Privacy Risk Analysis in OSNs

The EU GDPR [56] emphasizes that data subjects should be made aware of the risks related to personal data processing. In general, privacy impact assessment (PIA), whose technical core is referred to as privacy risk analysis (PRA) [45], is used to help service providers understand the privacy risks for data subjects from services they provide. With the GDPR coming into force in May 2018, it has become mandatory to conduct such assessments for certain kinds of personal data processing in Europe.