scholarly journals INTERCONNECTIVITY AND DIFFERENCES OF THE (INFORMATION) PRIVACY RIGHT AND PERSONAL DATA PROTECTION RIGHT N THE EUROPEAN UNION

2017 ◽  
Vol 30 (3) ◽  
pp. 125-135
Author(s):  
Zana Pedic
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Legal Protection ◽  
Information Privacy ◽  
Legal Rights ◽  
The European Union ◽  
Personal Data Protection ◽  
Contact Points ◽  
Protection Legislation ◽  
Right To Information

Right to (information) privacy and right to personal data protection have many common contact points. However, the very act of developing data protection, as a younger right into the sui generis right shows that these two rights are not the same and that there are differences between them, huge enough to make them separate legal rights. The main trigger for noticing their different nature, purpose and background and for development of the data protection into the separate right was the revolution in the information technology solutions. This IT progress, for the first time, enabled massive and relatively cheap operations with the personal data and brought not only concern about the security of the personal data, but also unbelievable business possibilities. It was the turning point for the codification of the data protection right which started from 1970ies, aiming to create separate rules and legislation which will understand the importance of not only of protecting personal data but of their regulated and lawful usage. Despite all what was said, there is still certain confusion regarding these two rights, mainly because in the initial phase of the massive usage of the new IT solutions, when the data protection legislation still wasn’t developed, information privacy right served as the only legal protection of the data protection right and the relationship between these two rights is complex even today and deserves to be further researched

scholarly journals Data Sharing Under the General Data Protection Regulation

Hypertension ◽  
2021 ◽  
Vol 77 (4) ◽  
pp. 1029-1035
Author(s):  
Antonia Vlahou ◽  
Dara Hallinan ◽  
Rolf Apweiler ◽  
Angel Argiles ◽  
Joachim Beige ◽  
...  
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Research Approach ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Protection Legislation ◽  
General Data ◽  
Almost All

The General Data Protection Regulation (GDPR) became binding law in the European Union Member States in 2018, as a step toward harmonizing personal data protection legislation in the European Union. The Regulation governs almost all types of personal data processing, hence, also, those pertaining to biomedical research. The purpose of this article is to highlight the main practical issues related to data and biological sample sharing that biomedical researchers face regularly, and to specify how these are addressed in the context of GDPR, after consulting with ethics/legal experts. We identify areas in which clarifications of the GDPR are needed, particularly those related to consent requirements by study participants. Amendments should target the following: (1) restricting exceptions based on national laws and increasing harmonization, (2) confirming the concept of broad consent, and (3) defining a roadmap for secondary use of data. These changes will be achieved by acknowledged learned societies in the field taking the lead in preparing a document giving guidance for the optimal interpretation of the GDPR, which will be finalized following a period of commenting by a broad multistakeholder audience. In parallel, promoting engagement and education of the public in the relevant issues (such as different consent types or residual risk for re-identification), on both local/national and international levels, is considered critical for advancement. We hope that this article will open this broad discussion involving all major stakeholders, toward optimizing the GDPR and allowing a harmonized transnational research approach.

scholarly journals Developing The Personal Data Protection In The European Union: A Consumer-Oriented Approach The Romanian Experience

2008 ◽  
Vol 12 (1) ◽  
pp. 63-74
Author(s):  
Calin Veghes
Keyword(s):  
European Union ◽  
Data Protection ◽  
Direct Marketing ◽  
Personal Data ◽  
Legal Framework ◽  
Public Institutions ◽  
Legal Rights ◽  
The European Union ◽  
Personal Data Protection ◽  
Laws And Regulations

Protection of personal data represents a relatively recent concern for all the entities consumers, organizations and public institutions involved in the development of the direct marketing industry and the overall Romanian market. Noteworthy growth of the direct marketing campaigns, increase in the consumer demands and expectations and the background provided by the countrys adhesion to the European Union, have determined a strong necessity to build up a legal framework for protection of the personal data. Important steps have been made when laws no. 677 (on the protection of the personal data in terms of their processing and free circulation - 2001), no. 506 (on the processing of personal data and protection of privacy in the electronic communications sector - 2004) and no. 102 (regarding the setting up, organization and functioning of the National Supervisory Authority for Personal Data Processing - 2005) have been issued. Adoption of the Directive no. 95/46/EC has connected Romanian and European Union legal framework of the personal data protection. Enforcement of the existing legal background has revealed several problems that have affected activities conducted mainly by the direct marketing and marketing research companies. Relatively unclear definition of the content of personal data to be protected appeared to be one of the most important. From this point, at least the following questions should be answered:what is the specific meaning of the personal data? What data is personal and must be protected through dedicated laws and regulations?are public initiatives best ways and public institutions sole entities to handle the development of an effective legal background for the personal data protection?how important is the voice of the consumers in the process of development of a regulatory environment in this area? Should those to be protected represent the main source of initiating and building the related legal framework?An exploratory survey on a sample including 96 Romanian urban consumers aged 18 to 45 has been conducted aiming to provide information on the: importance of the data protection for the consumers, main characteristics of the data protection legal environment (area of protection, public-private, respectively national-international relationships in terms of the data protection, need for national or international laws and regulations), content of the personal data to be protected by a more precisely defined object of the law, consumer preferences regarding the opt-in and opt-out mechanisms, knowledge associated to the legal rights of consumers related to the personal data protection as they are granted through the existing law, major risks associated with the absence or improper personal data protection mechanisms, consumers exposure to the personal communication media, preferences for personal sources of information and perceived importance of personalization as potential factors to be considered for the development of the personal data protection legal framework, opportunity to develop and implement a Robinson list.Results of the survey may serve as a starting point for a future research conducted at the level of a national representative sample and the Romanian experience may be considered for the upcoming effort to develop a legal framework of the personal data protection in the European Union based on the consumers views, needs and expectations.

scholarly journals Legal Aspects of Artificial Intelligence on Automated Decision-Making in Indonesia

Lentera Hukum ◽  
2020 ◽  
Vol 7 (3) ◽  
pp. 301
Author(s):  
Denindah Olivia
Keyword(s):  
Artificial Intelligence ◽  
United States ◽  
Decision Making ◽  
Data Protection ◽  
Personal Data ◽  
Legal Protection ◽  
The United States ◽  
The European Union ◽  
Personal Data Protection ◽  
Automated Decision Making

This paper analyzes the importance of Indonesia's comprehensive legal framework on automated decision-making empowered by Artificial Intelligence, comparing it to the European Union, the United States, and China. Specifically, this paper inquires about the status quo of the legal protection of automated decision-making In Indonesia. The analysis highlights profiling in an automated decision-making system with the following discussion about personal data protection. In this context, the European Union's member states set out the General Data Protection Regulation (GDPR) that prohibits automated decision-making to a certain extent. In the United States, the practice of automated decision-making is rather usual. Simultaneously, China takes an exceptional measure instead and develops this automation through a social credit system. The analysis concludes that Indonesia has weak legal protection towards personal data and profiling, which later becomes the basis in facilitating automated decision-making. The provision of automated decision-making and profiling is the absolute bare minimum to Indonesia's Personal Data Protection Bill due to insufficient legal certainty. In the end, it is paramount for lawmakers to consider a comprehensive regulation on automated decision-making by adopting the European Union's GDPR framework. KEYWORDS: Artificial Intelligence, Automated Decision-Making, Personal Data Protection.

scholarly journals Data Profiling and Elections: Has Data-Driven Political Campaign Gone Too Far?

2019 ◽  
Vol 3 (1) ◽  
pp. 95
Author(s):  
Alia Yofira Karunian ◽  
Helka Halme ◽  
Ann-Marie Söderholm
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Data Driven ◽  
The European Union ◽  
Political Campaign ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Data Profiling ◽  
Right To Information ◽  
The Right

In the age of digitalization, data-driven political campaign has rapidly shifted into sophisticated data profiling and big data analysis. In Indonesia, the privacy implications of data profiling for political purposes have not been thoroughly studied, much less regulated. This paper aims to conduct a comparative regulatory study between the European Union General Data Protection Regulation (EU GDPR) and Indonesian laws concerning personal data protection in facing the growing practice of data profiling for political purposes. In conclusion, in order to prevent unfair and non-transparent data profiling for political purposes in the upcoming 2019 general election, Indonesia should enact a comprehensive data protection law which provides data subjects with the right to information related to profiling and establishing independent supervisory authority.      

scholarly journals Digital Technologies of the European Union in Personal Data Protection

2019 ◽  
Vol 8 (12) ◽  
pp. 3600-3604
Keyword(s):  
European Union ◽  
Data Protection ◽  
Industrial Revolution ◽  
Personal Information ◽  
Personal Data ◽  
Legal Protection ◽  
Digital Technologies ◽  
Private Life ◽  
The European Union ◽  
Personal Data Protection

The purpose of the article is to consider issues related to the legal protection of personal data in the European Union (EU). Based on a systematic approach and the method of comparative law, it is determined that the legal mechanisms of the EU most extensively regulate their scope, create a rigid framework for European and foreign companies and world corporations, and introduce independent regulatory authorities. This system of personal data protection is the most progressive at the moment. It is revealed that in the 20th-century mankind has experienced a rapid breakthrough of its development when the vector of technology progress was a reoriented towards information infrastructure, huge in its scale and universal coverage. Digital technologies led to the third industrial revolution, and they have entered into everyday life, both professional and domestic. Finally, the authors came to the conclusion that personal data protection rules are increasingly expanding. The world community has already realized the need to protect personal information, prevent its uncontrolled use, and the need to take sufficient measures to ensure the protection of information about the private life of everyone. Issues of cross-border transfer of personal data have become particularly important, and the trend towards the implementation of regulations on the personal data protection of an extraterritorial nature can be clearly seen

scholarly journals Data Protection Impact Assessment (DPIA) for Cloud-Based Health Organizations

2021 ◽  
Vol 13 (3) ◽  
pp. 66
Author(s):  
Dimitra Georgiou ◽  
Costas Lambrinoudakis
Keyword(s):  
Impact Assessment ◽  
Data Protection ◽  
Gap Analysis ◽  
Health Care Organization ◽  
Personal Data ◽  
Care Organization ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Compliance Level

The General Data Protection Regulation (GDPR) harmonizes personal data protection laws across the European Union, affecting all sectors including the healthcare industry. For processing operations that pose a high risk for data subjects, a Data Protection Impact Assessment (DPIA) is mandatory from May 2018. Taking into account the criticality of the process and the importance of its results, for the protection of the patients’ health data, as well as the complexity involved and the lack of past experience in applying such methodologies in healthcare environments, this paper presents the main steps of a DPIA study and provides guidelines on how to carry them out effectively. To this respect, the Privacy Impact Assessment, Commission Nationale de l’Informatique et des Libertés (PIA-CNIL) methodology has been employed, which is also compliant with the privacy impact assessment tasks described in ISO/IEC 29134:2017. The work presented in this paper focuses on the first two steps of the DPIA methodology and more specifically on the identification of the Purposes of Processing and of the data categories involved in each of them, as well as on the evaluation of the organization’s GDPR compliance level and of the gaps (Gap Analysis) that must be filled-in. The main contribution of this work is the identification of the main organizational and legal requirements that must be fulfilled by the health care organization. This research sets the legal grounds for data processing, according to the GDPR and is highly relevant to any processing of personal data, as it helps to structure the process, as well as be aware of data protection issues and the relevant legislation.

scholarly journals Location Privacy in the Wake of the GDPR

2019 ◽  
Author(s):  
Yola Georgiadou ◽  
Rolf de By ◽  
Ourania Kounadi
Keyword(s):  
Data Protection ◽  
Location Privacy ◽  
Cultural Theory ◽  
Personal Data ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Digital Ecosystem ◽  
Protection Legislation ◽  
General Data ◽  
Conducting Research

The General Data Protection Regulation (GDPR) protects the personal data of natural persons and at the same time allows the free movement of such data within the European Union (EU). Hailed as majestic by admirers and dismissed as protectionist by critics, the Regulation is expected to have a profound impact around the world, including in the African Union (AU). For European–African consortia conducting research that may affect the privacy of African citizens, the question is ‘how to protect personal data of data subjects while at the same time ensuring a just distribution of the benefits of a global digital ecosystem?’ We use location privacy as a point of departure, because information about an individual’s location is different from other kinds of personally identifiable information. We analyse privacy at two levels, individual and cultural. Our perspective is interdisciplinary: we draw from computer science to describe three scenarios of transformation of volunteered/observed information to inferred information about a natural person and from cultural theory to distinguish four privacy cultures emerging within the EU in the wake of GDPR. We highlight recent data protection legislation in the AU and discuss factors that may accelerate or inhibit the alignment of data protection legislation in the AU with the GDPR.

scholarly journals The European Union’s Passenger Name Record Data Directive 2016/681: Is it Fit for Purpose?

2017 ◽  
Vol 17 (1) ◽  
pp. 78-106 ◽  
Author(s):  
David Lowe
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
The European Union ◽  
Personal Data Protection ◽  
Serious Crime ◽  
Court Of Justice ◽  
Record Data ◽  
Fit For Purpose

In 2016 the European Union (eu) introduced a Passenger Name Record Data (pnr) Directive. There has been controversy in the eu over the acquisition and sharing of pnr data, related mainly to the lack of safeguards and protection of personal data protection. This article examines these issues related to earlier eu pnr agreements with third countries and why previous eu attempts to legislate in this area failed. By drawing a comparison with the 2011 pnr Directive proposal, the article argues that by meeting the strict eu law on data protection as well as being necessary to assist in preventing and detecting acts of terrorism and serious crime it is submitted the 2016 Directive is fit for purpose and able to withstand scrutiny by the Court of Justice of the European Union.

Sign in / Sign up

Export Citation Format

Share Document