","unstructured":"Koulu, R. & Pohle, J. (2024) Legal Design Patterns: New Tools for Analysis and Translations Between Law and Technology. DISO 3, 22. https:\/\/doi.org\/10.1007\/s44206-024-00109-y","DOI":"10.1007\/s44206-024-00109-y"},{"key":"111_CR95","unstructured":"Ladeur, K. H. (1996). Proceduralization and its use in the post-modern legal theory. (EUI Working Papers. Law No. 5). European University Institute."},{"key":"111_CR96","volume-title":"Impact assessment. practical solutions to recurring problems and contemporary challenges","author":"D. Lawrence","year":"2013","unstructured":"Lawrence, D. (2013). Impact assessment. practical solutions to recurring problems and contemporary challenges. John Wiley and Sons. Inc."},{"key":"111_CR97","volume-title":"Code: And other laws of cyberspace. Version 2.0","author":"L. Lessig","year":"2006","unstructured":"Lessig, L. (2006). Code: And other laws of cyberspace. Version 2.0. Basic Books."},{"key":"111_CR98","first-page":"390","volume-title":"Handbook of human rights impact assessments","author":"C. Lopez","year":"2019","unstructured":"Lopez, C. (2019). HRIA and the right to an effective remedy. In N. G\u00f6tzmann (Ed.), Handbook of human rights impact assessments (pp. 390\u2013404). Edward Elgar."},{"key":"111_CR99","volume-title":"Introduction to Systems Theory","author":"N. Luhmann","year":"2013","unstructured":"Luhmann, N. (2013). Introduction to Systems Theory. Polity Press."},{"key":"111_CR100","doi-asserted-by":"publisher","first-page":"1235","DOI":"10.1145\/3357236.3395491","volume-title":"Proceedings of the 2020 ACM designing interactive systems conference","author":"A. Luusua","year":"2020","unstructured":"Luusua, A., & Ylipulli, J. (2020, July). Artificial intelligence and risk in design. In Proceedings of the 2020 ACM designing interactive systems conference (pp. 1235\u20131244)."},{"issue":"4","key":"111_CR101","doi-asserted-by":"publisher","first-page":"754","DOI":"10.1016\/j.clsr.2018.05.017","volume":"34","author":"A. Mantelero","year":"2018","unstructured":"Mantelero, A. (2018). AI and big data: A blueprint for a human rights, social and ethical impact assessment. Computer Law & Security Review, 34(4), 754\u2013772.","journal-title":"Computer Law & Security Review"},{"key":"111_CR102","doi-asserted-by":"publisher","first-page":"200","DOI":"10.1007\/978-94-6265-531-7","volume-title":"Beyond data: Human rights, ethical and social impact assessment in AI","author":"A. Mantelero","year":"2022","unstructured":"Mantelero, A. (2022). Beyond data: Human rights, ethical and social impact assessment in AI (pp. 200). Springer Nature."},{"key":"111_CR103","doi-asserted-by":"publisher","first-page":"105561","DOI":"10.1016\/j.clsr.2021.105561","volume":"41","author":"A. Mantelero","year":"2021","unstructured":"Mantelero, A., & Esposito, M. S. (2021). An evidence-based methodology for human rights impact assessment (HRIA) in the development of AI data-intensive systems. Computer Law & Security Review, 41, 105561.","journal-title":"Computer Law & Security Review"},{"key":"111_CR104","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1016\/j.jss.2016.11.030","volume":"125","author":"B. B. Mayvan","year":"2017","unstructured":"Mayvan, B. B., Rasoolzadegan, A., & Yazdi, Z. G. (2017). The state of the art on design patterns: A systematic mapping of the literature. Journal of Systems and Software, 125, 93\u2013118.","journal-title":"Journal of Systems and Software"},{"issue":"2","key":"111_CR105","doi-asserted-by":"publisher","first-page":"309","DOI":"10.1017\/S0020589319000046","volume":"68","author":"L. McGregor","year":"2019","unstructured":"McGregor, L., Murray, D., & Ng, V. (2019). International human rights law as a framework for algorithmic accountability. International & Comparative Law Quarterly, 68(2), 309\u2013343. https:\/\/doi.org\/10.1017\/S0020589319000046","journal-title":"International & Comparative Law Quarterly"},{"key":"111_CR167","unstructured":"Merriam-Webster (n.d) Assessment. Merriam-Webster. Retrieved from https:\/\/www.merriam-webster.com\/dictionary\/assessment"},{"key":"111_CR106","unstructured":"Ministry of the Interior and Kingdom Relations. (2022). Impact assessment. Fundamental rights and algorithms. https:\/\/www.government.nl\/binaries\/government\/documenten\/reports\/2021\/07\/31\/impact-assessment-fundamental-rights-and-algorithms\/fundamental-rights-and-algorithms-impact-assessment-fraia.pdf"},{"key":"111_CR107","doi-asserted-by":"publisher","first-page":"751","DOI":"10.1007\/s11023-022-09612-y","volume":"32","author":"J. M\u00f6kander","year":"2022","unstructured":"M\u00f6kander, J., Juneja, P., Watson, D. S., & Floridi, L. (2022). The US Algorithmic Accountability Act of 2022 vs. The EU Artificial Intelligence Act: What can they learn from each other? Minds and Machines, 32, 751\u2013758. https:\/\/doi.org\/10.1007\/s11023-022-09612-y","journal-title":"Minds and Machines"},{"key":"111_CR162","doi-asserted-by":"publisher","unstructured":"Morgan, B., & Yeung, K. (2007). An introduction to law and regulation: text and materials. Cambridge University Press. https:\/\/doi.org\/10.1017\/CBO9780511801112","DOI":"10.1017\/CBO9780511801112"},{"key":"111_CR108","doi-asserted-by":"publisher","DOI":"10.1353\/book27397","volume-title":"Hans Jonas\u2019s Ethic of responsibility: From ontology to ecology","author":"T. Morris","year":"2013","unstructured":"Morris, T. (2013). Hans Jonas\u2019s Ethic of responsibility: From ontology to ecology. State University of New York Press, ProQuest Ebook Central. https:\/\/ebookcentral-proquest-com.libproxy.helsinki.fi\/lib\/helsinki-ebooks\/detail.action?docID=3408784"},{"key":"111_CR165","doi-asserted-by":"publisher","unstructured":"Moss, E., Watkins, E. A., Singh, R, and Elish, M. C. & Metcalf, J. (2021) Assembling Accountability: Algorithmic Impact Assessment for the Public Interest. https:\/\/doi.org\/10.2139\/ssrn.3877437","DOI":"10.2139\/ssrn.3877437"},{"key":"111_CR109","volume-title":"Max Planck Encyclopedias of International Law","author":"P. T. Muchlinski","year":"2014","unstructured":"Muchlinski, P. T. (2014). Corporations in International Law. In Max Planck Encyclopedias of International Law. Oxford Public International Law."},{"key":"111_CR110","unstructured":"Nahmias, Y., & Perel, M. (2021). The oversight of content moderation by AI: Impact assessments and their limitations. Harvard Journal on Legislation, 58(1)."},{"key":"111_CR111","unstructured":"National Institute of Standards and Technology [NIST]. (2023). Artificial Intelligence Risk Management Framework (AI RMF 1.0). https:\/\/nvlpubs.nist.gov\/nistpubs\/ai\/NIST.AI.100-1.pdf"},{"key":"111_CR112","doi-asserted-by":"crossref","unstructured":"OECD. (2020). Regulatory impact assessment. https:\/\/www.oecd-ilibrary.org\/sites\/7a9638cb-en\/index.html?itemId=\/content\/publication\/7a9638cb-en","DOI":"10.1787\/7a9638cb-en"},{"key":"111_CR113","unstructured":"OECD. (2021). Sustainability impact assessment: An introduction. https:\/\/www.oecd.org\/greengrowth\/48305527.pdf"},{"key":"111_CR161","unstructured":"Ogus, A. I. (1994). Regulation: legal form and economic theory. Clarendon Press."},{"key":"111_CR164","doi-asserted-by":"crossref","unstructured":"Parker, C. (2002). The open corporation: effective self-regulation and democracy (1. publ.). Cambridge University Press.","DOI":"10.1017\/CBO9780511550034"},{"issue":"5","key":"111_CR114","doi-asserted-by":"publisher","first-page":"555","DOI":"10.1038\/s41587-020-0504-5","volume":"38","author":"J. Pila","year":"2020","unstructured":"Pila, J. (2020). Adapting the ordre public and morality exclusion of European patent law to accommodate emerging technologies. Nature Biotechnology, 38(5), 555\u2013557.","journal-title":"Nature Biotechnology"},{"key":"111_CR115","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-031-30142-1_3","volume-title":"The rule of law and automated decision-making: Exploring fundamentals of algorithmic governance","author":"T. P\u00f6ysti","year":"2023","unstructured":"P\u00f6ysti, T. (2023). Legislating for legal certainty, with a Right to a Human Face, in an automated public administration. In M. Suksi (Ed.), The rule of law and automated decision-making: Exploring fundamentals of algorithmic governance (pp. 33\u201363). Springer. https:\/\/doi.org\/10.1007\/978-3-031-30142-1_3"},{"key":"111_CR116","doi-asserted-by":"publisher","unstructured":"P\u00f6ysti, T. (2024). The precautionary approach design pattern. Diso, 3(5). https:\/\/doi.org\/10.1007\/s44206-024-00090-6","DOI":"10.1007\/s44206-024-00090-6"},{"key":"111_CR48","unstructured":"EDRi, Algorithm Watch, Article 19, Amnesty International, Bits of Freedom, European Center for Not-for-Profit Law, European Disability Forum, Panoptykon Foundation, Homo Digitalis, Access Now, Fair Trials, Irish Council for Civil Liberties, Elektronisk Forpost Norge, Picum. (2023). EU Trilogues: The AI Act must protect people\u2019s rights. A civil society statement on fundamental rights in the EU Artificial Intelligence Act. Edri.org. https:\/\/edri.org\/wp-content\/uploads\/2023\/07\/Civil-society-AI-Act-trilogues-statement.pdf"},{"key":"111_CR137","unstructured":"United Nations [UN]. (2011). UN Guiding Principles on Business and Human Rights Implementing the United Nations \u201cProtect, Respect and Remedy\u201d Framework. https:\/\/www.ohchr.org\/sites\/default\/files\/documents\/publications\/guidingprinciplesbusinesshr_en.pdf"},{"key":"111_CR117","doi-asserted-by":"publisher","first-page":"105404","DOI":"10.1016\/j.clsr.2020.105404","volume":"37","author":"C. D. Raab","year":"2020","unstructured":"Raab, C. D. (2020). Information privacy, impact assessment, and the place of ethics. Computer Law & Security Review, 37, 105404.","journal-title":"Computer Law & Security Review"},{"key":"111_CR118","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1145\/3351095.3372873","volume-title":"Proceedings of the 2020 conference on fairness, accountability, and transparency","author":"I. D. Raji","year":"2020","unstructured":"Raji, I. D., Smart, A., White, R. N., Mitchell, M., Gebru, T., Hutchinson, B., Smith-Loud, J., Theron, D., & Barnes, P. (2020). Closing the AI accountability gap: Defining an end-to-end framework for internal algorithmic auditing. In Proceedings of the 2020 conference on fairness, accountability, and transparency (pp. 33\u201344)."},{"key":"111_CR119","unstructured":"Reisman, D., Schultz, J., Crawford, K., & Whittaker, M. (2018). Algorithmic impact assessments: A practical framework for public agency. AI Now Institute. https:\/\/ainowinstitute.org\/publication\/algorithmic-impact-assessments-report-2"},{"key":"111_CR120","volume-title":"Impact assessment in the EU. The state of the art and the art of the state","author":"A. Renda","year":"2006","unstructured":"Renda, A. (2006). Impact assessment in the EU. The state of the art and the art of the state. Centre of European Policy Studies. https:\/\/aei.pitt.edu\/32591\/1\/30._Impact_Assessment_in_the_EU.pdf"},{"key":"111_CR121","doi-asserted-by":"publisher","first-page":"125","DOI":"10.1016\/B978-0-08-097086-8.85036-9","volume-title":"International encyclopedia of the social & behavioral sciences","author":"A. Rip","year":"2015","unstructured":"Rip, A. (2015). Technology assessment. In International encyclopedia of the social & behavioral sciences (2nd ed., pp. 125\u2013128). Elsevier.","edition":"2nd ed."},{"key":"111_CR122","doi-asserted-by":"publisher","DOI":"10.1007\/978-94-007-1433-5","volume-title":"Handbook of risk theory","author":"S. Roeser","year":"2012","unstructured":"Roeser, S., Hillerbrand, R., Sandin, P., & Peterson, M. (2012a). Handbook of risk theory (Vol. I). Springer."},{"key":"111_CR123","doi-asserted-by":"publisher","DOI":"10.1007\/978-94-007-1433-5","volume-title":"Handbook of risk theory","author":"S. Roeser","year":"2012","unstructured":"Roeser, S., Hillerbrand, R., Sandin, P., & Peterson, M. (2012b). Handbook of risk theory (Vol. II). Springer."},{"issue":"8","key":"111_CR124","doi-asserted-by":"publisher","first-page":"1056","DOI":"10.1016\/j.envint.2006.06.008","volume":"32","author":"H. Rothstein","year":"2006","unstructured":"Rothstein, H., Irving, P., Walden, T., & Yearsley, R. (2006). The risks of risk-based regulation: Insights from the environmental policy domain. Environment International, 32(8), 1056\u20131065.","journal-title":"Environment International"},{"key":"111_CR126","doi-asserted-by":"publisher","unstructured":"Sanfilippo, M. R., & Frischmann, B. (2023). Slow-governance in smart cities: An empirical study of smart intersection implementation in four US college towns. Internet Policy Review, 12(1). https:\/\/doi.org\/10.14763\/2023.1.1703","DOI":"10.14763\/2023.1.1703"},{"key":"111_CR127","doi-asserted-by":"publisher","first-page":"301","DOI":"10.1017\/9781108680844.016","volume-title":"The Cambridge handbook of the law of algorithms","author":"D. W. Schartum","year":"2020","unstructured":"Schartum, D. W. (2020). From legal sources to programming code: Automatic individual decisions in public administration and computers under the rule of law. In W. Barfield (Ed.), The Cambridge handbook of the law of algorithms (pp. 301\u2013336). Cambridge University Press."},{"key":"111_CR159","unstructured":"Selbst, A. D. (2021). An institutional view of algorithmic impact assessments. Harv. JL & Tech., 35, 117."},{"key":"111_CR128","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1093\/0198287976.003.0003","volume-title":"The quality of life","author":"A. Sen","year":"1993","unstructured":"Sen, A. (1993). Capability and well-being. In M. Nussbaum & A. Sen (Eds.), The quality of life (pp. 30\u201353). Oxford University Press. https:\/\/doi.org\/10.1093\/0198287976.003.0003"},{"key":"111_CR163","doi-asserted-by":"publisher","unstructured":"Sinclair, D. (1997). Self-Regulation Versus Command and Control? Beyond False Dichotomies. Law & Policy, 19(4), 529\u2013559. https:\/\/doi.org\/10.1111\/1467-9930.00037","DOI":"10.1111\/1467-9930.00037"},{"issue":"11","key":"111_CR129","doi-asserted-by":"publisher","first-page":"12799","DOI":"10.1007\/s10462-023-10420-8","volume":"56","author":"B. C. Stahl","year":"2023","unstructured":"Stahl, B. C., Antoniou, J., Bhalla, N., Brooks, L., Jansen, P., Lindqvist, B., Kirichenko, A., Marchal, S., Rodrigues, R., Santiago, N., Warso, Z., & Wright, D. (2023). A systematic review of artificial intelligence impact assessments. Artificial Intelligence Review, 56(11), 12799\u201312831.","journal-title":"Artificial Intelligence Review"},{"issue":"3","key":"111_CR130","doi-asserted-by":"publisher","first-page":"387","DOI":"10.1177\/030631289019003001","volume":"19","author":"S. L. Star","year":"1989","unstructured":"Star, S. L., & Griesemer, J. R. (1989). Institutional ecology, translations and boundary objects: Amateurs and professionals in Berkeley\u2019s Museum of Vertebrate Zoology, 1907-39. Social Studies of Science, 19(3), 387\u2013420.","journal-title":"Social Studies of Science"},{"key":"111_CR132","first-page":"299","volume-title":"Dilemmas of law in the welfare state","author":"G. Teubner","year":"1985","unstructured":"Teubner, G. (1985). After Legal Instrumentalism? In G. Teubner (Ed.), Dilemmas of law in the welfare state (pp. 299\u2013325). Wleter de Gruyter GmbH."},{"key":"111_CR133","volume-title":"Law as an autopoietic system","author":"G. Teubner","year":"1993","unstructured":"Teubner, G. (1993). Law as an autopoietic system (1st ed.). Blackwell.","edition":"1st ed."},{"key":"111_CR134","first-page":"3","volume-title":"Networks: legal issues of multilateral co-operation","author":"G. Teubner","year":"2009","unstructured":"Teubner, G. (2009). Coincidentia oppositorum: Hybrid networks beyond contract and organisation. In M. Amstutz & G. Teubner (Eds.), Networks: legal issues of multilateral co-operation (pp. 3\u201330). Bloomsbury Publishing."},{"key":"111_CR135","unstructured":"The Danish Institute for Human Rights. (2020). Human rights impact assessment. Guidance and toolbox. https:\/\/www.humanrights.dk\/files\/media\/dokumenter\/udgivelser\/hria_toolbox_2020\/eng\/dihr_hria_guidance_and_toolbox_2020_eng.pdf"},{"issue":"1","key":"111_CR136","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1111\/rego.12437","volume":"16","author":"L. Ulbricht","year":"2021","unstructured":"Ulbricht, L., & Yeung, K. (2021). Algorithmic regulation: A maturing concept for investigating regulation of and through algorithms. Regulation & Governance, 16(1), 3\u201322.","journal-title":"Regulation & Governance"},{"key":"111_CR138","unstructured":"US Chief Information Officers Council (CIO). (n.d.). Algorithmic Impact Assessment. https:\/\/www.cio.gov\/aia-eia-js\/#\/"},{"key":"111_CR139","unstructured":"US-EU Trade and Technology Council [TTC]. (2022). Joint Roadmap on Evaluation and Measurement Tools for Trustworthy AI and Risk Management. https:\/\/ec.europa.eu\/newsroom\/dae\/redirection\/document\/92123"},{"issue":"1","key":"111_CR140","doi-asserted-by":"publisher","first-page":"5","DOI":"10.3152\/147154603781766491","volume":"21","author":"F. Vanclay","year":"2003","unstructured":"Vanclay, F. (2003). International principles for social impact assessment. Impact Assessment and Project Appraisal, 21(1), 5\u201311. https:\/\/doi.org\/10.3152\/147154603781766491","journal-title":"Impact Assessment and Project Appraisal"},{"key":"111_CR141","volume-title":"Social impact assessment: Guidance for assessing and managing the social impacts of projects","author":"F. Vanclay","year":"2015","unstructured":"Vanclay, F., Esteves, A., Aucamp, I., & Franks, D. (2015). Social impact assessment: Guidance for assessing and managing the social impacts of projects. IAIA."},{"issue":"4","key":"111_CR142","doi-asserted-by":"publisher","first-page":"97","DOI":"10.9785\/cri-2021-220402","volume":"22","author":"M. Veale","year":"2021","unstructured":"Veale, M., & Zuiderveen Borgesius, F. (2021). Demystifying the draft EU Artificial Intelligence Act\u2014analysing the good, the bad, and the unclear elements of the proposed approach. Computer Law Review International, 22(4), 97\u2013112.","journal-title":"Computer Law Review International"},{"key":"111_CR143","volume-title":"A deeper look into the EU AI Act trilogues: Fundamental rights impact assessments, generative AI and a","author":"H. Waem","year":"2023","unstructured":"Waem, H., & Demircan, M. (2023). A deeper look into the EU AI Act trilogues: Fundamental rights impact assessments, generative AI and a. European AI Office. Kluwer Competition Law Blog. https:\/\/competitionlawblog.kluwercompetitionlaw.com\/2023\/11\/13\/a-deeper-look-into-the-eu-ai-act-trilogues-fundamental-rights-impact-assessments-generative-ai-and-a-european-ai-office\/"},{"key":"111_CR144","doi-asserted-by":"publisher","first-page":"19625","DOI":"10.1109\/ACCESS.2024.3360864","volume":"12","author":"S. Wairimu","year":"2024","unstructured":"Wairimu, S., Iwaya, L. H., Fritsch, L., & Lindskog, S. (2024). On the evaluation of privacy impact assessment and privacy risk assessment methodologies: A systematic literature review. IEEE Access, 12, 19625.","journal-title":"IEEE Access"},{"key":"111_CR157","doi-asserted-by":"publisher","unstructured":"Wernick, A. & Banzuzi, E. & M\u00f6relius-Wulff, A. (2023). Do European smart city developers dream of GDPR-free countries? The pull of global megaprojects in the face of EU smart city compliance and localisation costs. Internet Policy Review, 12(1). https:\/\/doi.org\/10.14763\/2023.1.1698 https:\/\/doi.org\/10.14763\/2023.1.1698","DOI":"10.14763\/2023.1.1698"},{"key":"111_CR145","doi-asserted-by":"crossref","unstructured":"Wiener, J. (2010). Risk regulation and governance institutions in OECD. Risk and Regulatory Policy. Improving the Governance of Risk. (pp. 133\u2013158). https:\/\/www.oecd-ilibrary.org\/governance\/risk-and-regulatory-policy\/risk-regulation-and-governance-institutions_9789264082939-9-en","DOI":"10.1787\/9789264082939-9-en"},{"key":"111_CR146","first-page":"1","volume-title":"Proceedings of the 2020 conference on fairness, accountability, and transparency","author":"M. Wieringa","year":"2020","unstructured":"Wieringa, M. (2020, January). What to account for when accounting for algorithms: A systematic literature review on algorithmic accountability. In Proceedings of the 2020 conference on fairness, accountability, and transparency (pp. 1\u201318)."},{"key":"111_CR147","unstructured":"Winner, L. (1980). Do artefacts have politics? Daedalus, 121\u2013136."},{"issue":"3","key":"111_CR148","doi-asserted-by":"publisher","first-page":"199","DOI":"10.1007\/s10676-010-9242-6","volume":"13","author":"D. Wright","year":"2011","unstructured":"Wright, D. (2011). A framework for the ethical impact assessment of information technology. Ethics and Information Technology, 13(3), 199\u2013226. https:\/\/doi.org\/10.1007\/s10676-010-9242-6","journal-title":"Ethics and Information Technology"},{"key":"111_CR149","doi-asserted-by":"publisher","unstructured":"Wright, D., & de Hert, P. (Eds.). (2012). Privacy impact assessment [electronic resource]\/edited by David Wright, Paul de Hert (1st). Springer Netherlands. https:\/\/doi.org\/10.1007\/978-94-007-2543-0","DOI":"10.1007\/978-94-007-2543-0"},{"issue":"6","key":"111_CR150","doi-asserted-by":"publisher","first-page":"613","DOI":"10.1016\/j.clsr.2012.09.003","volume":"28","author":"D. Wright","year":"2012","unstructured":"Wright, D., & Raab, C. D. (2012). Constructing a surveillance impact assessment. Computer Law & Security Review, 28(6), 613\u2013626.","journal-title":"Computer Law & Security Review"},{"key":"111_CR151","first-page":"71","volume-title":"Regulating technologies: Legal futures, regulatory frames and technological fixes","author":"K. Yeung","year":"2008","unstructured":"Yeung, K. (2008) Towards an understanding of regulation by design. In R. Brownsword & K. Yeung (Eds.), Regulating technologies: Legal futures, regulatory frames and technological fixes (pp. 71\u2013107). Bloomsbury Publishing Plc."},{"issue":"1","key":"111_CR154","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1111\/rego.12401","volume":"16","author":"K. Yeung","year":"2022","unstructured":"Yeung, K., & Bygrave, L. A. (2022). Demystifying the modernized European data protection regime: Cross-disciplinary insights from legal and regulatory governance scholarship. Regulation & Governance, 16(1), 137\u2013155.","journal-title":"Regulation & Governance"},{"issue":"3","key":"111_CR155","doi-asserted-by":"publisher","first-page":"502","DOI":"10.1016\/j.socscimed.2010.04.017","volume":"71","author":"K. Yeung","year":"2010","unstructured":"Yeung, K., & Dixon-Woods, M. (2010). Design-based regulation and patient safety: A regulatory studies perspective. Social Science & Medicine, 71(3), 502\u2013509.","journal-title":"Social Science & Medicine"},{"key":"111_CR153","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1093\/oxfordhb\/9780190067397.013.5","volume-title":"The oxford handbook of ethics of AI","author":"K. Yeung","year":"2020","unstructured":"Yeung, K., Howes, A., & Pogrebna, G. (2020). AI governance by human rights\u2013centred design, deliberation, and oversight: An end to ethics washing. In M. D. Dubber, F. Pasquale, & S. Das (Eds.), The oxford handbook of ethics of AI (pp. 76\u2013106). Oxford University Press. https:\/\/doi.org\/10.1093\/oxfordhb\/9780190067397.013.5"},{"key":"111_CR156","doi-asserted-by":"publisher","first-page":"251","DOI":"10.1017\/9781108680844.014","volume-title":"The Cambridge handbook of the law of algorithms","author":"M. Zalnieriute","year":"2020","unstructured":"Zalnieriute, M. (2020). From rule of law to statute drafting: Legal issues for algorithms in government decision-making. In W. Barfield, et al. (Ed.), The Cambridge handbook of the law of algorithms (pp. 251\u2013272). Cambridge University Press."}],"container-title":["Digital Society"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s44206-024-00111-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s44206-024-00111-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s44206-024-00111-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,22]],"date-time":"2024-11-22T19:00:58Z","timestamp":1732302058000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s44206-024-00111-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,6,26]]},"references-count":166,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2024,8]]}},"alternative-id":["111"],"URL":"https:\/\/doi.org\/10.1007\/s44206-024-00111-4","relation":{},"ISSN":["2731-4650","2731-4669"],"issn-type":[{"value":"2731-4650","type":"print"},{"value":"2731-4669","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,6,26]]},"assertion":[{"value":"15 November 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 May 2024","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"26 June 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"On behalf of all authors, the corresponding author states that there is no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of Interest"}}],"article-number":"29"}}