The cardboard box study: understanding collaborative data management in the connected home

AbstractThe home is a site marked by the increasing collection and use of personal data, whether online or from connected devices. This trend is accompanied by new data protection regulation and the development of privacy enhancing technologies (PETs) that seek to enable individual control over the processing of personal data. However, a great deal of the data generated within the connected home is interpersonal in nature and cannot therefore be attributed to an individual. The cardboard box study adapts the technology probe approach to explore with potential end users the salience of a PET called the Databox and to understand the challenge of collaborative rather than individual data management in the home. The cardboard box study was designed as an ideation card game and conducted with 22 households distributed around the UK, providing us with 38 participants. Demographically, our participants were of varying ages and had a variety of occupational backgrounds and differing household situations. The study makes it perspicuous that privacy is not a ubiquitous concern within the home as a great deal of data is shared by default of people living together; that when privacy is occasioned it performs a distinct social function that is concerned with human security and the safety and integrity of people rather than devices and data; and that current ‘interdependent privacy’ solutions that seek to support collaborative data management are not well aligned with the ways access control is negotiated and managed within the home.

Download Full-text

International Transfers of Personal Data

Information Communication Technology Law, Protection and Access Rights ◽

10.4018/978-1-61520-975-0.ch018 ◽

2011 ◽

pp. 292-315

Author(s):

Sam De Silva

Keyword(s):

Data Protection ◽

Explicit Knowledge ◽

Personal Information ◽

Personal Data ◽

Legal Compliance ◽

Global Nature ◽

The Individual ◽

The Uk ◽

Data Controller ◽

International Transfers

Developments in technology and the global nature of business means that personal information about individuals in the UK may often be processed overseas, frequently without the explicit knowledge or consent of those individuals. This raises issues such as the security of such data, who may have access to it and for what purposes and what rights the individual may have to object. The Data Protection Act 1998 provides a standard of protection for personal data, including in respect of personal data that is being transferred outside of the UK. Chapter 18 focus on how a UK data controller (the organisation that controls how and why personal data is processed and is therefore legally responsible for compliance) can fulfil its business and operational requirements in transferring personal data outside the EEA, whilst ensuring legal compliance.

Download Full-text

Delimiting the concept of personal data after the GDPR

Legal Studies ◽

10.1017/lst.2018.52 ◽

2019 ◽

Vol 39 (3) ◽

pp. 517-532

Author(s):

Benjamin Wong

Keyword(s):

Data Protection ◽

Personal Data ◽

Direct Application ◽

The Uk ◽

The Eu

AbstractThis paper explains how the concept of personal data should be delimited. Certainty on this matter is crucial, as it determines the material scope of the data protection obligations. The primary boundary delimiting the scope of personal data is the requirement that personal data ‘relate to’ an individual. The courts of the UK and the EU have sought to delineate this boundary, but there are serious difficulties in the present approaches that have emerged thus far. Two possible ways forward are suggested, taking into account the implications of the direct application of the GDPR in the UK.

Download Full-text

'A Spy in your Pocket'? The Regulation of Mobile Data in the UK.

Surveillance & Society ◽

10.24908/ss.v1i4.3337 ◽

2002 ◽

Vol 1 (4) ◽

Cited By ~ 3

Author(s):

Nicola Green ◽

Sean Smith

Keyword(s):

Law Enforcement ◽

Private Sector ◽

Mobile Communications ◽

Data Protection ◽

Digital Communication ◽

Personal Data ◽

Law Enforcement Agencies ◽

Mobile Data ◽

Communication Devices ◽

The Uk

The growth of mobile digital communication devices has seen a corresponding growth in the data created by users in the course of their mobile communications. The ease with which such data - including sensitive time-dependent location information - can be collected and stored raises clear data protection and concerns. The value such data offers to both law enforcement agencies and the private sector has complicated regulatory responses to such data protection concerns. This has lead to the contradictory situation in which mobile data is used by the law enforcement agencies and the private sector to identify individual users, yet this same information is not considered to be 'personal data'.

Download Full-text

The Concept of E-Voting Mechanism Based on Law of General Election and Information Security

Jambe Law Journal ◽

10.22437/jlj.3.1.19-36 ◽

2020 ◽

Vol 3 (1) ◽

pp. 19-36

Author(s):

Bayu Sujadmiko ◽

Iskardo P Panggar ◽

Ade Sofyansah ◽

Intan Fitri Meutia

Keyword(s):

Data Management ◽

Data Protection ◽

Government Regulation ◽

Personal Data ◽

General Election ◽

Personal Data Protection ◽

General Elections ◽

Data Protection Law ◽

The Law ◽

Voting Mechanisms

The development of technology has made transformation in the world; one of them is the implementation of e-voting systems in general elections. This research aims to dig deeper into the utilization of e voting in Indonesia's general election according to the Law on General Election, and research on the e-voting safety aspect in Indonesia's general election with the Law on ITE, government regulation on One Data Indonesia, and the Bill of Personal Data Protection Law. The research method is normative, which is delivered with an analytic-descriptive method. The results show that Indonesia has arranged elections with e-voting mechanisms for multiples of times, for example, in Jembrana Regency. Based on the General Election Law, e voting could be implemented in Indonesia. However, there are still considerations in terms of technology and preparation that should prevent unwanted burden. There needs to be a regulation for voters' data management to prevent violations against human rights. Data management must pay attention to safety aspects guided by the Law on ITE, government regulation on One Data Indonesia, and the Bill of Personal Data Protection Law

Download Full-text

IZAZOVI PRAVNOG UREĐENJA UPOTREBE OSOBNIH PODATAKA IZ GENSKIH TESTOVA U SVRHU OSIGURANJA

Pravni vjesnik ◽

10.25234/pv/14875 ◽

2021 ◽

Vol 37 (3-4) ◽

pp. 149-170

Author(s):

Maja Bukovac Puvača ◽

Loris Bealnić

Keyword(s):

Data Protection ◽

Personal Data ◽

Comparative Law ◽

Genetic Tests ◽

Personal Data Protection ◽

Use Of Data ◽

The Usa ◽

Liberal Approach ◽

Using Data ◽

The Uk

The paper deals with the issue of using genetic tests for insurance purposes. After introductory remarks, the paper provides an overview of various international and European legal sources both on data protection in general, and on the protection of data from genetic tests. The paper then researches into different solutions proposed by comparative law concerning the use of data from genetic tests for insurance purposes. Some solutions explicitly ban the use of genetic tests for insurance purposes (France, Austria, Portugal, Croatia), while others adopt a more liberal approach, allowing for its use (the USA, the UK, Germany). It is concluded that personal data protection does not exclude the possibility using data from genetic tests for insurance purposes, which proves the need for a common EU approach to the issue.

Download Full-text

Personal Data Protection Authority: Comparative Study between Indonesia, United Kingdom, and Malaysia

Indonesian Scholars Scientific Summit Taiwan Proceeding ◽

10.52162/3.2021112 ◽

2021 ◽

Vol 3 ◽

pp. 54-63

Author(s):

Vina Himmatus Sholikhah ◽

Noering Ratu Fatheha Fauziah Sejati ◽

Diyanah Shabitah

Keyword(s):

Best Practices ◽

Data Protection ◽

Personal Data ◽

Cyber Attacks ◽

Policy Framework ◽

Residential Areas ◽

Personal Data Protection ◽

Internet Users ◽

Data Protection Authority ◽

The Uk

The COVID-19 pandemic has increased the number of people connected to the internet. Based on data, internet users in Indonesia increased by 8.9% from 2018 to 73.7% (APJII, 2020). In addition, internet use is increasing in residential areas and residential areas (Kominfo, 2020). The development of Information, Communication and Technology Technology continues to progress, it needs to be accompanied by data protection regulations. However, Indonesia does not yet have a data protection regulation that can be implemented on the threat of cyber attacks. This research is aimed at finding best practices in data protection that can be applied in Indonesia. This study uses the Narrative Policy Framework (NPF). In the analysis, a comparison is made between data protection authorities to protect data in Indonesia and best practices in the UK and Malaysia, especially in post-pandemic conditions. This study aims to recommend solutions that strengthen data security protection in the post-COVID-19 era in Indonesia.

Download Full-text

Introduction

GDPR and Biobanking - Law, Governance and Technology Series ◽

10.1007/978-3-030-49388-2_1 ◽

2021 ◽

pp. 1-7

Author(s):

Santa Slokenberga ◽

Olga Tzortzatou ◽

Jane Reichel

Keyword(s):

Data Protection ◽

Scientific Research ◽

Personal Data ◽

Practical Experience ◽

General Data Protection Regulation ◽

Eu Member States ◽

General Data ◽

The Uk ◽

Shed Light

AbstractThe General Data Protection Regulation (GDPR) is already four years old legal instrument, with over two years of practical experience, yet, several central questions on its application, its importance in scientific research, rights of the data subjects, and obligations on the controllers and processors remain uncharted. In this edited volume, questions ranging from the meaning of the GDPR provisions for a particular research project to impact of the GDPR on long term collaborations, when the UK is leaving the EU are is discussed. This chapter sets out the aim of this book and provides an overview of how various contributions interplay to shed light on how the GDPR shapes the research regimes on the use of personal data in biobanking by EU Member States.

Download Full-text

INTERACTION BETWEEN BIG DATA AND COMPETITION LAW IN DIGITAL SINGLE MARKET

CBU International Conference Proceedings ◽

10.12955/cbup.v4.850 ◽

2016 ◽

Vol 4 ◽

pp. 597-602

Author(s):

Andrius Puksas

Keyword(s):

Big Data ◽

Data Management ◽

Consumer Protection ◽

Potential Risk ◽

Data Protection ◽

Personal Data ◽

Competition Law ◽

Legal Framework ◽

Single Market ◽

Constant Growth

Representatives of undertakings are familiar with the importance of carefully handling and protecting personal data. However, this does not lessen the importance of improving legislation regarding data management. Both the content and quantity of information have value and potentially determine the strength of the undertakings that can access such information. This influences the constant growth in demand to improve the legal framework. The consumers and institutions responsible for consumer protection are the main initiators and stakeholders of such demand. The constant growth in the amount of preserved data more sharply raises the questions about data protection. The potential risk raises proposals enabling a competition law in data protection. The article examines such possibility in the light of digital single market. This possibility is analyzed in the light of interaction between the data protection and competition law and covers trends on enabling competition law in data protection. To ensure proper data protection, cooperation among institutions should be encouraged.

Download Full-text

The Information and Data Protection Commissioner’s Effectiveness on Transparency

NISPAcee Journal of Public Administration and Policy ◽

10.1515/nispa-2016-0012 ◽

2016 ◽

Vol 9 (2) ◽

pp. 11-27

Author(s):

Dorina Ndreka Asllani

Keyword(s):

Public Administration ◽

Data Protection ◽

Personal Data ◽

External Control ◽

Main Role ◽

The Public ◽

Public Data ◽

The Uk ◽

The Right ◽

Supervise Control

Abstract The new Albanian law of 2014 “On the Right of Information” fully reformed the existing system regarding the obligation of the public-administration institutions to make available public data to any interested party. Inspired by Western European countries’ models like the UK, Sweden, Spain, Germany, etc. it created the Information and Data Protection Commissioner. Considered a special form of external control, the new Institution has the obligation to guarantee the citizens’ right to access public data and, at the same time, to have their personal data protected. The 2014 law makes considerable changes compared with the previous law by liberalizing the citizens’ access on public data, making it possible for anyone to request and obtain information considered public, without the need to explain their motives. Notwithstanding, the main novelty is the Information Commissioner, whose main role is to supervise, control and assist the new law implementation. Bearing this in mind, the aim of the paper is to analyze the activity of the Information Commissioner and its decision-making, in order to answer the question whether this new institution will be able to implement the new law and its ambitious objectives. The available data on complaints addressed to the Commissioner, their resolution’s modalities and the willingness of the Commissioner to decide when deemed necessary will help in assessing how effective the implementation of the new law and the new institution has been so far, considering that transparency is one of the main pillars of a responsible public administration.

Download Full-text

Can the GDPR and Freedom of Expression Coexist?

AJIL Unbound ◽

10.1017/aju.2019.77 ◽

2020 ◽

Vol 114 ◽

pp. 31-34

Author(s):

Nani Jansen Reventlow

Keyword(s):

Data Protection ◽

Data Privacy ◽

Freedom Of Expression ◽

Personal Information ◽

Personal Data ◽

Raw Material ◽

Individual Data ◽

General Data Protection Regulation ◽

General Data ◽

The Right

The General Data Protection Regulation (GDPR) imposes important transparency and accountability requirements on different actors who process personal data. This is great news for the protection of individual data privacy. However, given that “personal information and human stories are the raw material of journalism,” what does the GDPR mean for freedom of expression and especially for journalistic activity? This essay argues that, although EU states seem to have taken their data protection obligations under the GDPR seriously, efforts to balance this against the right to freedom of expression have been more uneven. The essay concludes that it is of key importance to ensure that the GDPR's safeguards for data privacy do not compromise a free press.

Download Full-text