scholarly journals Between Privacy Protection and Data Progression - The GDPR in the Context of People Analytics

MaRBLe ◽  
2018 ◽  
Vol 4 ◽  
Author(s):  
Nella Junge
Keyword(s):  
Human Resources ◽  
Data Protection ◽  
Privacy Protection ◽  
Data Sources ◽  
Privacy Concerns ◽  
General Data Protection Regulation ◽  
General Data

New analytical capabilities have revolutionized the field of Human Resources (HR). With the incessant creation of data and data sources, a new field of practice has developed: people analytics.However, people analytics raises crucial privacy concerns for employees. The new General Data Protection Regulation (GDPR) is supposed to provide more transparency and stronger protection for individuals. By conducting interviews with experts in people analytics and carrying out a survey with people analytics practitioners, this paper examines how the GDPR can be expected to affect organisations using people analytics and their employees. The results of this research indicate that the GDPR will provide stronger privacy and data protection for employees and still allow organisations to conduct people analytics.

scholarly journals Has the GDPR hype affected users’ reaction to cookie disclaimers?

2020 ◽  
Vol 6 (1) ◽  
Author(s):  
Oksana Kulyk ◽  
Nina Gerber ◽  
Annika Hilt ◽  
Melanie Volkamer
Keyword(s):  
Data Protection ◽  
Media Coverage ◽  
Privacy Protection ◽  
Third Parties ◽  
Survey Study ◽  
Decision To Leave ◽  
General Data Protection Regulation ◽  
General Data ◽  
Negative Feelings

  For many years, cookies have been widely used by websites, storing information about users’ behaviour. While enabling additional functionality and potentially improving user experience, cookies can be a threat to users’ privacy, especially cookies used by third parties for data analysis. Websites providers are legally required to inform users about cookie use by displaying a so-called cookie disclaimer. We conducted a survey study in 2017 to investigate how users perceive this disclaimer and whether it affects their actual behaviour. We found that while most participants had negative feelings towards the disclaimer, the disclaimer text had no significant effect on their decision to leave the website. Since the extensive media coverage of data protection issues that accompanied the EU General Data Protection Regulation (GDPR) entry into force in May 2018 may have sensitized users to privacy protection, we conducted a follow-up study in December 2018. Our results suggest that users did not change their attitude towards cookie use in favour of privacy protection, but got even more accustomed to the use of cookies, also by third parties. Moreover, many users seem to have misconceptions regarding cookie use. We discuss the implications of our results for the users’ right to make an informed decision about their privacy.

scholarly journals GDPR: Is your consent valid?

2020 ◽  
Vol 37 (1) ◽  
pp. 19-24
Author(s):  
Stephen Breen ◽  
Karim Ouazzane ◽  
Preeti Patel
Keyword(s):  
Information Systems ◽  
Data Protection ◽  
Personal Data ◽  
Data Driven ◽  
Privacy Concerns ◽  
General Data Protection Regulation ◽  
Philosophical Background ◽  
General Data ◽  
Compliance With The Law ◽  
Point Of Departure

The General Data Protection Regulation (GDPR) 2018 imposes much greater demands on companies to address the rights of individuals who provide data, that is, Data Subjects. The new law requires a much more transparent approach to gaining consent to process personal data. However, few obvious changes to how consent is gained from Data Subjects to comply with this. Many companies are running the risk of non-compliance with the law if they fail to address how data are obtained and the lack of true consent which Data Subjects currently give to their data being processed. Consent is a complex philosophical principle which relies on the person giving the consent being in full possession of the facts, this article explores the philosophical background of consent and examines the circumstances which were the point of departure for the debate on consent and attempts to develop an understanding of it in the context of the growing influence of information systems and the data-driven economy. The GDPR has gone further than any other regulation or law to date in developing an understanding of consent to address personal data and privacy concerns.

Data Protection in UK Library and Information Services: Are We Ready for GDPR?

2018 ◽  
Vol 18 (1) ◽  
pp. 28-34 ◽  
Author(s):  
Josephine Bailey
Keyword(s):  
Data Protection ◽  
Data Security ◽  
Current Data ◽  
Information Services ◽  
Security And Privacy ◽  
Privacy Concerns ◽  
General Data Protection Regulation ◽  
General Data ◽  
Data Protection Law

AbstractAgainst a backdrop of increasing data security and privacy concerns, current data protection law will soon be overhauled by the General Data Protection Regulation (GDPR). Previous research has indicated a lack of data protection management in libraries, however, it has been nine years since the latest study. This article by Josephine Bailey aims to provide an updated review of the extent of data protection management in UK library and information services and gauge preparation for the incoming GDPR.

Data Protection Commissioner v. Facebook Ireland Ltd. and Maximillian Schrems (C.J.E.U.)

2021 ◽  
Vol 60 (1) ◽  
pp. 53-98
Author(s):  
Michael S. Aktipis ◽  
Ron B. Katwan
Keyword(s):  
Data Protection ◽  
Data Privacy ◽  
Personal Data ◽  
The United States ◽  
Transfer Mechanism ◽  
The European Union ◽  
Privacy Concerns ◽  
General Data Protection Regulation ◽  
General Data ◽  
The Eu

On July 16, 2020, the Court of Justice of the European Union (CJEU) issued its ruling in Data Protection Commissioner v. Facebook Ireland Limited and Maximillian Schrems, commonly known as Schrems II, invalidating the EU–U.S. Privacy Shield as a valid transfer mechanism under the EU's General Data Protection Regulation (GDPR) and creating significant legal uncertainty for the continued availability of another widely used transfer mechanism, Standard Contractual Clauses (SCCs), for transfers of EU personal data from commercial entities in the EU to the United States. The widely anticipated ruling marked the second time in five years that the CJEU had invalidated the legal foundation for such data transfers, which in both cases had been the result of a carefully negotiated compromise balancing European data privacy concerns with statutory and constitutional limitations of the U.S. system (see Schrems I).

scholarly journals Distortion in Real-World Analytic Processes

2019 ◽  
Author(s):  
Peter Kieseberg ◽  
Lukas Daniel Klausner ◽  
Andreas Holzinger
Keyword(s):  
Machine Learning ◽  
Big Data ◽  
Learning Environments ◽  
Real World ◽  
Data Protection ◽  
Privacy Protection ◽  
Data Analytics ◽  
Big Data Analytics ◽  
General Data Protection Regulation ◽  
General Data

In discussions on the General Data Protection Regulation (GDPR), anonymisation and deletion are frequently mentioned as suitable technical and organisational methods (TOMs) for privacy protection. The major problem of distortion in machine learning environments, as well as related issues with respect to privacy, are rarely mentioned. The Big Data Analytics project addresses these issues.

scholarly journals Your Data Is My Data: A Framework for Addressing Interdependent Privacy Infringements

2019 ◽  
Vol 38 (4) ◽  
pp. 433-450 ◽  
Author(s):  
Bernadette Kamleitner ◽  
Vince Mitchell
Keyword(s):  
Data Protection ◽  
Privacy Protection ◽  
Personal Information ◽  
The European Union ◽  
Current Policy ◽  
General Data Protection Regulation ◽  
Major Threat ◽  
Fourth Class ◽  
General Data ◽  
Multiple Actors

Everyone holds personal information about others. Each person’s privacy thus critically depends on the interplay of multiple actors. In an age of technology integration, this interdependence of data protection is becoming a major threat to privacy. Yet current regulation focuses on the sharing of information between two parties rather than multiactor situations. This study highlights how current policy inadequacies, illustrated by the European Union General Data Protection Regulation, can be overcome by means of a deeper understanding of the phenomenon. Specifically, the authors introduce a new phenomenological framework to explain interdependent infringements. This framework builds on parallels between property and privacy and suggests that interdependent peer protection necessitates three hierarchical steps, “the 3Rs”: realize, recognize, and respect. In response to observed failures at these steps, the authors identify four classes of intervention that constitute a toolbox addressing what can be done by marketers, regulators, and privacy organizations. While the first three classes of interventions address issues arising from the corresponding 3Rs, the authors specifically advocate for a fourth class of interventions that proposes radical alternatives that shift the responsibilities for privacy protection away from consumers.

Sign in / Sign up

Export Citation Format

Share Document