Look to Yourselves, That We Lose Not Those Things Which We Have Wrought: The Proposed Changes to the Purpose Limitation Principle in Data Protection and Public Bodies’ Rights to Access Third Party Data

2013 ◽  
Author(s):  
Judith Rauhofer
Keyword(s):  
Data Protection ◽  
Third Party ◽  
Public Bodies

Regulating European Clouds

2016 ◽  
pp. 42-60
Author(s):  
Szilvia Varadi
Keyword(s):  
Cloud Computing ◽  
Data Protection ◽  
New Technology ◽  
Research Area ◽  
Third Party ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Goods And Services ◽  
Data Protection Directive ◽  
Set Up

Cloud Computing is a diverse research area that encompasses many aspects of sharing software and hardware solutions, including computing and storage resources, application runtimes or complex application functionalities. In the supply of any goods and services, the law gives certain rights that protect the consumer and provider, which also applies for Cloud Computing. This new technology also moves functions and responsibilities away from local ownership and management to a third-party provided service, and raises several legal issues, such as data protection, which require this service to comply with necessary regulation. In this chapter the author investigates the revised legislation of the European Union resulting in the General Data Protection Regulation, which will be used to set up the new European Data Protection Framework. The author gathers and summarizes the most relevant changes this regulation brings to the field of Clouds, and draws relations to the previous legislation called the Data Protection Directive currently in force.

scholarly journals International transfers of health data between the EU and USA: a sector-specific approach for the USA to ensure an ‘adequate’ level of protection

2020 ◽  
Author(s):  
Laura Bradford ◽  
Mateo Aboy ◽  
Kathleen Liddell
Keyword(s):  
Data Protection ◽  
Health Research ◽  
International Health ◽  
Third Party ◽  
The European Union ◽  
Specific Approach ◽  
General Data Protection Regulation ◽  
Individual Privacy ◽  
The Usa ◽  
The Eu

Abstract International health research increasingly depends on collaboration and combination using medical data to advance treatment and drug discovery. The European Union (EU), through its General Data Protection Regulation, has tightened the rules for sharing data across borders to protect individual privacy. These new rules threaten cooperation between the EU and the USA, the two largest public funders of biomedical research. This article analyzes the primary pathway for sharing research data with the USA, the US–EU Privacy Shield††, and argues that the Shield is ill-suited to support complex health studies. Its legitimacy is in question under both EU and US law, and its terms are too restrictive for the variety of exchanges underlying research, treatment, and care. As an alternative, we propose that the USA seek an additional sector-based adequacy determination based on the existing US health privacy law, the Health Insurance Portability and Accountability Act. A sector-specific approach to adequacy for health would avoid many of the most contentious issues that divide the USA and EU on data protection. It could also serve as a model for other third-party jurisdictions and facilitate international harmonization of health research practices.

scholarly journals Addressing Anticompetitive Data Aggregation: a Comment to Bundeskartellamt Decision B6-22/16

2019 ◽  
Vol 12 (19) ◽  
pp. 139-171
Author(s):  
Laura Skopowska
Keyword(s):  
Data Protection ◽  
Mobile Applications ◽  
Data Aggregation ◽  
Personal Data ◽  
Third Party ◽  
Competition Authority ◽  
German Market ◽  
Dominant Position ◽  
Combining Data ◽  
Barrier To Entry

Data aggregation, understood as the process of gathering and combining data in order to prepare datasets that might be useful for specific business or other purposes, is not per se forbidden. However, some forms of it can be considered anticompetitive. In the Decision B6-22/16 of the German Federal Cartel Office (Bundeskartellamt) data aggregation, which included the collection of data from sources outside of Facebook’s social network (from Facebook-owned services such as WhatsApp and Instagram and from third party websites or mobile applications) and their combination with the information connected with a particular Facebook user account without that user’s consent, constituted an abuse of Facebook’s dominant position on the German market for social networks. The Bundeskartellamt found that the processing of user’s personal data by Facebook has, to some extent, been carried out in a way which infringed GDPR provisions. In the same decision, the Bundeskartellamt also identified the exclusionary nature of Facebook’s anticompetitive behaviour. According to the Bundeskartellamt, the illegal data aggregation formed a barrier to entry for Facebook’s competitors which, through compliance with data protection standards, found themselves in a worst position. Facebook, through its inappropriate data aggregation gained a competitive advantage. The Bundeskartellamt’s decision is, therefore, reflecting the anticompetitive dangers that data aggregation might pose. Nevertheless, it is debated whether the Bundeskartellamt, as a competition authority, is competent to determine the compliance or lack of compliance of business terms with the provisions of the GDPR. This paper analyzes the Bundeskartellamt’s decision as to where an anticompetitive nature of data processing has been identified, and tries to answer the question why it is problematic that it was the Bundeskartellamt and not a data protection supervisory authority that has issued such a decision.

5. The data protection principles

2017 ◽  
Author(s):  
Ian J. Lloyd
Keyword(s):  
Data Protection ◽  
Data Use ◽  
Personal Data ◽  
Third Party ◽  
Security Measures ◽  
Data Controller

This chapter focuses on the data protection principles under the Data Protection Act 1998. It considers to what extent and under what conditions a data controller may lawfully process personal data. Use may take a variety of forms and will include disclosure of data to a third party. It also looks at the operation of the principle requiring users to adopt appropriate security measures.

scholarly journals DATA PROTECTION AND THE RIGHT TO REPUTATION: FILLING THE “GAPS” AFTER THE DEFAMATION ACT 2013

2014 ◽  
Vol 73 (3) ◽  
pp. 536-569 ◽  
Author(s):  
David Erdos
Keyword(s):  
Data Protection ◽  
Complex Structure ◽  
Legal Framework ◽  
Fundamental Rights ◽  
Third Party ◽  
Inaccurate Information ◽  
Injunctive Relief ◽  
Limitations And Exceptions ◽  
The Right ◽  
Defamation Law

AbstractDefamation law has historically occupied a position of overwhelming dominance in the vindication of the traditional right to reputation. Nevertheless, liberalisation of this legal framework including through the Defamation Act 2013 has led to a concern that, when analysed from a fundamental rights perspective, “gaps” in the protection provided for natural persons may have emerged. In this new context, there has been a renewed focus on whether data protection may fill the potential lacunae. Data protection law contains a number of important limitations and exceptions and its jurisprudence has been both limited and sometimes confused. Nevertheless, this article argues that its broad purpose and complex structure ensure it will play a significantly augmented role in the future, especially in actions against website operators facilitating the dissemination of information posted by a third party, the publication of opinion, or where either injunctive relief or the correction of inaccurate information is sought (in particular in cases of continuing online disclosure).

scholarly journals Data Protection and Competition Law Enforcement in the Digital Economy: Why a Coherent and Consistent Approach is Necessary

2021 ◽  
Author(s):  
Klaus Wiedemann
Keyword(s):  
Data Protection ◽  
Consumer Choice ◽  
Business Models ◽  
Online Advertising ◽  
Personal Data ◽  
Competition Law ◽  
Third Party ◽  
Starting Point ◽  
Recent Developments ◽  
Consumer Autonomy

AbstractThis contribution argues that a coherent and consistent interpretation of data protection and competition law is both possible and adequate. To illustrate this need, the ongoing abuse-of-dominance investigation by the French Autorité de la Concurrence against Apple is analysed. Representatives of the online advertising industry lodged a complaint against the introduction of Apple’s “App Tracking Transparency framework”. The latter includes a de facto obstacle to third-party tracking which shuts down advertisers’ access to those precious personal data that can be used for online advertising. With the Apple case in mind and by way of example, this paper argues that the regulation of consent to the processing of personal data under the GDPR serves as a dogmatic link between data protection and competition law, as this legal basis is at the heart of many digital business models. The GDPR provides a normative framework to determine when consent has been “freely given”. This can be a fruitful starting point for a competitive assessment, too, as both legal regimes pursue the objective of protecting consumer autonomy and consumer choice. The paper finishes by finding that its dogmatic approach corresponds to recent developments within competition law legislation and enforcement.

scholarly journals THE EFFECTIVENESS OF THE MINISTER OF COMMUNICATION AND INFORMATICS REGULATION NUMBER 20 OF 2016 ON THE PROTECTION OF PERSONAL DATA IN ELECTRONIC SYSTEMS

2019 ◽  
Vol 8 (1) ◽  
pp. 119
Author(s):  
Fadhilah Pijar Ash Shiddiq ◽  
Sinta Dewi Rosadi ◽  
Rika Ratna Permata
Keyword(s):  
International Law ◽  
Data Protection ◽  
Personal Data ◽  
Information Privacy ◽  
Third Party ◽  
Electronic Systems ◽  
Personal Data Protection ◽  
Positive Law ◽  
Sim Card ◽  
The Right

<p>Privacy, as a part of Human Rights, is the right of freedom of private matters. The basic concept of privacy is “the right to be let alone” which state that every individual have the right to have his own solitude without intervention. One of the most important information which also can be associated with Information Privacy is Personal Data that shall be protected as a form of protection to the privacy itself. Some of the personal data has been used as the requirements of the SIM Card Registration, thus making new problems regarding its personal data protection since the comprehensive regulation still covered only by the Ministral Regulation. Research method used in this paper is Descriptive Analytic in which the writer analyze the research object by explaining the situation and the condition of the personal data protection obtained from literatures on the facts that can be associated with the implementation of SIM Card Registration Policy according to Indonesia’s Positive Law and International Law. According to the result of the study, the Ministral Regulation already covered most of the basic data protection needed in the SIM card registration policy, however the protection provided by the Ministral Regulation still has not covered the third party involved. The Involvement of this third party is inevitable and should be protected immediatelyin order to prevent any abuse of personal data.</p>

Sign in / Sign up

Export Citation Format

Share Document