Article 50 International cooperation for the protection of personal data

2020 ◽  
Author(s):  
Christopher Kuner
Keyword(s):  
International Cooperation ◽  
Data Protection ◽  
Personal Data ◽  
Member States ◽  
Eu Member States ◽  
Protection Legislation ◽  
Access Information ◽  
Article 50 ◽  
The Eu

Recital 6; Article 15(1)(c) (Right to access information about data recipients in third countries); Articles 70(1)(v) and (w) (Board’s tasks to facilitate exchanges with supervisory authorities in third countries and exchanges of knowledge on data protection legislation with supervisory authorities worldwide); Article 96 (Relationship with previously concluded agreements of the EU Member States).

scholarly journals GEOGRAPHIC DATA AS PERSONAL DATA IN FOUR EU MEMBER STATES

2016 ◽  
Vol III-2 ◽  
pp. 151-157 ◽  
Author(s):  
A. J. de Jong ◽  
B. van Loenen ◽  
J. A. Zevenbergen
Keyword(s):  
Data Protection ◽  
Large Scale ◽  
Personal Data ◽  
Topographic Maps ◽  
Member States ◽  
Eu Member States ◽  
Eu Directive ◽  
Geographic Data ◽  
Protection Legislation ◽  
The Eu

The EU Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data aims at harmonising data protection legislation in the European Union. This should promote the free flow of products and services within the EU. This research found a wide variety of interpretations of the application of data protection legislation to geographic data. The variety was found among the different EU Member States, the different stakeholders and the different types of geographic data. In the Netherlands, the Data Protection Authority (DPA) states that panoramic images of streets are considered personal data. While Dutch case law judges that the data protection legislation does not apply if certain features are blurred and no link to an address is provided. The topographic datasets studied in the case studies do not contain personal data, according to the Dutch DPA, while the German DPA and the Belgian DPA judge that topographic maps of a large scale can contain personal data, and impose conditions on the processing of topographic maps. The UK DPA does consider this data outside of the scope of legal definition of personal data. The patchwork of differences in data protection legislation can be harmonised by using a traffic light model. This model focuses on the context in which the processing of the data takes place and has four categories of data: (1) sensitive personal data, (2) personal data, (3), data that can possibly lead to identification, and (4) non-personal data. For some geographic data, for example factual data that does not reveal sensitive information about a person, can be categorised in the third category giving room to opening up data under the INSPIRE Directive.

scholarly journals GEOGRAPHIC DATA AS PERSONAL DATA IN FOUR EU MEMBER STATES

2016 ◽  
Vol III-2 ◽  
pp. 151-157
Author(s):  
A. J. de Jong ◽  
B. van Loenen ◽  
J. A. Zevenbergen
Keyword(s):  
Data Protection ◽  
Large Scale ◽  
Personal Data ◽  
Topographic Maps ◽  
Member States ◽  
Eu Member States ◽  
Eu Directive ◽  
Geographic Data ◽  
Protection Legislation ◽  
The Eu

The EU Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data aims at harmonising data protection legislation in the European Union. This should promote the free flow of products and services within the EU. This research found a wide variety of interpretations of the application of data protection legislation to geographic data. The variety was found among the different EU Member States, the different stakeholders and the different types of geographic data. In the Netherlands, the Data Protection Authority (DPA) states that panoramic images of streets are considered personal data. While Dutch case law judges that the data protection legislation does not apply if certain features are blurred and no link to an address is provided. The topographic datasets studied in the case studies do not contain personal data, according to the Dutch DPA, while the German DPA and the Belgian DPA judge that topographic maps of a large scale can contain personal data, and impose conditions on the processing of topographic maps. The UK DPA does consider this data outside of the scope of legal definition of personal data. The patchwork of differences in data protection legislation can be harmonised by using a traffic light model. This model focuses on the context in which the processing of the data takes place and has four categories of data: (1) sensitive personal data, (2) personal data, (3), data that can possibly lead to identification, and (4) non-personal data. For some geographic data, for example factual data that does not reveal sensitive information about a person, can be categorised in the third category giving room to opening up data under the INSPIRE Directive.

scholarly journals The practice of imposing administrative fines by the State Data Protection Inspectorate in the context of other EU Member States

2021 ◽  
Vol 44 (2) ◽  
pp. 153-169
Author(s):  
Aurimas Šidlauskas
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
The State ◽  
General Context ◽  
Member States ◽  
State Data ◽  
General Data Protection Regulation ◽  
Supervisory Authority ◽  
Eu Member States ◽  
The Eu

The implementation of the EU General Data Protection Regulation (hereinafter referred to as the Regulation), which, among other things, aims to eliminate disparities between national systems and to alleviate unnecessary administrative burdens, began on 25 May 2018. Each Member State is to ensure that there is one or more independent public authorities (hereinafter referred to as the supervisory authority) responsible for monitoring the implementation of the Regulation. In Lithuania, personal data protection is supervised by two authorities, namely by the State Data Protection Inspectorate (hereinafter referred to as the SDPI) and by the Office of the Inspector of Journalist Ethics. The powers conferred on the supervisory authorities by the Regulation are greater and broader in scope than those granted under previous data protection legislation. Organizations which process personal data must ensure compliance with the requirements laid down in the Regulation. A supervisory authority that violates the provisions of the Regulation may be faced with heavy administrative fines and other sanctions. This article analyzes the practice of imposing administrative fines in the EU and in Lithuania as compared to other EU Member States. The author of the article believes that evaluating the practice of imposing administrative fines by the SDPI within the general context of the EU shall enable one to search for the reasons behind the current situation, as well as to improve the processes the SDPI employs to perform functions associated with data protection supervision. The article uses generalization and comparative analysis of scientific literature, legal documents and statistical data.

scholarly journals The protection of customer personal data as an element of entrepreneurs’ ethical conduct

2018 ◽  
Vol 21 (7) ◽  
pp. 27-44
Author(s):  
Ewa Kulesza
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Business Practices ◽  
Process Data ◽  
Member States ◽  
Eu Member States ◽  
Eu Directive ◽  
The Law ◽  
The Right ◽  
The Eu

The right to the protection of personal data, which is part of the right to privacy, is a fundamental human right. Thus, its guarantees were included in the high-level regulations of the European Union as well as the legal norms of the EU Member States. The first Polish law regulating the protection of personal data was adopted in 1997 as the implementation of EU Directive 95/46. The law imposed a number of obligations on public and private entities which process personal data in order to protect the rights of data subjects and, in particular, to guarantee them the ability to control the correctness of processing of their personal data. Therefore, the law obliged data controllers to process data only on the basis of the premises indicated in the legislation, to adequately secure data, and to comply with the disclosure obligation concerning data subjects, including their right to correct false or outdated data or to request removal of data processed in violation of the law. However, as complaints directed by citizens to the supervisory body—the Inspector General for Personal Data Protection—showed, personal data controllers, especially those operating in the private sector, did not comply with the law, acting in a manner that violated their customers’ rights. In the hitherto existing unfair business practices of entrepreneurs, the violations of the data protection provisions that were the most burdensome for customers were related to preventing them from exercising their rights, including the right to control the processing of data, as well as the failure to provide the controller’s business address, which made it impossible for subjects whose data were used in violation of the law or for the inspecting authorities to contact the company, a lack of data security and a failure to follow the procedures required by law, the failure to secure documents containing personal data or their abandonment, a lack of updating customer data, the use of unverified data sets and sending marketing offers to deceased people or incorrect target recipients, and excessive amounts of data requested by controllers. The violations of the rights of data subjects recorded in Poland and other EU Member States—among other arguments—provided inspiration for the preparation of a new legal act in the form of the EU General Data Protection Regulation (GDPR) (which entered into force on 25 May 2018). The extension of the rights of people whose data are processed was combined in the GDPR with the introduction of new legal instruments disciplining data controllers. Instruments in the form of administrative fines and the strongly emphasised possibility to demand compensation for a violation of the right to data protection were directed in particular against economic entities violating the law.

The EU General Data Protection Regulation: How will it impact the regulation of research biobanks? Setting the legal frame in the Mediterranean and Eastern European area

2018 ◽  
Vol 18 (4) ◽  
pp. 241-255 ◽  
Author(s):  
Simone Penasa ◽  
Iñigo de Miguel Beriain ◽  
Carla Barbosa ◽  
Anna Białek ◽  
Theodora Chortara ◽  
...  
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Eastern European ◽  
Member States ◽  
General Data Protection Regulation ◽  
Eu Member States ◽  
European Area ◽  
General Data ◽  
The Mediterranean ◽  
The Eu

On 25 May 2018, the EU General Data Protection Regulation (GDPR) will come into force. As with the Data Protection Directive (95/46/EC), the regulation of biobanks for scientific research will be profoundly affected by this reform. Accordingly, a comparative survey of some of the existing national regulatory frameworks is of value to aid understanding of whether and how EU Member States will need to realign their systems to ensure compliance with the new Regulation. This article provides a comparison of the positions of Member States in the Mediterranean and Eastern European area, focusing especially on the existing regulatory framework on biobanks, the definition of personal and genetic data, the pseudonymization process, the processing of personal data for medical research purposes (and its impact on the right to consent of the individuals involved) and the secondary use of such data. The article concludes that effective implementation of the EU GDPR will represent a decisive catalyst for adaptive harmonization of biobanks regulation in the European framework.

scholarly journals The EU General Data Protection Regulation (GDPR)

2020 ◽  
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Privacy Regulation ◽  
General Data Protection Regulation ◽  
Data Protection Directive ◽  
Ongoing Work ◽  
Protection Legislation ◽  
Recent Reform ◽  
General Data ◽  
The Eu

This new book provides an article-by-article commentary on the new EU General Data Protection Regulation. Adopted in April 2016 and applicable from May 2018, the GDPR is the centrepiece of the recent reform of the EU regulatory framework for protection of personal data. It replaces the 1995 EU Data Protection Directive and has become the most significant piece of data protection legislation anywhere in the world. This book is edited by three leading authorities and written by a team of expert specialists in the field from around the EU and representing different sectors (including academia, the EU institutions, data protection authorities, and the private sector), thus providing a pan-European analysis of the GDPR. It examines each article of the GDPR in sequential order and explains how its provisions work, thus allowing the reader to easily and quickly elucidate the meaning of individual articles. An introductory chapter provides an overview of the background to the GDPR and its place in the greater structure of EU law and human rights law. Account is also taken of closely linked legal instruments, such as the Directive on Data Protection and Law Enforcement that was adopted concurrently with the GDPR, and of the ongoing work on the proposed new E-Privacy Regulation.

scholarly journals The GDPR as Global Data Protection Regulation?

AJIL Unbound ◽  
2020 ◽  
Vol 114 ◽  
pp. 5-9 ◽  
Author(s):  
Cedric Ryngaert ◽  
Mistale Taylor
Keyword(s):  
International Law ◽  
Data Protection ◽  
Personal Data ◽  
Fundamental Rights ◽  
General Data Protection Regulation ◽  
Data Protection Directive ◽  
Protection Legislation ◽  
General Data ◽  
Global Data ◽  
The Eu

The deterritorialization of the Internet and international communications technology has given rise to acute jurisdictional questions regarding who may regulate online activities. In the absence of a global regulator, states act unilaterally, applying their own laws to transborder activities. The EU's “extraterritorial” application of its data protection legislation—initially the Data Protection Directive (DPD) and, since 2018, the General Data Protection Regulation (GDPR)—is a case in point. The GDPR applies to “the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to: (a) the offering of goods or services . . . to such data subjects in the Union; or (b) the monitoring of their behaviour . . . within the Union.” It also conditions data transfers outside the EU on third states having adequate (meaning essentially equivalent) data protection standards. This essay outlines forms of extraterritoriality evident in EU data protection law, which could be legitimized by certain fundamental rights obligations. It then looks at how the EU balances data protection with third states’ countervailing interests. This approach can involve burdens not only for third states or corporations, but also for the EU political branches themselves. EU law viewed through the lens of public international law shows how local regulation is going global, despite its goal of protecting only EU data subjects.

Data Protection in the Federal Republic of Germany and the European Union: An Unequal Playing Field

2014 ◽  
Vol 15 (3) ◽  
pp. 461-494
Author(s):  
Anne-Marie Zell
Keyword(s):  
European Union ◽  
Data Protection ◽  
New Technologies ◽  
Location Based Services ◽  
Federal Republic Of Germany ◽  
The European Union ◽  
Member States ◽  
Eu Member States ◽  
Playing Field ◽  
The Eu

With the negotiation of its Data Protection Regulation, the European Union seeks to reform an outdated set of laws that has failed to address the evolving data protection challenges inherent in new technologies such as social networks, e-commerce, cloud computing, and location-based services. This article addresses the forthcoming Data Protection Regulation as well as the current state of data protection law in the EU, with a particular focus on Germany. The first part of the article examines Germany's robust data protection framework and the EU's existing authority. The article then raises key issues related to data protection in Germany and the EU—namely, discrepancies in data protection standards and enforcement among EU Member States—as illustrated by recent, high profile cases involving household names like Facebook, Apple, Google, and Amazon. Through this analysis, the article attempts to explain how and why companies doing business in Germany, but established in other EU Member States, are subject to less stringent data protection standards than German companies. Lastly, the article synthesizes the issues in debate with regard to the draft Data Protection Regulation and offers perspectives on what the Regulation could and should mean for data protection in the EU.

International Cooperation in Combating Human Trafficking in the EU: Evidence from Turkey

2012 ◽  
Vol 20 (1) ◽  
pp. 39-64 ◽  
Author(s):  
Gönül Oğuz
Keyword(s):  
National Security ◽  
Human Trafficking ◽  
International Cooperation ◽  
Organised Crime ◽  
Human Smuggling ◽  
Human Beings ◽  
Member States ◽  
Eu Member States ◽  
Irregular Migrants ◽  
The Eu

Human trafficking lies at the heart of international organised crime. It is concerned with profits in terms of the exploitation of human beings. It is an abuse of basic rights. The enormous interest and concern for trafficking and human struggling is factual evidence. In the EU, policy on irregular migration is driven by the perception that the member states risk being overwhelmed by large numbers of irregular migrants thought to constitute a threat to national security. This has implications for policy measures designed to combat trafficking and human smuggling, which may not work without international cooperation. In most cases, victims are brought to the EU member states from abroad. This creates a demand for international obligations for cooperation and related instruments for combating human smuggling and trafficking. Therefore, the member states and their law enforcement agencies cannot tackle human trafficking alone. A question arises as to whether Turkey can be a vital partner, based on the facts that it is a transit country, with a strong border and assuming that it has a role to play, through its expertise and its commitment to dealing with the effects of trafficking. Unfortunately, these facts are still overlooked, while disproportionately intensive efforts are expended on dealing with questions of national security by the member states. Combating illegal immigration and reducing and controlling migration are frequently seen through the magnifying glass of the struggle against human trafficking. This article focuses on the international factors involved and how the wider international community might be able to play an effective role in helping to tackle human trafficking. It argues that continued coordination and collaboration across the countries is vital. The article reviews the empirical evidence from Turkey, as non-EU/candidate countries' cooperation and assistance in human trafficking may have an important dimension.

Article 44 General principle for transfers

2020 ◽  
Author(s):  
Christopher Kuner
Keyword(s):  
General Principle ◽  
Data Transfer ◽  
Eu Law ◽  
Member States ◽  
Eu Member States ◽  
Article 50 ◽  
The Eu

Recital 6; recital 48; recital 102; Article 45 (Adequacy decision) (see too recitals 103–107); Article 46 (Transfers subject to appropriate safeguards) (see too recitals 108–109); Articles 4(20) and 47 (BCRs) (see too recital 110); Article 48 (Transfers not authorised by EU law) (see too recital 115); Article 49 (Derogations) (see too recitals 111–114); Article 50 (see too recital 116); Article 83(5)(c) (Fines for non-compliance with data transfer restrictions); Article 96 (Relationship with previously concluded agreements of the EU Member States).

Sign in / Sign up

Export Citation Format

Share Document