THE NORMS OF ALGORITHMIC CREDIT SCORING

2021 ◽  
Vol 80 (1) ◽  
pp. 42-73
Author(s):  
Nikita Aggarwal
Keyword(s):  
Data Protection ◽  
Credit Markets ◽  
Consumer Credit ◽  
Credit Scoring ◽  
Allocative Efficiency ◽  
Personal Data ◽  
Consumer Privacy ◽  
Trade Offs ◽  
Distributional Fairness ◽  
Existing Data

AbstractThis article examines the growth of algorithmic credit scoring and its implications for the regulation of consumer credit markets in the UK. It constructs a frame of analysis for the regulation of algorithmic credit scoring, bound by the core norms underpinning UK consumer credit and data protection regulation: allocative efficiency, distributional fairness and consumer privacy (as autonomy). Examining the normative trade-offs that arise within this frame, the article argues that existing data protection and consumer credit frameworks do not achieve an appropriate normative balance in the regulation of algorithmic credit scoring. In particular, the growing reliance on consumers’ personal data by lenders due to algorithmic credit scoring, coupled with the ineffectiveness of existing data protection remedies has created a data protection gap in consumer credit markets that presents a significant threat to consumer privacy and autonomy. The article makes recommendations for filling this gap through institutional and substantive regulatory reforms.

Privacy Concerns and Consumer Willingness to Provide Personal Information

2000 ◽  
Vol 19 (1) ◽  
pp. 27-41 ◽  
Author(s):  
Joseph Phelps ◽  
Glen Nowak ◽  
Elizabeth Ferrell
Keyword(s):  
Public Policy ◽  
Personal Information ◽  
Direct Marketing ◽  
Personal Data ◽  
Privacy Concerns ◽  
Consumer Privacy ◽  
Trade Offs ◽  
Situational Characteristics ◽  
Information Type

The authors examine potential relationships among categories of personal information, beliefs about direct marketing, situational characteristics, specific privacy concerns, and consumers’ direct marketing shopping habits. Furthermore, the authors offer an assessment of the trade-offs consumers are willing to make when they exchange personal information for shopping benefits. The findings indicate that public policy and self-regulatory efforts to alleviate consumer privacy concerns should provide consumers with more control over the initial gathering and subsequent dissemination of personal information. Such efforts must also consider the type of information sought, because consumer concern and willingness to provide marketers with personal data vary dramatically by information type.

scholarly journals Apply or not to apply?

2020 ◽  
Vol 4 (2) ◽  
pp. 81-94
Author(s):  
Matúš Mesarčík
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
The European Union ◽  
Privacy Regulation ◽  
New Era ◽  
General Data Protection Regulation ◽  
Consumer Privacy ◽  
Privacy Act ◽  
General Data ◽  
The Eu

A new era of data protection laws arises after the adoption of the General Data Protection Regulation (GDPR) in the European Union. One of the newly adopted regulations of processing of personal data is Californian Consumer Privacy Act commonly referred to as CCPA. The article aims to fill the gap considering a deep analysis of the territorial scope of both acts and practical consequences of the application. The article starts with a brief overview of privacy regulation in the EU and USA. Introduction to GDPR and CCPA follows focusing on the territorial scope of respective legislation. Three scenarios of applicability are derived in the following part including practical examples.

scholarly journals The Urgency of the Personal Data Protection Law as an Instrument to Prevent Misuse of Personal Data in StartUp Companies

2021 ◽  
Vol 04 (12) ◽  
Author(s):  
Dian Firja Ameliani ◽  
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Security And Privacy ◽  
Consumer Privacy ◽  
Personal Data Protection ◽  
The People ◽  
Start Up ◽  
Data Protection Law ◽  
Transaction Security ◽  
Start Ups

The E-Commerce progress during the Covid-19 pandemic, has had an impact on the emergence of many startup companies such as Tokopedia, Gojek, Traveloka, and Bukalapak. There are legal problems caused by the emergence of these start-ups. One of the serious problems it causes is maintaining consumer privacy from start-up companies. A large number of applications are used, making it easier for companies to obtain their consumers' data. This raises the possibility of leakage of consumer personal data, the possibility that will arise needs to be considered regarding the guarantee of transaction security and privacy, namely the protection of consumer personal data which can cause problems in the future if data leaks occur. The discussion in this article is how the problems with consumer personal data in start-up companies are and how important the Law on personal data protection is as an effort to protect consumer personal data for start-up companies. However, Indonesia still does not have a law that specifically regulates the protection of personal data, where this law is urgently needed at this time as a legal umbrella for the people of Indonesia.

Article 91 Existing data protection rules of churches and religious associations

2020 ◽  
Author(s):  
Luca Tosoni
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Supervisory Authority ◽  
Article 9 ◽  
Religious Associations ◽  
Definition Of ◽  
Existing Data

Article 4(21) (Definition of ‘supervisory authority’); Article 9(2)(d) (Processing of special categories of personal data by religious organisations); Articles 51–59 (Independent supervisory authorities); Article 99 (Entry into force and application).

A study on the personal data processing and the UCPD: Focused on Italy, Germany and the UK

2020 ◽  
pp. 1023263X2096149
Author(s):  
Maja Nisevic
Keyword(s):  
Big Data ◽  
Data Processing ◽  
Consumer Protection ◽  
Data Protection ◽  
Big Data Analytics ◽  
Personal Data ◽  
The European Union ◽  
Consumer Privacy ◽  
Commercial Practice ◽  
Unfair Commercial Practice

Manipulation with Big Data Analytics allows commercial exploitation of individuals based on unfair commercial practices. Consequently, the concepts of consumer protection are essential in the data-driven economy and a central issue for effective safety for individuals in the Big Data Age. Although the fields of consumer protection and data protection in the European Union (EU) have developed separately, there is an unambiguous relationship between them. While the GDPR plays a crucial role in an individual’s data protection in a case of personal data processing, Directive 2005/29/EC (UCPD) plays an essential role in regulating an individual’s protection from the unfair commercial practice when it comes to personal data processing. A vital aspect of the UCPD is the enforcement of issues related to consumer privacy. However, a much-debated question is whether the UCPD is fully effective or not when it comes to personal data processing. This paper examines case law examples on WhatsApp and Facebook in Italy, Germany and the United Kingdom. This paper also aims to come to a conclusion on the issue of the applicability of the rules on unfair commercial practice when it comes to data processing.

scholarly journals When Data Protection by Design and Data Subject Rights Clash

2018 ◽  
Author(s):  
Michael Veale ◽  
Reuben Binns ◽  
Jef Ausloos
Keyword(s):  
Data Protection ◽  
Data Privacy ◽  
Personal Data ◽  
Large Data ◽  
Holistic Approach ◽  
Privacy By Design ◽  
Privacy Law ◽  
Ex Post ◽  
Trade Offs ◽  
Data Subject

Cite as: Michael Veale, Reuben Binns and Jef Ausloos (2018) When Data Protection by Design and Data Subject Rights Clash. International Data Privacy Law (2018) doi:10.1093/idpl/ipy002. [Note: An earlier draft was entitled "We Can't Find Your Data, But A Hacker Could: How 'Privacy by Design' Trades-Off Data Protection Rights"]Abstract➔Data Protection by Design (DPbD), a holistic approach to embedding principles in technical and organisational measures undertaken by data controllers, building on the notion of Privacy by Design, is now a qualified duty in the GDPR.➔Practitioners have seen DPbD less holistically, instead framing it through the confidentiality-focussed lens of Privacy Enhancing Technologies (PETs).➔While focussing primarily on confidentiality risk, we show that some DPbD strategies deployed by large data controllers result in personal data which, despite remaining clearly reidentifiable by a capable adversary, make it difficult for the controller to grant data subjects rights (eg access, erasure, objection) over for the purposes of managing this risk.➔Informed by case studies of Apple's Siri voice assistant and Transport for London's Wi-Fi analytics, we suggest three main ways to make deployed DPbD more accountable and data subject-centric: building parallel systems to fulfil rights, including dealing with volunteered data; making inevitable trade-offs more explicit and transparent through Data Protection Impact Assessments; and through ex ante and ex post information rights (arts 13-15), which we argue may require the provision of information concerning DPbD trade-offs.➔Despite steep technical hurdles, we call both for researchers in PETs to develop rigorous techniques to balance privacy-as-control with privacy-as-confidentiality, and for DPAs to consider tailoring guidance and future frameworks to better oversee the trade-offs being made by primarily well-intentioned data controllers employing DPbD.

scholarly journals To What Extent are Consumers Harmed in the Digital Market from the Perspective of the GDPR?

2021 ◽  
Vol 04 (08) ◽  
Author(s):  
Ammar Younas ◽  
Keyword(s):  
Data Processing ◽  
Data Protection ◽  
Personal Data ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Legal Instrument ◽  
Protection Legislation ◽  
High Level ◽  
Existing Data ◽  
The Eu

The European Union has recently enacted a new law, the General Data Protection Regulation (GDPR),1 which is designed to strengthen existing data protection legislation in the EU. The selection of Regulation itself as a legal instrument makes the GDPR stronger than Directive as it ensures a uniform and consistent implementation of rules thereby, consolidating the EU digital single market. The GDPR reforms existing data protection policy by imposing more stringent obligations on not only data controllers but also on data processors relating to obtaining a valid consent,2 ensuring transparency of automated decision making3 and security of data processing,4 and by providing new rights for data subjects. Data subjects are entitled to withdraw their consent,5 request their data to be transferred to another data controller6 or to be deleted.7 Also, the GDPR includes certain principles aimed at regulating its cross border transfers of the EU citizens’ personal data to ensure a high level of protection outside the EU.8 Taking into account the above mentioned policies along with others, some scholars describe the GDPR as ‘the most consequential regulatory development in information policy in generation’ that has teeth.9 However, the GDPR cannot be claimed as a legal instrument that effectively deals with all threats of the digital market to consumers. This paper argues that although the GDPR has considerably expanded the rights of consumers thereby, enabling them to regain control over their personal data to certain extent, the effectiveness of its principles is limited and cannot ensure full security of data processing. Firstly, it examines the effectiveness of consent principle of the GDPR in empowering consumers to control over their data and make a genuine choice. Secondly, it analyzes “data control-rights” of consumers. Finally, it comprehensively discusses extraterritorial application of the GDPR and regulation of international transfers of data.

Importance of Personal Data Protection Law for Commercial Air Transport

2017 ◽  
Vol 2017 (1) ◽  
pp. 35-44
Author(s):  
Dawid Zadura
Keyword(s):  
Data Protection ◽  
Public Information ◽  
Personal Data ◽  
Air Transport ◽  
Civil Aviation ◽  
Aviation Industry ◽  
Personal Data Protection ◽  
It Systems ◽  
Data Protection Law ◽  
The Law

Abstract In the review below the author presents a general overview of the selected contemporary legal issues related to the present growth of the aviation industry and the development of aviation technologies. The review is focused on the questions at the intersection of aviation law and personal data protection law. Massive processing of passenger data (Passenger Name Record, PNR) in IT systems is a daily activity for the contemporary aviation industry. Simultaneously, since the mid- 1990s we can observe the rapid growth of personal data protection law as a very new branch of the law. The importance of this new branch of the law for the aviation industry is however still questionable and unclear. This article includes the summary of the author’s own research conducted between 2011 and 2017, in particular his audits in LOT Polish Airlines (June 2011-April 2013) and Lublin Airport (July - September 2013) and the author’s analyses of public information shared by International Civil Aviation Organization (ICAO), International Air Transport Association (IATA), Association of European Airlines (AEA), Civil Aviation Authority (ULC) and (GIODO). The purpose of the author’s research was to determine the applicability of the implementation of technical and organizational measures established by personal data protection law in aviation industry entities.

Sign in / Sign up

Export Citation Format

Share Document