scholarly journals The European Metrology Cloud: Impact of European Regulations on Data Protection and the Free Flow of Non-Personal Data

2019 ◽  
Author(s):  
Florian Thiel ◽  
Jan Wetzlich
Keyword(s):  
Data Protection ◽  
Economies Of Scale ◽  
Personal Data ◽  
Single Market ◽  
Free Flow ◽  
The European Union ◽  
Legal Metrology ◽  
Market Strategy ◽  
System Architectures ◽  
Market Surveillance

New digital technologies, such as cloud computing, big data, artificial intelligence and the Internet of Things (IoT) are designed to maximize efficiency, enable economies of scale and develop new services. They offer benefits to users, such as agility, productivity, speed of deployment and autonomy. In the sector of Legal Metrology, it must be ensured that digital system architectures, digital services, and digital infrastructures are legally compatible. To benefit the stakeholders in this sector, the industry, the notified bodies and the market surveillance/verification authorities alike, the digital transformation of Legal Metrology shall remove barriers to innovation within the legal processes and reduce costs and time to market for new digital products. To this end a European consortium has formed to establish a digital quality infrastructure; the “European Metrology Cloud”, designed to support the processes of conformity assessment and market surveillance/verification and the development of reference architectures and new technology- and data-driven services for this infrastructure. With this approach, the digital single market that the European Commission envisions will be fostered. This article analyzes how recent regulations within the digital single market strategy of the commission - the Data Protection Police Directive (2016/679/EU) and the Regulation on a framework for the free flow of non-personal data in the European Union (Regulation (EU) 2018/1807) – may be integrated into the European Metrology Cloud initiative to, e.g. guaranty that its underlying Blockchain approach complies to these norms and exploit their benefits.

scholarly journals Artificial intelligence, Digital Single Market and the proposal of a right to fair and reasonable inferences: a legal issue between ethics and techniques

2019 ◽  
Vol 5 (2) ◽  
pp. 75-91
Author(s):  
Alexandre Veronese ◽  
Alessandra Silveira ◽  
Amanda Nunes Lopes Espiñeira Lemos
Keyword(s):  
Artificial Intelligence ◽  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Legal Framework ◽  
Single Market ◽  
Legal Issue ◽  
The European Union ◽  
European Union Law ◽  
General Data Protection Regulation

The article discusses the ethical and technical consequences of Artificial intelligence (hereinafter, A.I) applications and their usage of the European Union data protection legal framework to enable citizens to defend themselves against them. This goal is under the larger European Union Digital Single Market policy, which has concerns about how this subject correlates with personal data protection. The article has four sections. The first one introduces the main issue by describing the importance of AI applications in the contemporary world scenario. The second one describes some fundamental concepts about AI. The third section has an analysis of the ongoing policies for AI in the European Union and the Council of Europe proposal about ethics applicable to AI in the judicial systems. The fourth section is the conclusion, which debates the current legal mechanisms for citizens protection against fully automated decisions, based on European Union Law and in particular the General Data Protection Regulation. The conclusion will be that European Union Law is still under construction when it comes to providing effective protection to its citizens against automated inferences that are unfair or unreasonable.

scholarly journals Protección de datos y privacidad. Estudio comparado del concepto y su desarrollo entre la Unión Europea y Estados Unidos

2020 ◽  
pp. 687 ◽  
Author(s):  
Itziar Sobrino García
Keyword(s):  
United States ◽  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
The United States ◽  
Free Flow ◽  
The European Union ◽  
Legal Concept ◽  
Normative Development ◽  
The Usa

En el presente estudio se realiza un análisis del concepto legal de protección datos tanto a nivel normativo en la Unión Europa como en Estados Unidos, al igual que una breve visión de su evolución legislativa. El largo desarrollo teórico y normativo que ha habido en la Unión Europea deja entrever la importancia de la identidad digital de sus ciudadanos, mientras que la legislación norteamericana, más esparcida y sectorial, revela la fuerza que otorga al libre flujo de datos entre las entidades mercantiles. La importancia del presente estudio reside en que la comprensión de la concepción sobre la protección de datos en ambos sistemas, permitirá tener una mejor perspectiva sobre las debilidades y fortalezas que puedan existir en los acuerdos entre la Unión Europea y EE. UU. In the present study, an analysis of data protection as a legal concept is carried out in the European Union and in the United States, as well as a brief overview of its legislative evolution. The theoretical and normative development that has taken place in the European Union reveals the importance of the digital identity of its citizens. Nevertheless, due to the characteristics of the American legislation, the free flow of data between entities has more strength. The importance of this study lies in the fact that the understanding of the data protection concept in both systems will allow us to have a better perspective on the weaknesses and strengths that may exist in the agreements for the transfer of personal data between the European Union and the USA.

scholarly journals Data Protection Impact Assessment (DPIA) for Cloud-Based Health Organizations

2021 ◽  
Vol 13 (3) ◽  
pp. 66
Author(s):  
Dimitra Georgiou ◽  
Costas Lambrinoudakis
Keyword(s):  
Impact Assessment ◽  
Data Protection ◽  
Gap Analysis ◽  
Health Care Organization ◽  
Personal Data ◽  
Care Organization ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Compliance Level

The General Data Protection Regulation (GDPR) harmonizes personal data protection laws across the European Union, affecting all sectors including the healthcare industry. For processing operations that pose a high risk for data subjects, a Data Protection Impact Assessment (DPIA) is mandatory from May 2018. Taking into account the criticality of the process and the importance of its results, for the protection of the patients’ health data, as well as the complexity involved and the lack of past experience in applying such methodologies in healthcare environments, this paper presents the main steps of a DPIA study and provides guidelines on how to carry them out effectively. To this respect, the Privacy Impact Assessment, Commission Nationale de l’Informatique et des Libertés (PIA-CNIL) methodology has been employed, which is also compliant with the privacy impact assessment tasks described in ISO/IEC 29134:2017. The work presented in this paper focuses on the first two steps of the DPIA methodology and more specifically on the identification of the Purposes of Processing and of the data categories involved in each of them, as well as on the evaluation of the organization’s GDPR compliance level and of the gaps (Gap Analysis) that must be filled-in. The main contribution of this work is the identification of the main organizational and legal requirements that must be fulfilled by the health care organization. This research sets the legal grounds for data processing, according to the GDPR and is highly relevant to any processing of personal data, as it helps to structure the process, as well as be aware of data protection issues and the relevant legislation.

scholarly journals Data Sharing Under the General Data Protection Regulation

Hypertension ◽  
2021 ◽  
Vol 77 (4) ◽  
pp. 1029-1035
Author(s):  
Antonia Vlahou ◽  
Dara Hallinan ◽  
Rolf Apweiler ◽  
Angel Argiles ◽  
Joachim Beige ◽  
...  
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Research Approach ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Protection Legislation ◽  
General Data ◽  
Almost All

The General Data Protection Regulation (GDPR) became binding law in the European Union Member States in 2018, as a step toward harmonizing personal data protection legislation in the European Union. The Regulation governs almost all types of personal data processing, hence, also, those pertaining to biomedical research. The purpose of this article is to highlight the main practical issues related to data and biological sample sharing that biomedical researchers face regularly, and to specify how these are addressed in the context of GDPR, after consulting with ethics/legal experts. We identify areas in which clarifications of the GDPR are needed, particularly those related to consent requirements by study participants. Amendments should target the following: (1) restricting exceptions based on national laws and increasing harmonization, (2) confirming the concept of broad consent, and (3) defining a roadmap for secondary use of data. These changes will be achieved by acknowledged learned societies in the field taking the lead in preparing a document giving guidance for the optimal interpretation of the GDPR, which will be finalized following a period of commenting by a broad multistakeholder audience. In parallel, promoting engagement and education of the public in the relevant issues (such as different consent types or residual risk for re-identification), on both local/national and international levels, is considered critical for advancement. We hope that this article will open this broad discussion involving all major stakeholders, toward optimizing the GDPR and allowing a harmonized transnational research approach.

scholarly journals Location Privacy in the Wake of the GDPR

2019 ◽  
Author(s):  
Yola Georgiadou ◽  
Rolf de By ◽  
Ourania Kounadi
Keyword(s):  
Data Protection ◽  
Location Privacy ◽  
Cultural Theory ◽  
Personal Data ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Digital Ecosystem ◽  
Protection Legislation ◽  
General Data ◽  
Conducting Research

The General Data Protection Regulation (GDPR) protects the personal data of natural persons and at the same time allows the free movement of such data within the European Union (EU). Hailed as majestic by admirers and dismissed as protectionist by critics, the Regulation is expected to have a profound impact around the world, including in the African Union (AU). For European–African consortia conducting research that may affect the privacy of African citizens, the question is ‘how to protect personal data of data subjects while at the same time ensuring a just distribution of the benefits of a global digital ecosystem?’ We use location privacy as a point of departure, because information about an individual’s location is different from other kinds of personally identifiable information. We analyse privacy at two levels, individual and cultural. Our perspective is interdisciplinary: we draw from computer science to describe three scenarios of transformation of volunteered/observed information to inferred information about a natural person and from cultural theory to distinguish four privacy cultures emerging within the EU in the wake of GDPR. We highlight recent data protection legislation in the AU and discuss factors that may accelerate or inhibit the alignment of data protection legislation in the AU with the GDPR.

Human rights and biometric data. Social credit system

2020 ◽  
pp. 36-50
Author(s):  
Olga O. Bazina
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Pilot Project ◽  
The European Union ◽  
Credit System ◽  
Biometric Data ◽  
General Data Protection Regulation ◽  
Social Credit ◽  
The Social

Biometrics, as a field of science, analyzes the physical and behavioral characteristics of people in order to identify their personality. A huge amount of technology in the field of biometric data collection is developed by IT giants like Google, Facebook, or Alibaba. The European Union (EU) took an important step towards biometric data confidentiality by developing a unified law on the protection of personal data (General Data Protection Regulation, GDPR). The main goal of this action is to return control over personal data to European citizens and at the same time simplify the regulatory legal basis for companies. While European countries and organisations are introducing the GDPR into force, China since 2016 has launched a social credit system as a pilot project. The Social Credit Score (SCS) is based on collecting the maximum amount of data about citizens and assessing the reliability of residents based on their financial, social and online behavior. Only critical opinions can be read about the social credit system in European literature, although the opinions of persons being under this system – Chinese citizens – are quite positive. In this context, we should not forget about the big difference in the mentality of Asians and Europeans. The aim of this article is to compare EU law and the legislation of the People's Republic of China regarding the use and storage of biometric data. On the basis of statistical data and materials analysed, key conclusions will be formulated, that will allow to indicate differences in the positions of state institutions and the attitude of citizens to the issue of personal data protection in China and the European Union.

scholarly journals The European Union’s Passenger Name Record Data Directive 2016/681: Is it Fit for Purpose?

2017 ◽  
Vol 17 (1) ◽  
pp. 78-106 ◽  
Author(s):  
David Lowe
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
The European Union ◽  
Personal Data Protection ◽  
Serious Crime ◽  
Court Of Justice ◽  
Record Data ◽  
Fit For Purpose

In 2016 the European Union (eu) introduced a Passenger Name Record Data (pnr) Directive. There has been controversy in the eu over the acquisition and sharing of pnr data, related mainly to the lack of safeguards and protection of personal data protection. This article examines these issues related to earlier eu pnr agreements with third countries and why previous eu attempts to legislate in this area failed. By drawing a comparison with the 2011 pnr Directive proposal, the article argues that by meeting the strict eu law on data protection as well as being necessary to assist in preventing and detecting acts of terrorism and serious crime it is submitted the 2016 Directive is fit for purpose and able to withstand scrutiny by the Court of Justice of the European Union.

scholarly journals ESTUDO SOBRE A REALIZAÇÃO DO DIREITO DA PROTECÇÃO DE DADOS PESSOAIS ATRAVÉS DA JURISPRUDÊNCIA DO TRIBUNAL DE JUSTIÇA DA UNIÃO EUROPEIA

2020 ◽  
Vol 29 (1) ◽  
Author(s):  
Rita De Sousa Costa
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Case Law ◽  
Legal Framework ◽  
The European Union ◽  
Personal Data Protection ◽  
Court Of Justice ◽  
European Data ◽  
Data Protection Law

[PT]No presente texto, apresentamos as grandes linhas de aplicação do direito europeu da protecção de dados conforme gizadas pela jurisprudência do TJUE, com o objectivo de demonstrar como e em que medida este Tribunal modelou – e continua a modelar – o quadro jurídico em vigor, na certeza de que aquela jurisprudência impõe um conjunto de desafios determinantes para a realização material do direito europeu da protecção de dados pessoais. [ESP]Este texto presenta las líneas generales de la aplicación de la legislación europea de protección de datos tal como se establece en la jurisprudencia del TJUE, con el objetivo de demostrar cómo y en qué medida este Tribunal ha configurado -y sigue configurando- el marco jurídico vigente, con la certeza de que la dicha jurisprudencia plantea una serie de retos cruciales para la aplicación material del derecho europeo de la protección de datos personales. [ENG]This text outlines the implementation of the European data protection law as laid down in the case-law of the Court of Justice of the European Union, with the aim of demonstrating how and to what extent the Court has shaped – and continues to shape – the current legal framework. The case-law analysed points out a plethora of challenges which are key to the implementation of the European personal data protection law.

Sign in / Sign up

Export Citation Format

Share Document