Privacy Impact Assessment
Social networks like Facebook hold so much information about our thoughts, our behavior, our friendships that official investigations naturally seek to uncover it.
Privacy on the Ascendancy
But powerful voices are championing greater respect for the privacy of data collected by technology.
The White House has published a Consumer Privacy Bill of Rights, broadly declaring, “Consumers have a right to expect that companies will collect, use, and disclose personal data in ways that are consistent with the context in which consumers provide the data.” Although this document focuses on the rights of consumers, it is consistent with rising expectations that the privacy of individuals be respected at a time when technology is enabling an unprecedented accumulation of personal data.
![]() |
| Free From Unreasonable Search |
Prudent Investigator
Note to all investigators: Prudence dictates that you explicitly consider privacy when seeking data through technology, such as social media. But what does that mean in practice?
The investigator needs evidence that she thoughtfully weighed privacy concerns as she designed and executed her investigation. This evidence can be provided in a “privacy impact assessment.” A privacy impact assessment is a written statement, stored in the investigator’s file, showing rational deliberation about the effect of the investigation on the privacy of the target of the investigation, as well as on the privacy of bystanders.
A persuasive privacy impact assessment will articulate the justification for the investigation and evaluate alternative methods for getting the needed information. It will assess methods for minimizing the impositions on privacy, while pursuing the legitimate goals of the investigation. It will display a conscious weighing of factors, so as to balance need against cost.
Demonstrate Serious Contemplation
A privacy impact assessment need not necessarily be a lengthy document. For less substantial investigations, it might be only a paragraph.
But it needs to be thorough enough to demonstrate that the investigator diligently contemplated the facts and methods of the case. It might specify, for example, steps to limit the quantity of data collected, the number of people who have access to the investigation file, and the length of time data is stored before it is destroyed.
The impact assessment will be more persuasive if the investigator consults a colleague or superior in the course of drafting it.
Which Investigations?
What kinds of investigations do I have in mind? Many. I’m thinking about subpoenas . . . safety inspections . . .e-discovery in civil litigation . . . inquiries by prospective employers . . . evidence collection in family law disputes . . . probes by disciplinary officials at schools and colleges . . . audits by government tax or regulatory officials . . . and more.
–Benjamin Wright
Mr. Wright teaches the law of data security and investigations at the SANS Institute.
Related: Complying with the Internet's tsunami of laws

