Technology Impact Cycle Tool

Depending on the technology you are assessing, some categories are more important than others. Here you can indicate how important you think this category is for this technology.

If this category is not applicable for this technology, please select 'Yes.'

If this technology registers personal data you have to be aware of privacy legislation and the concept of privacy. Think hard about this question. Remember: personal data can be interpreted in a broad way. Maybe this technology does not collect personal data, but can be used to assemble personal data. If the technology collects special personal data (like health or ethnicity) you should be extra aware.

(This question is part of the Quick Scan)

Are you aware of the main privacy and data principles you need to adhere to? If not, check the links below. Do you think the invasion of privacy by the technology is allowed? Do you think people will feel that their privacy is invaded? Does the technology consider things like proportionality and subsidiarity?

In Europe data collections have to be GDPR - compliant. Do you think that the technology is compliant? How do you know? Did the technology provide for the appropriate measures to make sure compliancy is in place?

Privacy is often implemented by design which means, for example that only the bare minimum of data is collected and used and this process is continually improved upon. Does this technology (really) need all the personal data it is processing to provide the functionality of the technology (data minimalisation)? Did the technology consider other principles considering privacy by design? If needed you can check the crashcourse on privacy by design.

Is the technology creating data that could follow users throughout their lifetimes, affect their reputations, and impact their future opportunities? Will the data the technology is generating have long-term consequences for the freedoms and reputation of individuals?

If you think about this technology invading someone's privacy or collecting personal data and if you think about the way this technology is compliant with prevailing law and mitigates dataprotection risks and concerns. If you think about all that, what improvements would you (want to) make? In the technology? In context? In use? The answers on questions 1-5 help you to gain insight into the relation between privacy and and this technology. The goal of these answers is not to provide you with a 'go' or ' no go' - decision. The goal is to make you think HOW you can use these insights to improve the use of the technology. This can be by making changes to the technology or making changes to the context in which the technology is used, or making changes in the way the technology is used.

(This question is part of the Improvement Scan)

Are you satisfied with the quality of your answers? The depth? The level of insight? Did you have enough knowledge to give good answers? Give an honest assessment of the quality of your answers.