scholarly journals Swedish Law on Personal Data in Biobank Research: Permissible But Complex

2021 ◽  
pp. 379-394
Author(s):  
Magnus Stenbeck ◽  
Sonja Eaker Fält ◽  
Jane Reichel
Keyword(s):  
Data Protection ◽  
Personal Information ◽  
Personal Data ◽  
Population Based ◽  
Public Access ◽  
Future Research ◽  
Regulatory Regime ◽  
Biobank Research ◽  
The Right ◽  
Effective Use

AbstractThis chapter describes the regulatory and organisational infrastructure of biobank research in Sweden, and how the introduction of the GDPR affects the possibilities to use biobank material in future research. The Swedish legislator has chosen a rather minimalistic approach in relation to the research exception in Article 89 GDPR and has only enacted limited general exceptions to the data protection rules. This may be partly explained by the comprehensive right to public access to official documents which gives researchers vast access to information held in registries, albeit conditioned on abiding by secrecy and confidentiality rules. The Swedish legislation implementing the GDPR includes a general exception from the data protection rules in relation to the right to access to official documents, which researchers also benefit from. However, confidentiality rules for different categories of information differ between sectors, which hinders an effective use of the registries in research. The regulatory regime for using biobank and registry data in Sweden thus involves both data protection and secrecy rules, which makes the legal landscape permissible but complex. The operationalisation of the research exception in Article 89 GDPR is analysed against this background. Special attention is given to the possibility to link personal information derived from biobanks with personal information from other data sources, including large national population based statistical registries as well as information from national clinical registers.

scholarly journals La forja jurisprudencial del principio de transparencia

2011 ◽  
pp. 381
Author(s):  
Blanca Ballester Martínez
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Case Law ◽  
Fundamental Rights ◽  
Public Access ◽  
The European Union ◽  
European Court ◽  
Ordre Public ◽  
The Right ◽  
Access To Documents

Regulation 1049/2001 establishes and shapes the right of access to documents in the European Union. This right is limited by a series of colliding principles and rights, such as privacy of personal data, ‘ordre public’ or commercial interests. The European Court of Justice, through rulings by each one of its two Courts (the General Court and the European Court), has shaped and generally extended the scope of Regulation 1049/2001, increasing transparency in the institutions. However, there is no clear case-law trend as regards access to documents, since rulings often contradict each other and precedents are of relatively little value. Recent rulings, such as those given to the Borax and Bavarian Lager cases, seem to restrict public access to documents in the institutions by placing access to documents under other values such as privacy and data protection. This trend seems again to contradict what the Lisbon Treaty and the European Charter of Fundamental Rights have just introduced: a higher consideration of access to documents and a clear commitment with institutional transparency. This paper aims at giving a clear overview of the evolution and state of play of the right of public access to documents in the European legislation and case law. By analyzing the latest legal and jurisprudential developments, it can be concluded that law and case law do not seem to go hand in hand yet and seem to contradict each other. Immediate and further developments should be watched with a careful eye, as these will shape the post-Lisbon concept of access to documents. Consequently, essential principles such as transparency and data protection might undergo as well important changes.El Reglamento 1049/2001 consagra y configure el derecho de acceso público a documentos en la Unión Europea. Este derecho está limitado por ciertos bienes jurídicos en conflicto, como la privacidad de los datos personales, el orden público o los intereses comerciales. El Tribunal de Justicia de la Unión Europea, a través de las sentencias emanadas de sus dos instancias, ha pulido y en general extendido el campo de aplicación del Reglamento 1049/2001, aumentando la transparencia en las instituciones. Sin embargo, no hay una línea jurisprudencial clara al respecto, dado que las sentencias a menudo se contradicen entre sí y los precedentes jurisprudenciales parecen tener escaso valor en los asuntos posteriores. Algunas sentencias recientes, como las recaídas en los asuntos Borax y Bavarian Lager, parecen por el contrario restringir el derecho de acceso a documentos, dado que hacen prevalecer otros bienes jurídicos como la privacidad o la protección de datos. Esta última tendencia parece contradecir al Tratado de Lisboa y a la Carta Europea de Derechos Fundamentales, puesto que éstos han introducido una mayor consideración al derecho de acceso a documentos con el fin de aumentar la transparencia institucional. Este artículo busca procurar una panorámica general de la evolución y el estado actual del derecho de acceso público a los documentos tanto en la legislación como en la jurisprudencia europeas. Del análisis tanto de las novedades legislativas y jurisprudenciales al respecto se deduce que ambas no parecen ir a la par, sino que llegan incluso a contradecirse. El desarrollo futuro tanto de la ley como de la jurisprudencia deberán ser objeto de estudio detallado, dado que serán determinantes en la configuración del derecho de acceso a documentos tras el Tratado de Lisboa. Como consecuencia de esto, puede que ciertos principios también fundamentales, como la transparencia o la protección de datos, sufran importantes cambios en un futuro inmediato.

scholarly journals Personal Data Protection and Access to Archives in Ukraine: From the National and International Perspective

Atlanti ◽  
2018 ◽  
Vol 28 (2) ◽  
pp. 61-70
Author(s):  
Maryna Paliienko
Keyword(s):  
Data Protection ◽  
Personal Information ◽  
Public Information ◽  
Personal Data ◽  
International Perspective ◽  
Economic Life ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
The Right

The article is devoted to the analysis of the General Data Protection Regulation, which came into force on May 25, 2018, on the territory of the member states of the European Union, in comparison with the legislation on personal data that operates in Ukraine. The following basic concepts such as “personal data”, “personal data bases”, “information protection”, “the right to access to information”, “the right to erasure” are considered. Special attention is paid to the activities of archives in collecting, processing, storing and providing access to documents that contain personal information. It is analyzed the Laws of Ukraine “On Information”, “On Protection of Personal Data”, “On Access to Public Information”, “On the National Archival Fond and Archival Institutions”. It has been pointed out that the GDPR has very important value for European socio-political and economic life, for working out data protection standards and a new international privacy protection framework.

scholarly journals UIDAI Aadhar Enrollment with P2P Blockchain Technologies

2019 ◽  
Vol 9 (2S) ◽  
pp. 720-723
Keyword(s):  
Big Data ◽  
Data Protection ◽  
Personal Information ◽  
Personal Data ◽  
Sensitive Data ◽  
Encrypted Data ◽  
The Right To Privacy ◽  
Privacy Act ◽  
Distributed Ledger ◽  
The Right

Blockchain technologies are becoming more popular in securing the sensitive data such as government holding citizens’ s wealth, health and personal information. A blockchain is a shared encrypted data of records, consisting of a ledger of transactions. As the data stored in blockchain is tamper proof, it is proposed to implement new Aadhar enrolments with P2P Blockchains and migrate the existing centralized Aadhar personnel’s personal data from the conventional RDBMS / Big data system repositories to distributed ledger technologies by creating private blockchains. In this paper, we will discuss how to provide security for Aadhar card enrolment data using blockchain architectures. A blockchain-based Aadhaar would help UIDAI in truly complying with the data protection and privacy stipulations outlined in the Right to Privacy Act judgment

scholarly journals Can the GDPR and Freedom of Expression Coexist?

AJIL Unbound ◽  
2020 ◽  
Vol 114 ◽  
pp. 31-34
Author(s):  
Nani Jansen Reventlow
Keyword(s):  
Data Protection ◽  
Data Privacy ◽  
Freedom Of Expression ◽  
Personal Information ◽  
Personal Data ◽  
Raw Material ◽  
Individual Data ◽  
General Data Protection Regulation ◽  
General Data ◽  
The Right

The General Data Protection Regulation (GDPR) imposes important transparency and accountability requirements on different actors who process personal data. This is great news for the protection of individual data privacy. However, given that “personal information and human stories are the raw material of journalism,” what does the GDPR mean for freedom of expression and especially for journalistic activity? This essay argues that, although EU states seem to have taken their data protection obligations under the GDPR seriously, efforts to balance this against the right to freedom of expression have been more uneven. The essay concludes that it is of key importance to ensure that the GDPR's safeguards for data privacy do not compromise a free press.

scholarly journals Development of Personal Information Privacy Concerns Evaluation

2018 ◽  
pp. 4862-4871
Author(s):  
Anna Rohunen ◽  
Jouni Markkula
Keyword(s):  
Service Providers ◽  
Personal Information ◽  
Personal Data ◽  
Future Research ◽  
Privacy Concerns ◽  
The Public ◽  
Data Intensive ◽  
Information Privacy Concerns ◽  
Evaluation Instruments ◽  
Information And Communication

Personal data is increasingly collected with the support of rapidly advancing information and communication technology, which raises privacy concerns among data subjects. In order to address these concerns and offer the full benefits of personal data intensive services to the public, service providers need to understand how to evaluate privacy concerns in evolving service contexts. By analyzing the earlier used privacy concerns evaluation instruments, we can learn how to adapt them to new contexts. In this article, the historical development of the most widely used privacy concerns evaluation instruments is presented and analyzed regarding privacy concerns' dimensions. Privacy concerns' core dimensions, and the types of context dependent dimensions, to be incorporated into evaluation instruments are identified. Following this, recommendations on how to utilize the existing evaluation instruments are given, as well as suggestions for future research dealing with validation and standardization of the instruments.

scholarly journals La necesidad de una ley de protección de datos en salud

Bioderecho.es ◽  
2019 ◽  
Author(s):  
María Mercedes Serrano Pérez
Keyword(s):  
Data Protection ◽  
Personal Information ◽  
Right To Health ◽  
The Social ◽  
Social Side ◽  
The Right

Resumen: El tratamiento de la información personal en el contexto de la salud y de la investigación en salud ha de conjugar el derecho a la protección de datos de las personas con la necesidad de utilizar la información para la satisfacción de la vertiente colectiva que incorpora el derecho a la salud. El beneficio de dicha armonía repercute en toda la sociedad. Las leyes de protección de datos han de perseguir dicho objetivo.  Summary: The treatmen of personal information in the context of health and the investigation has to harmonize the right to data protection with the use of information to satisfy the social side of the right to health. The benefit of this relationship has an impact on society. Data protection laws pursue this objective

scholarly journals Personas datu aizsardzības mērķis un tiesiskā regulējuma vēsturiskā attīstība

2019 ◽  
Vol 1 (13) ◽  
pp. 104-109
Author(s):  
Agnese Reine-Vītiņa
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
European Countries ◽  
Population Census ◽  
Federal Republic Of Germany ◽  
Right To Privacy ◽  
Personal Data Protection ◽  
The Right To Privacy ◽  
The Government ◽  
The Right

Mūsdienās tiesības uz privāto dzīvi nepieciešamas ikvienā demokrātiskā sabiedrībā, un šo tiesību iekļaušana konstitūcijā juridiski garantē fiziskas personas rīcības brīvību un vienlaikus arī citu – valsts pamatlikumā noteikto – cilvēka tiesību īstenošanu [5]. Personas datu aizsardzības institūts tika izveidots, izpratnes par tiesību uz personas privātās dzīves neaizskaramību saturu paplašinot 20. gadsimta 70. gados, kad vairāku Eiropas valstu valdības uzsāka informācijas apstrādes projektus, piemēram, tautas skaitīšanu u. c. Informācijas tehnoloģiju attīstība ļāva arvien vairāk informācijas par personām glabāt un apstrādāt elektroniski. Viena no tiesību problēmām bija informācijas vākšana par fizisku personu un tiesību uz privātās dzīves neaizskaramību ievērošana. Lai nodrošinātu privātās dzīves aizsardzību, atsevišķas Eiropas valstis pēc savas iniciatīvas pieņēma likumus par datu aizsardzību. Pirmie likumi par personas datu aizsardzību Eiropā tika pieņemti Vācijas Federatīvajā Republikā, tad Zviedrijā (1973), Norvēģijā (1978) un citur [8, 10]. Ne visas valstis pieņēma likumus par datu aizsardzību vienlaikus, tāpēc Eiropas Padome nolēma izstrādāt konvenciju, lai unificētu datu aizsardzības noteikumus un principus. Nowadays, the right to privacy is indispensable in every democratic society and inclusion of such rights in the constitution, guarantees legally freedom of action of a natural person and, simultaneously, implementation of other human rights established in the fundamental law of the state. The institute of personal data protection was established by expanding the understanding of the content of the right to privacy in the 70’s of the 19th century, when the government of several European countries initiated information processing projects, such as population census etc. For the development of information technology, more and more information on persons was kept and processed in electronic form. One of the legal problems was gathering of information on natural persons and the right to privacy. In order to ensure the protection of privacy, separate European countries, on their own initiative, established a law on data protection. The first laws on the protection of personal data in Europe were established in the Federal Republic of Germany, then in Sweden (1973), Norway (1978) and elsewhere. Not all countries adopted laws on data protection at the same time, so the Council of Europe decided to elaborate a convention to unify data protection rules and principles.

The Right to Privacy and the Protection of Personal Data in a Digital Era and the Age of Information

2012 ◽  
pp. 34-45
Author(s):  
William Bülow ◽  
Misse Wester
Keyword(s):  
Empirical Evidence ◽  
Personal Information ◽  
Personal Data ◽  
Modern Society ◽  
Right To Privacy ◽  
Policy Makers ◽  
The Right To Privacy ◽  
Digital Era ◽  
The Individual ◽  
The Right

As information technology is becoming an integral part of modern society, there is a growing concern that too much data containing personal information is stored by different actors in society and that this could potentially be harmful for the individual. The aim of this contribution is to show how the extended use of ICT can affect the individual’s right to privacy and how the public perceives risks to privacy. Three points are raised in this chapter: first, if privacy is important from a philosophical perspective, how is this demonstrated by empirical evidence? Do individuals trust the different actors that control their personal information, and is there a consensus that privacy can and should be compromised in order to reach another value? Second, if compromises in privacy are warranted by increased safety, is this increased security supported by empirical evidence? Third, the authors will argue that privacy can indeed be a means to increase the safety of citizens and that the moral burden of ensuring and protecting privacy is a matter for policy makers, not individuals. In conclusion, the authors suggest that more nuanced discussion on the concepts of privacy and safety should be acknowledged and the importance of privacy must be seen as an important objective in the development and structure of ICT uses.

International Transfers of Personal Data

2011 ◽  
pp. 292-315
Author(s):  
Sam De Silva
Keyword(s):  
Data Protection ◽  
Explicit Knowledge ◽  
Personal Information ◽  
Personal Data ◽  
Legal Compliance ◽  
Global Nature ◽  
The Individual ◽  
The Uk ◽  
Data Controller ◽  
International Transfers

Developments in technology and the global nature of business means that personal information about individuals in the UK may often be processed overseas, frequently without the explicit knowledge or consent of those individuals. This raises issues such as the security of such data, who may have access to it and for what purposes and what rights the individual may have to object. The Data Protection Act 1998 provides a standard of protection for personal data, including in respect of personal data that is being transferred outside of the UK. Chapter 18 focus on how a UK data controller (the organisation that controls how and why personal data is processed and is therefore legally responsible for compliance) can fulfil its business and operational requirements in transferring personal data outside the EEA, whilst ensuring legal compliance.

Sign in / Sign up

Export Citation Format

Share Document