Data Protection but Not Data Privacy

2022 ◽  
pp. 154-208
Keyword(s):  
Data Protection ◽  
Data Privacy

A Layered Approach to Jurisdiction

2017 ◽  
Author(s):  
Dan Jerker B. Svantesson
Keyword(s):  
Data Protection ◽  
Data Privacy ◽  
General Data Protection Regulation ◽  
Legal Rules ◽  
Privacy Laws ◽  
Scope Of Application ◽  
General Data ◽  
Layered Approach ◽  
Substantive Law

This chapter observes how it may be inappropriate to apply a single jurisdictional threshold to diverse instruments such as data privacy laws. In the light of this observation, a proposal is outlined for a ‘layered approach’ under which the substantive law rules of such instruments are broken up into different layers, with different jurisdictional thresholds applied to each such layer. This layered approach is discussed primarily as a technique to be utilized in legal drafting, but it may also be applied in the interpretation and application of legal rules. Article 3 of the European Union’s General Data Protection Regulation, which determines that regulation’s scope of application in a territorial sense, provides a particularly useful lens through which to approach this topic and, thus, the discussion is largely centred around that Article.

Biobanking for Neurodegenerative Diseases: Challenge for Translational Research and Data Privacy

2021 ◽  
pp. 107385842110366
Author(s):  
Emilia Giannella ◽  
Valentino Notarangelo ◽  
Caterina Motta ◽  
Giulia Sancesario
Keyword(s):  
Neurodegenerative Diseases ◽  
Translational Research ◽  
Data Protection ◽  
Biological Samples ◽  
Data Privacy ◽  
Neurological Diseases ◽  
Great Effort ◽  
General Data Protection Regulation ◽  
In Silico Studies

Biobanking has emerged as a strategic challenge to promote knowledge on neurological diseases, by the application of translational research. Due to the inaccessibility of the central nervous system, the advent of biobanks, as structure collecting biospecimens and associated data, are essential to turn experimental results into clinical practice. Findings from basic research, omics sciences, and in silico studies, definitely require validation in clinically well-defined cohorts of patients, even more valuable when longitudinal, or including preclinical and asymptomatic individuals. Finally, collecting biological samples requires a great effort to guarantee respect for transparency and protection of sensitive data of patients and donors. Since the European General Data Protection Regulation 2016/679 has been approved, concerns about the use of data in biomedical research have emerged. In this narrative review, we focus on the essential role of biobanking for translational research on neurodegenerative diseases. Moreover, we address considerations for biological samples and data collection, the importance of standardization in the preanalytical phase, data protection (ethical and legal) and the role of donors in improving research in this field.

Data Privacy and Security Law

2021 ◽  
pp. 327-347
Author(s):  
Fred Cate ◽  
Rachel Dockery
Keyword(s):  
Data Protection ◽  
Data Privacy ◽  
Critical Infrastructure ◽  
Government Information ◽  
Economic Data ◽  
Privacy And Security ◽  
Practical Matter ◽  
Personally Identifiable Information ◽  
Protection Legislation ◽  
New Challenges

This chapter discusses cybersecurity laws. Many measures employed to enhance cybersecurity pose a risk to privacy. In addition, data protection laws focus only on personally identifiable information, while cybersecurity is also concerned with securing economic data such as trade secrets and company databases, government information, and the systems that transmit and process information. As a practical matter, despite the prominence of security obligations in data protection legislation, these were often downplayed or ignored entirely until recent years. Only as cybersecurity threats became more pressing did regulators begin actively enforcing the security obligations found in most data protection laws. More recently, legislative bodies and regulators have begun adopting cybersecurity-specific obligations. However, even these have often mirrored or been combined with privacy protections, sometimes to the detriment of effective cybersecurity. The chapter describes major categories of cybersecurity law, including unfair or deceptive practices legislation, breach notification laws, and data destruction laws. It also considers the new focus on critical infrastructure and information sharing, the China Cybersecurity Law, and the new challenges to data privacy and security law.

Personal Data Privacy and Protection in the Meeting, Incentive, Convention, and Exhibition (MICE) Industry

2019 ◽  
pp. 440-466
Author(s):  
M. Fevzi Esen ◽  
Eda Kocabas
Keyword(s):  
Data Protection ◽  
Data Privacy ◽  
Information Technologies ◽  
Personal Data ◽  
Global Networks ◽  
New Developments ◽  
Personal Data Protection ◽  
Business Opportunities ◽  
Mice Industry ◽  
Industry Professionals

With the new developments in information technologies, personal and business data have become easily accessible through different channels. The huge amounts of personal data across global networks and databases have provided crucial benefits in a scientific manner and many business opportunities, also in the meeting, incentive, convention, and exhibition (MICE) industry. In this chapter, the authors focus on the analysis of MICE industry with regards to the new regulation (GDPR) of personal data protection of all EU citizens and how the industry professionals can adapt their way of business in light of this new regulation. The authors conducted an online interview with five different meetings industry professionals to have more insight about the data produced with its content and new regulations applied to the industry. The importance of personal data privacy and protection is discussed, and the most suitable anonymization techniques for personal data privacy are proposed.

Personal Data Privacy and Protection in the Meeting, Incentive, Convention, and Exhibition (MICE) Industry

2021 ◽  
pp. 1548-1574
Author(s):  
M. Fevzi Esen ◽  
Eda Kocabas
Keyword(s):  
Data Protection ◽  
Data Privacy ◽  
Information Technologies ◽  
Personal Data ◽  
Global Networks ◽  
New Developments ◽  
Personal Data Protection ◽  
Business Opportunities ◽  
Mice Industry ◽  
Industry Professionals

With the new developments in information technologies, personal and business data have become easily accessible through different channels. The huge amounts of personal data across global networks and databases have provided crucial benefits in a scientific manner and many business opportunities, also in the meeting, incentive, convention, and exhibition (MICE) industry. In this chapter, the authors focus on the analysis of MICE industry with regards to the new regulation (GDPR) of personal data protection of all EU citizens and how the industry professionals can adapt their way of business in light of this new regulation. The authors conducted an online interview with five different meetings industry professionals to have more insight about the data produced with its content and new regulations applied to the industry. The importance of personal data privacy and protection is discussed, and the most suitable anonymization techniques for personal data privacy are proposed.

Data privacy-related behavior and concerns of activity tracking technology users from Germany and the USA

2020 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Aylin Ilhan ◽  
Kaja J. Fietkiewicz
Keyword(s):  
Data Protection ◽  
Data Privacy ◽  
Online Survey ◽  
Privacy Policy ◽  
Activity Tracking ◽  
Broad Perspective ◽  
Content Type ◽  
The Usa ◽  
Technology Users ◽  
Tracking Technology

PurposeThis investigation aims to examine the differences and similarities between activity tracking technology users from two regions (the USA and Germany) in their intended privacy-related behavior. The focus lies on data handling after hypothetical discontinuance of use, data protection and privacy policy seeking, and privacy concerns.Design/methodology/approachThe data was collected through an online survey in 2019. In order to identify significant differences between participants from Germany and the USA, the chi-squared test and the Mann–Whitney U test were applied.FindingsThe intensity of several privacy-related concerns was significantly different between the two groups. The majority of the participants did not inform themselves about the respective data privacy policies or terms and conditions before installing an activity tracking application. The majority of the German participants knew that they could request the deletion of all their collected data. In contrast, only 35% out of 68 participants from the US knew about this option.Research limitations/implicationsThis study intends to raise awareness about managing the collected health and fitness data after stopping to use activity tracking technologies. Furthermore, to reduce privacy and security concerns, the involvement of the government, companies and users is necessary to handle and share data more considerably and in a sustainable way.Originality/valueThis study sheds light on users of activity tracking technologies from a broad perspective (here, participants from the USA and Germany). It incorporates not only concerns and the privacy paradox but (intended) user behavior, including seeking information on data protection and privacy policy and handling data after hypothetical discontinuance of use of the technology.

A Data Privacy Governance Model

2019 ◽  
Vol 10 (1) ◽  
pp. 74-93
Author(s):  
Margareth Stoll
Keyword(s):  
Corporate Governance ◽  
Data Protection ◽  
Data Privacy ◽  
Business Processes ◽  
Management Systems ◽  
Legal Compliance ◽  
Legal Requirements ◽  
General Data Protection Regulation ◽  
Governance Model ◽  
Information Security Governance

The importance of data privacy, information availability and integrity are increasingly recognized. The new EU general data protection regulation 679/2016 obligates stringent legal requirements with high sanctions for noncompliance. Most organizations worldwide are affected directly or indirectly. It requires overall a risk and evidence-based data privacy management as part of corporate governance. More than 1.6 million organizations worldwide are implementing a standard-based management system, such as ISO 9001 or others. To implement the new data protection regulation in an effective, efficient and sustainable way, the author provides design-oriented guidelines on how to integrate the legal requirements into standard based management systems. The holistic data privacy governance model integrates different information security governance frameworks with standard based management systems in order to comply the regulation. In that way data privacy is part of all strategic, tactical and operational business processes, promotes corporate governance, legal compliance and living data protection.

scholarly journals Data protection rules in the united states legal system

2020 ◽  
pp. 481-484
Author(s):  
Araz Poladov
Keyword(s):  
United States ◽  
Legal System ◽  
Data Protection ◽  
Data Privacy ◽  
Practical Importance ◽  
Personal Data ◽  
The United States ◽  
Right To Privacy ◽  
The Right To Privacy ◽  
The Right

Purpose of research: define the general characteristics of the protection of personal data; analysis of legislation and case law.Methods of research: analysis and study of regulatory documents containing provisions on protection of personal data.Results: normative and practical importance of personal data protection provisions in various legal acts has been underscored.The right to privacy strengthened its position in the United States in the late 19th century and is now recognized by most States.Although the right to privacy in the United States was originally a British political legacy, judicial decisions in England were more conservativeand cautious than those of U.S. courts. One of the important features of this law in the Anglo-Saxon legal system is that itwas previously formed by judicial precedents and legal doctrine. Also, the right to privacy was not among the rights provided for in theBill of Rights. In general, there is an industry-wide approach to data privacy in the United States. There is no specific federal law thatwould guarantee the confidentiality and protection of personal data. Instead, legislation at the federal level is dispersed and aims to protectdata in certain sectors. Judicial practice and court decisions taken at different times play an important role in regulating personaldata protection in the United States. It is also worth mentioning that until the 1970s, decisions of the U.S. courts did not provide thenecessary privacy protection safeguards.Discussion: offering a comprehensive and detailed study and use of this practice in other states.

scholarly journals Stats Entertainment, Part Two: Football Data Analytics, Data Privacy, and the Legal Issues on the Horizon

2021 ◽  
Author(s):  
Christopher A. Flanagan
Keyword(s):  
Intellectual Property ◽  
Data Protection ◽  
Data Analytics ◽  
Data Privacy ◽  
Contextual Information ◽  
Holistic Approach ◽  
Legal Issues ◽  
Performance Data ◽  
Data Protection Law ◽  
Player Performance

Data analytics has become a critical part of professional football.  It brings with it a number of challenging legal questions, brought into sharper focus by the reported ‘Project Red Card’ legal action, in which the legality of the systematised use of player performance data has been called into question.  Focussing on the position in English law, this two part article takes a holistic approach to assessing the legal issues presented by the data analytics movement.Part One set out contextual information on the development of data analytics in football, before examining whether the data produced in football are capable of ownership, either in raw format or after manipulation, taking into account the nature of property and intangible assets, relevant intellectual property laws, and non-IP protections. This Part Two goes on to consider the position in respect of data protection law (including FIFA’s Data Protection Regulations) before taking into account some broader legal issues, such as the application of competition law and the regulation of artificial intelligence.The conclusions of Part One and Part Two together are that the intellectual property rights position is broadly positive for data analysts, with legal protections capable of application in many circumstances.  However, data protection law presents a more complicated problem, with a number of challenging compliance obligations for the analytics community, albeit with scope to exploit player performance data where those obligations are met.

scholarly journals Delegation-Based Personal Data Processing Request Notarization Framework for GDPR Based on Private Blockchain

2021 ◽  
Vol 11 (22) ◽  
pp. 10574
Author(s):  
Sung-Soo Jung ◽  
Sang-Joon Lee ◽  
Ieck-Chae Euom
Keyword(s):  
Data Processing ◽  
Data Protection ◽  
Data Privacy ◽  
Personal Data ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Compliance Audit ◽  
General Data ◽  
Data Controller ◽  
Data Subject

With the growing awareness regarding the importance of personal data protection, many countries have established laws and regulations to ensure data privacy and are supervising managements to comply with them. Although various studies have suggested compliance methods of the general data protection regulation (GDPR) for personal data, no method exists that can ensure the reliability and integrity of the personal data processing request records of a data subject to enable its utilization as a GDPR compliance audit proof for an auditor. In this paper, we propose a delegation-based personal data processing request notarization framework for GDPR using a private blockchain. The proposed notarization framework allows the data subject to delegate requests to process of personal data; the framework makes the requests to the data controller, which performs the processing. The generated data processing request and processing result data are stored in the blockchain ledger and notarized via a trusted institution of the blockchain network. The Hypderledger Fabric implementation of the framework demonstrates the fulfillment of system requirements and feasibility of implementing a GDPR compliance audit for the processing of personal data. The analysis results with comparisons among the related works indicate that the proposed framework provides better reliability and feasibility for the GDPR audit of personal data processing request than extant methods.

Sign in / Sign up

Export Citation Format

Share Document