Privacy impact assessment (PIA) is now considered an important tool to address privacy challenges of the digital era. Unless PIA is already mandatory, regulators need to provide incentive to both public and private sector to conduct PIA and thus potential limitation or even exclusion of civil liability seems attractive. In this paper, we try to understand why PIA can impact this liability by going back to its foundation, i.e. the precautionary principle. A good PIA could demonstrate no fault was committed or could allow resorting to the so-called development risk defence.
- 1. Why this research?
- 2. Going back to the roots of PIA: The precautionary principle
- 2.1. Precaution – its origin and scope
- 2.2. Precaution and civil liability: a renewed duty of care
- 3. The development risk defence
- 3.1. Higher standard of liability for dangerous activities
- 3.2. Impact on liability
- 4. Precaution, a nexus between strict and fault liability: the pivotal concept of development risk defence
- 5. Can PIA mitigate civil liability?
- 5.1. PIA – an implementation of precaution?
- 5.2. PIA – mitigation or exclusion of liability?
- 6. Conclusion