Published: April 2017Click To View (PDF)

We hear about “mitigating privacy risk” on a regular basis. The GDPR calls for a risk-based approach to privacy operations. Certain “high-risk” endeavors even trigger data protection impact assessments and calls to the local data protection authority’s office? Rarely, however, do we see risk-scoring in action. Until now. The IAPP and Kryptowire have teamed to survey 400 privacy professionals regarding how they score the risk of collecting dozens of types of personal data and performing actions in the mobile environment.