ABSTRACT
Insufficient control over personal or identity information is among the core problems of privacy. Correspondingly, effective options for privacy control are crucial. There is thus a particular need for privacy-enhancing technologies, privacy-by-design approaches and privacy impact assessment. But what are the current options to implement these instruments and how are they interrelated? This chapter seeks answers to these questions by assessing approaches in this regard. At first, the prospects and perils of privacy by design are examined, including a discussion on the limits of individual control and problematic trends toward a “privatization” of privacy. This is followed by an overview on the basic role, scope and limits of privacy impact assessment. This instrument can contribute to easing some privacy problems by improving transparency and accountability of information processing institutions, not least as it includes analyzing the processing of identifiable information and how it affects privacy. I therefore argue that privacy impact assessment is crucial to complement privacy by design, and that together these tools can improve privacy protection in general. However, existing approaches have various limits which essentially result from an insufficient consideration of identity or identifiable information.
