Contractual Obligations as a Tool for International Transfers of Personal Data under the GDPR

2020 ◽  
Author(s):  
Martina Mantovani
Keyword(s):  
Personal Data ◽  
Contractual Obligations ◽  
International Transfers

International Transfers of Personal Data

2011 ◽  
pp. 292-315
Author(s):  
Sam De Silva
Keyword(s):  
Data Protection ◽  
Explicit Knowledge ◽  
Personal Information ◽  
Personal Data ◽  
Legal Compliance ◽  
Global Nature ◽  
The Individual ◽  
The Uk ◽  
Data Controller ◽  
International Transfers

Developments in technology and the global nature of business means that personal information about individuals in the UK may often be processed overseas, frequently without the explicit knowledge or consent of those individuals. This raises issues such as the security of such data, who may have access to it and for what purposes and what rights the individual may have to object. The Data Protection Act 1998 provides a standard of protection for personal data, including in respect of personal data that is being transferred outside of the UK. Chapter 18 focus on how a UK data controller (the organisation that controls how and why personal data is processed and is therefore legally responsible for compliance) can fulfil its business and operational requirements in transferring personal data outside the EEA, whilst ensuring legal compliance.

scholarly journals A GDPR International Transfer Compliance Framework Based on an Extended Data Privacy Vocabulary (DPV)

2021 ◽  
Author(s):  
David Hickey ◽  
Rob Brennan
Keyword(s):  
Data Protection ◽  
Financial Services ◽  
Working Group ◽  
Data Privacy ◽  
Personal Data ◽  
Software Tool ◽  
Proposed Model ◽  
Group A ◽  
Prototype Software ◽  
International Transfers

This paper describes a tool using an extended Data Privacy Vocabulary (the DPV) to audit and monitor GDPR compliance of international transfers of personal data. New terms were identified which have been proposed as extensions to the DPV W3C Working Group. A prototype software tool was built based on the model plus a set of validation rules, and synthetic use-cases created to test the capabilities of the model and tool (together a compliance framework). This framework was created because the rules around international transfer compliance are complex and changing, there is an absence of a common approach to ensuring compliance, few tools exist to assist, and those that do lack interoperability. Evaluation results demonstrate that the proposed model improves compliance identification and standardisation. The tool received positive feedback from the data protection practitioners who participated in the evaluation, and an initial version of is now in use in one financial services organisation. While currently the tool only addresses international transfers, in theory the framework can be extended through further work to the broader area of compliance of other aspects of the GPDR.

scholarly journals W poszukiwaniu prawa właściwego dla cywilnoprawnych roszczeń odszkodowawczych z tytułu naruszenia RODO (art. 82 RODO)

2021 ◽  
Vol 28 ◽  
pp. 51-73
Author(s):  
Monika Jagielska ◽  
Mariusz Jagielski
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Eu Member States ◽  
Personal Data Protection ◽  
Personal Rights ◽  
Compensation Claims ◽  
The Law ◽  
Contractual Obligations ◽  
The Relationship ◽  
The Eu

The main purpose of this study is to determine which conflict of law rules constitute the basis for the search for the law applicable to private-law compensation claims provided for in Article 82 of the GDPR, and whether it is possible to apply the Rome II Regulation on the law applicable to non-contractual obligations in this regard. The authors first set out the main features of the claim, with particular emphasis on those areas where discrepancies may arise at the level of national law. They then qualify the claim as a tortious one, which leads them to pose a question about the applicability of the Rome II Regulation in this case. Special attention is given to the relationship between privacy and personal data protection. The authors argue that these two spheres have become gradually separated from each other and finally, under GDPR, claims for damages for a breach of personal data protection being independent of claims for an infringement of personal rights. Consequently, they assume that the law applicable to a claim under Article 82 of the GDPR should be indicated on the basis of the Rome II Regulation, despite the doubts arising from the exclusion provided for in Article 1.2.g Rome II. If approach is accepted, it will have significant consequences for the harmonisation of the application of the GDPR in the EU Member States, and for achieving the harmonisation of decisions at the level of national law.

SARI : A User-Oriented Data Bank System for Medical Applications

1976 ◽  
Vol 15 (02) ◽  
pp. 69-74
Author(s):  
M. Goldberg ◽  
B. Doyon
Keyword(s):  
Data Base ◽  
Personal Data ◽  
Data Bank ◽  
Medical Applications ◽  
Basic Principles ◽  
Base Management ◽  
General Data ◽  
Privacy Problem ◽  
Bank System ◽  
Made In

This paper describes a general data base management package, devoted to medical applications. SARI is a user-oriented system, able to take into account applications very different by their nature, structure, size, operating procedures and general objectives, without any specific programming. It can be used in conversational mode by users with no previous knowledge of computers, such as physicians or medical clerks.As medical data are often personal data, the privacy problem is emphasized and a satisfactory solution implemented in SARI.The basic principles of the data base and program organization are described ; specific efforts have been made in order to increase compactness and to make maintenance easy.Several medical applications are now operational with SARI. The next steps will mainly consist in the implementation of highly sophisticated functions.

Measurements method of the audio recordings acoustic quality indicator prepared for registration and processing in the Unified Biometric System

2019 ◽  
pp. 40-46 ◽  
Author(s):  
V.V. Savchenko ◽  
A.V. Savchenko
Keyword(s):  
Quality Control ◽  
Small Sample Size ◽  
Personal Data ◽  
Digital Processing ◽  
Small Sample ◽  
Practical Implementation ◽  
Acoustic Measurements ◽  
Pitch Frequency ◽  
Wide Range ◽  
Automated Quality Control

We consider the task of automated quality control of sound recordings containing voice samples of individuals. It is shown that in this task the most acute is the small sample size. In order to overcome this problem, we propose the novel method of acoustic measurements based on relative stability of the pitch frequency within a voice sample of short duration. An example of its practical implementation using aninter-periodic accumulation of a speech signal is considered. An experimental study with specially developed software provides statistical estimates of the effectiveness of the proposed method in noisy environments. It is shown that this method rejects the audio recording as unsuitable for a voice biometric identification with a probability of 0,95 or more for a signal to noise ratio below 15 dB. The obtained results are intended for use in the development of new and modifying existing systems of collecting and automated quality control of biometric personal data. The article is intended for a wide range of specialists in the field of acoustic measurements and digital processing of speech signals, as well as for practitioners who organize the work of authorized organizations in preparing for registration samples of biometric personal data.

Еnforcement of Property Rights and Conractual Obligations

2003 ◽  
pp. 83-100 ◽  
Author(s):  
A. Radygin ◽  
R. Entov
Keyword(s):  
Property Rights ◽  
Legal Framework ◽  
Economic Consequences ◽  
Theoretical Approaches ◽  
Contractual Obligations ◽  
Regional Authorities ◽  
Practical Recommendations

The paper deals with theoretical approaches to the problems of property rights and contractual obligations and with analysis of economic consequences of the imperfect enforcement system. In particular, the authors consider Russian experience in the sphere of corporate conflicts. Legal and practical recommendations related to the improvement of legal framework, judiciary reform, executory process and different federal and regional authorities are also presented.

Implementation of Regulation of The Minister of Kominfo Number 20 2016 in Disdukcapil Sleman, Temanggung, and Gianyar District

2020 ◽  
Vol 24 (1) ◽  
Author(s):  
Nfn Darmanto ◽  
Nur Zaini
Keyword(s):  
Personal Data ◽  
Electronic Systems ◽  
Case Study Method ◽  
Literature Study ◽  
Civil Registration ◽  
Edwards Model ◽  
District Government ◽  
The Government ◽  
Study Techniques

AbstrakPenelitian ini dilatarbelakangi oleh menguatnya wacana mengenai pentingnya perlindungan data pribadi  dan terbitnya Peraturan Menteri Komunikasi dan Informatika Nomor 20 Tahun 2016 tentang Perlindungan Data Pribadi dalam Sistem Elektronik. Adapun tujuan penelitian adalah untuk mengetahui kinerja implementasi Peraturan Menteri tersebut di lingkungan Pemerintah Kabupaten. Penelitian  dilakukan di Dinas Kependudukan dan Pencatatan Sipil pada Pemerintah Kabupaten Gianyar, Temanggung, dan Sleman dengan menggunakan metode studi kasus, sedangkan pengum­pu­lan data menggunakan teknik studi pustaka, wawancara, dan observasi. Pembahasan dilakukan dengan menggunakan konsep implemen­tasi model Edwards yang melihat implementasi berdasarkan variabel komunikasi, sumber-sumber, kecenderungan-kecenderu­ngan, dan struk­tur birokrasi. Hasil penelitian menunjuk­kan bahwa penyelenggaraan administrasi kependudukan yang di dalamnya termasuk perlindungan data pribadi oleh Dinas Kependudukan dan Pencatatan Sipil merujuk pada Peraturan Menteri Dalam Negeri Nomor 61 Tahun 2015, sedangkan Peraturan Menteri Komunikasi dan Informatika Nomor 20 tahun 2016 sama sekali belum mereka ketahui. AbstractThis research is motivated by the strengthening of discourse regarding the importance of protecting personal data and the issuance of Minister of Communication and Information Regulation No. 20 of 2016 concerning Protection of Personal Data in Electronic Systems. The research objective is to determine the performance of the implementation of the Ministerial Regulation within the District Government. The study was conducted at the Department of Population and Civil Registration at the Government of the Regency of Gianyar, Temanggung, and Sleman by using a case study method, while data collection using literature study techniques, interviews, and observations. The discussion was carried out using the concept of implementation of Edwards model that looked at implementation based on communication variables, sources, trends, and bureaucratic structure. The results showed that the administration of population administration which included the protection of personal data by the Population and Civil Registry Office referred to the Minister of Home Affairs Regulation No. 61 of 2015, while the Minister of Communication and Information Regulation No. 20 of 2016 was completely unknown to them.   

Sign in / Sign up

Export Citation Format

Share Document