Institutional Research Information Service
UCL Logo
Please report any queries concerning the funding data grouped in the sections named "Externally Awarded" or "Internally Disbursed" (shown on the profile page) to your Research Finance Administrator. Your can find your Research Finance Administrator at https://www.ucl.ac.uk/finance/research/rs-contacts.php by entering your department
Please report any queries concerning the student data shown on the profile page to:

Email: portico-services@ucl.ac.uk

Help Desk: http://www.ucl.ac.uk/ras/portico/helpdesk
Publication Detail
Privacy is a process, not a PET: a theory for effective privacy practice
  • Publication Type:
  • Authors:
    Morton A, Sasse MA
  • Publisher:
  • Publication date:
  • Place of publication:
    New York, NY, USA
  • Pagination:
    87, 104
  • Published proceedings:
    Proceedings of the 2012 workshop on New security paradigms
  • Series:
    NSPW ’12
  • ISBN-13:
  • Status:
  • Name of conference:
    New Security Paradigms Workshop
  • Conference place:
  • Conference start date:
  • Conference finish date:
  • Keywords:
    Privacy, Security, Trust, Framework
  • Notes:
    location: Bertinoro, Italy numpages: 18 acmid: 2413305 keywords: framework, privacy, security, trust
Privacy research has not helped practitioners – who struggle to reconcile users’ demands for information privacy with information security, legislation, information management and use – to improve privacy practice. Beginning with the principle that information security is necessary but not sufficient for privacy, we present an innovative layered framework - the Privacy Security Trust (PST) Framework - which integrates, in one model, the different activities practitioners must undertake for effective privacy practice. The PST Framework considers information security, information management and data protection legislation as privacy hygiene factors, representing the minimum processes for effective privacy practice. The framework also includes privacy influencers - developed from previous research in information security culture, information ethics and information culture - and privacy by design principles. The framework helps to deliver good privacy practice by providing: 1) a clear hierarchy of the activities needed for effective privacy practice; 2) delineation of information security and privacy; and 3) justification for placing data protection at the heart of those activities involved in maintaining information privacy. We present a proof-of-concept application of the PST Framework to an example technology – electricity smart meters.
Publication data is maintained in RPS. Visit https://rps.ucl.ac.uk
 More search options
UCL Researchers
Dept of Computer Science
University College London - Gower Street - London - WC1E 6BT Tel:+44 (0)20 7679 2000

© UCL 1999–2011

Search by