Data Protection

2016 ◽  
Author(s):  
Jaani Riordan
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Almost All ◽  
Privacy And Confidentiality

This chapter examines the liability of internet intermediaries for contraventions of the data protection regime. Data protection duties, like those upholding rights of privacy and confidentiality, can impose significant burdens upon internet intermediaries. This is because much of the information in which these services deal will contain ‘personal data’, and in some cases sensitive personal data, while almost all of the activities undertaken by them will involve some form of ‘processing’ of those data.

scholarly journals Data Sharing Under the General Data Protection Regulation

Hypertension ◽  
2021 ◽  
Vol 77 (4) ◽  
pp. 1029-1035
Author(s):  
Antonia Vlahou ◽  
Dara Hallinan ◽  
Rolf Apweiler ◽  
Angel Argiles ◽  
Joachim Beige ◽  
...  
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Research Approach ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Protection Legislation ◽  
General Data ◽  
Almost All

The General Data Protection Regulation (GDPR) became binding law in the European Union Member States in 2018, as a step toward harmonizing personal data protection legislation in the European Union. The Regulation governs almost all types of personal data processing, hence, also, those pertaining to biomedical research. The purpose of this article is to highlight the main practical issues related to data and biological sample sharing that biomedical researchers face regularly, and to specify how these are addressed in the context of GDPR, after consulting with ethics/legal experts. We identify areas in which clarifications of the GDPR are needed, particularly those related to consent requirements by study participants. Amendments should target the following: (1) restricting exceptions based on national laws and increasing harmonization, (2) confirming the concept of broad consent, and (3) defining a roadmap for secondary use of data. These changes will be achieved by acknowledged learned societies in the field taking the lead in preparing a document giving guidance for the optimal interpretation of the GDPR, which will be finalized following a period of commenting by a broad multistakeholder audience. In parallel, promoting engagement and education of the public in the relevant issues (such as different consent types or residual risk for re-identification), on both local/national and international levels, is considered critical for advancement. We hope that this article will open this broad discussion involving all major stakeholders, toward optimizing the GDPR and allowing a harmonized transnational research approach.

scholarly journals Analyzing Remote Server Locations for Personal Data Transfers in Mobile Apps

2017 ◽  
Vol 2017 (1) ◽  
pp. 118-131 ◽  
Author(s):  
Mojtaba Eskandari ◽  
Bruno Kessler ◽  
Maqsood Ahmad ◽  
Anderson Santana de Oliveira ◽  
Bruno Crispo
Keyword(s):  
Mobile Devices ◽  
Data Protection ◽  
High Speed ◽  
Data Transfer ◽  
Mobile Apps ◽  
Personal Data ◽  
Analysis Tool ◽  
The European Union ◽  
Wide Range ◽  
Almost All

Abstract The prevalence of mobile devices and their capability to access high speed internet has transformed them into a portable pocket cloud interface. Being home to a wide range of users’ personal data, mobile devices often use cloud servers for storage and processing. The sensitivity of a user’s personal data demands adequate level of protection at the back-end servers. In this regard, the European Union Data Protection regulations (e.g., article 25.1) impose restriction on the locations of European users’ personal data transfer. The matter of concern, however, is the enforcement of such regulations. The first step in this regard is to analyze mobile apps and identify the location of servers to which personal data is transferred. To this end, we design and implement an app analysis tool, PDTLoc (Personal Data Transfer Location Analyzer), to detect violation of the mentioned regulations. We analyze 1, 498 most popular apps in the EEA using PDTLoc to investigate the data recipient server locations. We found that 16.5% (242) of these apps transfer users’ personal data to servers located at places outside Europe without being under the control of a data protection framework. Moreover, we inspect the privacy policies of the apps revealing that 51% of these apps do not provide any privacy policy while almost all of them contact the servers hosted outside Europe.

scholarly journals A Synopsis on Data Protection under the Nigerian Laws: Has the Universality of Right to Privacy Trickled Down to Nigeria?

2020 ◽  
Author(s):  
ABBA ELGUJJA
Keyword(s):  
Human Rights ◽  
Data Protection ◽  
Personal Data ◽  
African Union ◽  
Economic Community ◽  
Right To Privacy ◽  
Human Right ◽  
Personal Data Protection ◽  
Data Protection Law ◽  
Privacy And Confidentiality

The concept of personal data protection is no doubt, an off-shoot of the universal human right to privacy and confidentiality. Not only has it been ingrained under Article 12 of the Universal Declaration of Human Rights, but it has also been incorporated into most of the regional human rights conventions, charters, and treaties, except, of course, the African Charter on Human Rights (ACHR) to which Nigerian affiliates with. Despite its conspicuous absence in the ACHR, the revolution in the internet and information management technologies have prompted the African Union (AU), and the Economic Community of West Africa States (ECOWAS) to, respectively, create Convention and Act to regulate the processing of personal data.However, Nigeria has neither incorporated these treaties nor enacted a comprehensive data protection law. At best, Nigeria has a Data Protection Regulations, a Data Protection Bill, and scattered pieces of legislation regulating specific aspects of the processing of personal data.The question is, has the universal human right to privacy effectively trickled down to Nigeria? This chapter captures the issues at stake, and attempts to proffer suggestion.

One size doesn’t fit all: the General Data Protection Regulation vis-à-vis international commercial arbitration

2020 ◽  
Author(s):  
Gaurav Natarajan Ramani
Keyword(s):  
Dispute Resolution ◽  
Data Protection ◽  
Personal Data ◽  
Global Scale ◽  
Commercial Arbitration ◽  
International Commercial Arbitration ◽  
General Data Protection Regulation ◽  
Administrative Functions ◽  
General Data ◽  
Almost All

Abstract This article outlines potential issues posed by the European General Data Protection Regulation (GDPR) to international commercial arbitration proceedings and international arbitral institutions. The GDPR seeks to protect a natural person’s fundamental right against unlawful data processing. It applies widely and covers the processing of personal data in almost all types of services, irrespective of the nature of such service. The circumstances under which the GDPR allows for processing of personal data is limited to six categories. This article delves into the question of whether processing of personal data in an international commercial arbitration would be covered under this exhaustive list of lawful purposes. The analysis highlights how the application of the GDPR would present hurdles to commercial arbitration proceedings and global arbitral institutions, and argues that data protection laws must not be applied in a blanket manner without regard to the unique purposes of processing. The author also proposes necessary amendments to make room for the processing of personal data in private dispute resolution services such as arbitrations, and emphasizes on the need for special exemptions to allow administrative functions of arbitral institutions such as the ICC-Court of Arbitration as well. These exemptions are key to the functioning of private dispute resolution within Europe, and the expansion of arbitration as a form of private dispute resolution on a global scale.

Protection of Personal Data in Documents: Application of the Law on Personal Data Protection in Serbia and Abroad

2019 ◽  
Vol 2 (1) ◽  
pp. 106-115
Author(s):  
Mirjana Bogosavljević ◽  
Keyword(s):  
Data Protection ◽  
Social Life ◽  
Information Technologies ◽  
Personal Data ◽  
Point Of View ◽  
Information Control ◽  
Personal Data Protection ◽  
Computer Information Systems ◽  
Medical Reports ◽  
Almost All

The rapid and continuous development of information technologies that encompasses almost all spheres of social life, imposes the key issue of protecting the privacy personal data, the issue of their availability, the way of their storage, processing, transmission and use. The contemporary concept of privacy puts emphasis on information control, security and data protection in computer information systems. Protection of privacy primarily concerns the issue of protection against abuse, fraud, embezzlement and deliberate or accidental damage. This paper covers several key issues: what are the mechanisms for protecting personal data in documents; is it feasible to achieve higher security of computer systems in terms of data protection; is it possible to limit the distribution of certain types of data (medical reports, financial institutions, schools); what is done regarding data protection in terms of establishing laws, regulations and standards. From the point of view of archivists and archival staff in the era of digitalization of archival material when it becomes accessible and available for use, the protection of personal data in documents is certainly an issue that deserves special attention and consideration. The paper shall provide an overview on the up to date achievements in this field within the archival services in our country and abroad.

scholarly journals Role and Duty of an Archivist in the Chain of Social Responsibility for the Protection of Confidential Information and Personal Data

Atlanti ◽  
2016 ◽  
Vol 26 (1) ◽  
pp. 117-128
Author(s):  
Snežana Pejović
Keyword(s):  
Data Protection ◽  
General Public ◽  
New Technologies ◽  
Personal Data ◽  
Small States ◽  
Archival Material ◽  
Confidential Data ◽  
Privacy And Confidentiality ◽  
Archival Work ◽  
Modern Era

This paper deals with the role and responsibility of archivists in the modern era in which, primarily due to the application of new technologies, all data and pieces of information from current and archival records, including those personal and confidential ones, become potentially “visible”, i.e. available to the general public in any given moment. Dual responsibility of archivists is adduced in personal and confidential data protection: archivist as a creator / holder of current and archival records containing this kind of data, and as a custodian and processor of archival material of other creators and holders. Through various stages in the course of the performance of their professional archival work a degree of responsibility of archivists has been analysed in the protection of personal / confidential data. The need, as well as the importance of the regular alignment of the national archival regulations with other legal acts and recommendations concerning the above-mentioned areas have been pointed out. Also, the necessity of making detailed elaborated professional instructions-guidelines for archivists as to how, in the process of their professional work, to manage personal data and classified information contained in the current and archival records has been underlined. Some positive and negative practices in Montenegro are presented, with special reference to the specificities of the small states and their ability to fully implement international community directives and recommendations in the field of the protection of privacy and confidentiality.

Importance of Personal Data Protection Law for Commercial Air Transport

2017 ◽  
Vol 2017 (1) ◽  
pp. 35-44
Author(s):  
Dawid Zadura
Keyword(s):  
Data Protection ◽  
Public Information ◽  
Personal Data ◽  
Air Transport ◽  
Civil Aviation ◽  
Aviation Industry ◽  
Personal Data Protection ◽  
It Systems ◽  
Data Protection Law ◽  
The Law

Abstract In the review below the author presents a general overview of the selected contemporary legal issues related to the present growth of the aviation industry and the development of aviation technologies. The review is focused on the questions at the intersection of aviation law and personal data protection law. Massive processing of passenger data (Passenger Name Record, PNR) in IT systems is a daily activity for the contemporary aviation industry. Simultaneously, since the mid- 1990s we can observe the rapid growth of personal data protection law as a very new branch of the law. The importance of this new branch of the law for the aviation industry is however still questionable and unclear. This article includes the summary of the author’s own research conducted between 2011 and 2017, in particular his audits in LOT Polish Airlines (June 2011-April 2013) and Lublin Airport (July - September 2013) and the author’s analyses of public information shared by International Civil Aviation Organization (ICAO), International Air Transport Association (IATA), Association of European Airlines (AEA), Civil Aviation Authority (ULC) and (GIODO). The purpose of the author’s research was to determine the applicability of the implementation of technical and organizational measures established by personal data protection law in aviation industry entities.

Problems of establishment and development of the Institution of personal data protection in the Russian Federation: historical-legal aspect

2020 ◽  
pp. 28-35
Author(s):  
Yanis Arturovich Sekste ◽  
Anna Sergeevna Markevich
Keyword(s):  
Russian Federation ◽  
Data Protection ◽  
Information Technologies ◽  
Legal Aspect ◽  
Personal Data ◽  
Legal Regulation ◽  
Private Life ◽  
Russian Society ◽  
Personal Data Protection ◽  
The Russian Federation

The subject of this research is the problems emerging in the process of establishment and development of the Institution of personal data protection in the Russian Federation. Special attention is turned to the comparison of Soviet and Western models of protection of private life and personal data. The authors used interdisciplinary approach, as comprehensive and coherent understanding of socio-legal institution of personal data protection in the Russian Federation is only possible in inseparable connection with examination of peculiarities of the key historical stages in legal regulation of private life of the citizen. After dissolution of the Soviet political and legal system, the primary task of Russian law consisted in development and legal formalization of the institution of protection of human and civil rights and freedoms, first and foremost by means of restricting invasion of privacy by the state and enjoyment of personal freedom. It is concluded that the peculiarities of development of the new Russian political and legal model significantly impacted the formation of the institution of personal data protection in the Russian Federation. The authors believe that the Russian legislator and competent government branches are not always capable to manage the entire information flow of personal data; therefore, one of the priority tasks in modern Russian society is the permanent analysis and constant monitoring of the development of information technologies.

Sign in / Sign up

Export Citation Format

Share Document