The Brussels Laboratory for Data Protection & Privacy Impact Assessments, or d.pia.lab, connects basic, methodological and applied research, provides training and delivers policy advice related to impact assessments in the areas of innovation and technology development. Whilst legal aspects of privacy and personal data protection constitute our core expertise, the Laboratory mobilises other disciplines including ethics, philosophy, surveillance studies and science, technology & society (STS) studies. Established in November 2015, the Laboratory constitutes a part of and builds upon the experience of the Research Group on Law, Science, Technology & Society (LSTS) at the Vrije Universiteit Brussel (VUB), Belgium.
The d.pia.lab Network brings together experts from all over the world to exchange knowledge, viewpoints and developments on privacy and data protection impact assessments. The Laboratory also invites academics, researchers, practitioners and activists to work together as Visiting Scholars.
Visiting Scholars Programme
The Brussels Laboratory for Data Protection & Privacy Impact Assessments (d.pia.lab) established the Visiting Scholars Programme in January 2018. Within this scheme, the Laboratory invites academics, researchers, practitioners and activists from multiple disciplines to spend time in Brussels, to participate in the academic life therein and to conduct research about impact assessments in the areas of innovation and technology development. Visiting Scholars will be based at the Research Group on Law, Science, Technology, Society (LSTS) at the Faculty of Law and Criminology of the Vrije Universiteit Brussel (VUB), of which the Laboratory constitutes a part of and builds upon its experience and expertise.
Please find the description of the programme and the terms of application here.
Alexandra Aslanidou holds a Bachelor in Law (LLB) from the faculty of Law, Economics and Political Sciences of Aristotle University of Thessaloniki,Greece (2009). Her previous work experience includes practicing law in law offices in Greece, handling civil and criminal law cases. She participated in seminars focused on data protection, e-commerce and legal technology. Her main research interests include privacy, data protection, intellectual property rights, European law.
Period of visit: February - August 2018.
Anna Johnston is one of Australia’s most respected experts in privacy law and practice. After serving as Deputy Privacy Commissioner for NSW, Anna founded Salinger Privacy in 2004 to offer specialist privacy consulting services. Salinger Privacy provides advice on managing privacy risks to clients including tech start-ups, established businesses and government agencies. Salinger Privacy also offers a suite of privacy compliance tools including template policies and procedures, checklists, and eBooks including Demystifying De-identification and the Privacy Officer’s Handbook. Anna holds a first class honours degree in Law and was admitted as a Solicitor of the Supreme Court of NSW in 1996, but no longer practices as a solicitor.
Period of visit: June - July 2018.
The research project of Claudia Quelle concerns the risk-based approach in the General Data Protection Regulation. She is particularly interested in the relation between the risk-based approach and the objective of the GDPR to protect the fundamental rights of natural persons. Her research topics include the risk-based approach under the GDPR, the relationship between risk management and what it means to have rights, the "subjectivity" or value-ladenness of decisions about risk, and the role of individual control in data protection and privacy.
Period of visit: May - June 2018.
The d.pia.lab network brings together multiple stakeholders (academia, policy making, regulators, consultancy, etc.) from all over the world with a view to exchange knowledge, viewpoints and developments on privacy and data protection impact assessments. Members have access to an internal mailing list.
Ramon Miralles Lopez, Coordinator of Audit and Information Security, Catalan Data Protection Authority (APDCAT), Catalonia (Spain)
Gellert, R. (2018) Understanding the notion of risk in the General Data Protection Regulation, Computer Law & Security Review vol. 34, issue 2, 279-288
Gellert, R. (2015) Data protection: a risk regulation? Between the risk management of everything and the precautionary alternative, International Data Privacy Law 01/2015; 5(1):3-19.
Hildebrandt, M., Gutwirth, S. (2008). Profiling the European Citizen. Cross-Disciplinary Perspectives. Springer.
Hildebrandt, M. (2013). Legal Protection by Design in the Smart Grid. Privacy, data protection & profile transparency. Smart Energy Collective.
Hildebrandt, M. (2011). Legal Protection by Design. Objections and Refutations, Legisprudence 5.2, 223-248.
Kloza, D., van Dijk, N., De Hert, P. (2015), Assessing the European approach to privacy and data protection in smart grids. Lessons for emerging technologies, in Skopik, F., Smith, P. Smart grid security: holistic and innovative solutions for a modernized grid, Elsevier, 2015.
Kloza, D. (2014) Privacy Impact Assessments as a Means to Achieve the Objectives of Procedural Justice. Jusletter IT. Die Zeitschrift für IT und Recht. Issue 20
Kloza, D. (2013). Public voice in privacy governance: lessons from environmental democracy. In E. Schweighofer, A. Saarenpää, & J. Böszörmenyi (Eds.), KnowRights 2012 Proceedings (pp. 80–97).
(2018)Right engineering? The redesign of privacy and personal data protection,International Review of Law, Computers & Technology,
Van Dijk, N., Gellert, R., Rommetveit, K., A Risk to a Right? Beyond Data Protection Risk Assessments, Computer Law & Security Review, Forthcoming
Wright, D., & De Hert, P. (Eds.). (2012). Privacy Impact Assessment (p. 523). Dordrecht, Heidleberg, London, New York: Springer.
Wright, D., Gellert, R., Gutwirth, S., & Friedewald, M. (2011). Minimizing Technology Risks with PIAs, Precaution, and Participation. IEEE Technology and Society Magazine, 30(4), 47–54. doi:10.1109/MTS.2011.943460
Goel Sanjay, Hong Yuan, Papakonstantinou Vagelis and Kloza Dariusz (2015) Smart Grid Security. SpringerBriefs in Cybersecurity, Springer-Verlag, London, 138 pp. http://www.springer.com/gp/book/9781447166627
Gellert Raphaël and Kloza Dariusz (2012) “Can privacy impact assessment mitigate civil liability? A precautionary approach”, in Schweighofer Erich, Franz Kummer and Walter Hötzendorfer (eds.) Transformation juristischer Sprachen. Tagungsband des 15. Internationalen Rechtsinformatik Symposions IRIS 2012, Österreichische Computer Gesellschaft, Vienna, pp. 497-505. http://jusletter-it.weblaw.ch/issues/2012/IRIS/jusletterarticle_1029.html
Wright David, Friedewald Michael, and Gellert Raphaël, Developing and Testing a Surveillance Impact Assessment Methodology, International Data Privacy Law 01/2015; 5(1):40-53.
Gellert Raphaël, Understanding Data Protection as Risk Regulation, Journal of Internet Law, May 2015, 18(11):3-15.
Gellert Raphaël, Mantovani Eugenio, and De Hert Paul, The EU Regulation of Nanomaterials: Smoother or Harder? The Precautionary Tool Chest as the Basis for Better Regulating Nanomaterials. In: Dolez PI, (ed), Nanoengineering:Global Approaches to Health and Safety Issues, 2015. p. 339–73.