Privacy, like the weather, is something everyone talks about.1 But unlike the weather, there is much that should, and can, be done about it. This welcome volume documents and explains an important tool for doing that. It should be in the library of any professional concerned with collecting, processing, using or determining the fate of personal data (whether as policy-setter, administrator or researcher). This state-of-the-art book describes the most comprehensive tool yet available for policy-makers to evaluate new personal data information technologies before they are introduced.2 Privacy impact assessment aims to contribute to organisational practice, as well as culture. It recognises that machine-processed data on persons requires special protections, particularly when new tools are involved. It anticipates problems, seeking to prevent, rather than to put out fires. The PIA model is based on avoiding future problems by learning from the past and imagining how new technologies might bring new problems – including that intriguing class of the “unknown unknowns”. PIA is very much a work in development and offers a general model whose content needs to be adjusted depending on the specifics of the case. One size does not fit all. The variation these chapters consider precludes a standard form, at least with respect to substance and the range and degree of attention to potential problems.