Scope of the Right to Erasure

Having laid the foundation of data protection empowerment in Chapter 2, this chapter zooms in on the GDPR’s scope of application in particular. It examines the territorial, material, and personal scope respectively, with a focus on the latter two because of their particular relevance in light of the book’s overall focus. What becomes very clear is how malleable and dynamic the nature of (personal) data is, something which will prove to be important with regard to making the right to erasure work in practice. This chapter also fleshes out the concept of controller, particularly in the context of information society services (ISS) with many different actors involved in processing the same personal data. It appears that from data subjects’ perspective, ISS providers will practically always be approachable with a right to erasure/object, even if not ultimately responsible or liable. Chapter 3 ends with describing four key derogations and exemptions in the GDPR, which may effectively lead to the inapplicability of the right to erasure. What appears from this chapter overall, is the importance of a granular and functional approach when determining the GDPR’s scope of application. This is all the more important in light of the growing complexity of the ecosystem, with many moving elements.

Open Questions on Balancing in the GDPR

The Right to Erasure in EU Data Protection Law ◽

10.1093/oso/9780198847977.003.0007 ◽

2020 ◽

pp. 390-416

Author(s):

Jef Ausloos

Keyword(s):

Data Protection ◽

Information Society ◽

Critical Appraisal ◽

Functional Approach ◽

Open Questions ◽

The Right ◽

Key Questions

This chapter discusses some of the loose ends that remain after the previous two chapters in Part II on Fair Balancing and Data Protection. In particular, it tries to frame answers to—or at the very least nuances—key questions arising from right-to-erasure-induced-balancing-acts in the information society service (ISS) context. After a critical appraisal of open-ended fair balancing in the data protection context, the chapter tackles questions such as how far ISS controllers’ responsibility to balance goes; whether the GDPR defines a balance that is biased towards data subjects; and whether the framework is not essentially ‘privatizing’ fair balancing. The last half of the chapter is dedicated to some important elements that nuance the aforementioned questions, and the debate on GDPR balancing by ISS controllers more broadly. It emphasizes the importance of taking into account the size and broader context in which large ISS providers operate; makes a critical appraisal of the merits and pitfalls of a granular and functional approach; shows how the GDPR essentially defers fair balancing; and explains the right to erasure should not be looked at as a binary (ie full erasure v unrestrained processing).

ESSENCE OF THE RIGHT TO PROTECTION OF PERSONAL DATA

10.36997/ppdd2021.96 ◽

2021 ◽

Author(s):

Zhivka Mateeva ◽

Keyword(s):

Human Rights ◽

Data Protection ◽

Information Society ◽

Personal Data ◽

Modern Life ◽

The Right To Privacy ◽

The Individual ◽

In the age of the information society, the possibilities for problems of personal data protection related to the danger and threat of adverse consequences for the individual are extremely high. Violation of the right of the individual in connection with the disclosure of personal data is an encroachment on privacy. This paper examines the nature of the right to the protection of personal data, which is an integral part of the right to privacy. On the basis of the analysis of the right to protection of personal data, its essential features, characteristic for the basic human rights, are derived. On this basis, the role of the right to personal data protection is outlined, finding application in various spheres of modern life.

Review of the right to self-determination of personal data in the AI era - based on the EU Personal Data Protection Act

Center for Public Interest & Human Rights Law Chonnam National University ◽

10.38135/hrlr.2021.26.123 ◽

2021 ◽

Vol 26 ◽

pp. 123-151

Author(s):

In-Seon Ham

Keyword(s):

Data Protection ◽

Personal Data ◽

Self Determination ◽

The Right ◽

The Eu

SOCRATES. Rīgas Stradiņa universitātes Juridiskās fakultātes elektroniskais juridisko zinātnisko rakstu žurnāls / SOCRATES. Rīga Stradiņš University Faculty of Law Electronic Scientific Journal of Law ◽

Personas datu aizsardzības mērķis un tiesiskā regulējuma vēsturiskā attīstība

10.25143/socr.13.2019.1.104-109 ◽

2019 ◽

Vol 1 (13) ◽

pp. 104-109

Author(s):

Agnese Reine-Vītiņa

Keyword(s):

Data Protection ◽

Personal Data ◽

European Countries ◽

Population Census ◽

Federal Republic Of Germany ◽

Right To Privacy ◽

The Right To Privacy ◽

The Government ◽

Mūsdienās tiesības uz privāto dzīvi nepieciešamas ikvienā demokrātiskā sabiedrībā, un šo tiesību iekļaušana konstitūcijā juridiski garantē fiziskas personas rīcības brīvību un vienlaikus arī citu – valsts pamatlikumā noteikto – cilvēka tiesību īstenošanu [5]. Personas datu aizsardzības institūts tika izveidots, izpratnes par tiesību uz personas privātās dzīves neaizskaramību saturu paplašinot 20. gadsimta 70. gados, kad vairāku Eiropas valstu valdības uzsāka informācijas apstrādes projektus, piemēram, tautas skaitīšanu u. c. Informācijas tehnoloģiju attīstība ļāva arvien vairāk informācijas par personām glabāt un apstrādāt elektroniski. Viena no tiesību problēmām bija informācijas vākšana par fizisku personu un tiesību uz privātās dzīves neaizskaramību ievērošana. Lai nodrošinātu privātās dzīves aizsardzību, atsevišķas Eiropas valstis pēc savas iniciatīvas pieņēma likumus par datu aizsardzību. Pirmie likumi par personas datu aizsardzību Eiropā tika pieņemti Vācijas Federatīvajā Republikā, tad Zviedrijā (1973), Norvēģijā (1978) un citur [8, 10]. Ne visas valstis pieņēma likumus par datu aizsardzību vienlaikus, tāpēc Eiropas Padome nolēma izstrādāt konvenciju, lai unificētu datu aizsardzības noteikumus un principus. Nowadays, the right to privacy is indispensable in every democratic society and inclusion of such rights in the constitution, guarantees legally freedom of action of a natural person and, simultaneously, implementation of other human rights established in the fundamental law of the state. The institute of personal data protection was established by expanding the understanding of the content of the right to privacy in the 70’s of the 19th century, when the government of several European countries initiated information processing projects, such as population census etc. For the development of information technology, more and more information on persons was kept and processed in electronic form. One of the legal problems was gathering of information on natural persons and the right to privacy. In order to ensure the protection of privacy, separate European countries, on their own initiative, established a law on data protection. The first laws on the protection of personal data in Europe were established in the Federal Republic of Germany, then in Sweden (1973), Norway (1978) and elsewhere. Not all countries adopted laws on data protection at the same time, so the Council of Europe decided to elaborate a convention to unify data protection rules and principles.

Personal Data Protection in Digital Libraries

E-Publishing and Digital Libraries ◽

10.4018/978-1-60960-031-0.ch019 ◽

2011 ◽

pp. 413-429

Author(s):

Ioannis Iglezakis

Keyword(s):

Data Protection ◽

Digital Libraries ◽

Personal Data ◽

Privacy Threats ◽

The Right To Privacy ◽

Library Users ◽

Personally Identifiable Information ◽

The Us ◽

Digital libraries provide many advantages compared with traditional libraries, such as wide and round the clock availability of resources, lack of physical boundaries, etc. However, the disclosure of personally identifiable information in the course of processing activities may lead to an invasion of privacy of library users, without their being aware of it. In fact, privacy threats are increased in the digital environment, in which digital libraries operate. The right to privacy in the library is “the right to open inquiry without having the subject of one’s interest examined or scrutinized by others” (ALA, 2005). Users of digital libraries have similar privacy expectations when making use of their services. The issues concerning the privacy of digital libraries’ patrons are thus addressed in comparative perspective, in this chapter. In more particular, the legal regulations with regard to data protection in digital libraries in the EU and the US are presented. The comparative analysis of the two legal orders shows differences and similarities, but also highlights loopholes of protection.

Electronic Medical Records as an Improvement to Comply with Data Protection Rules

International Journal of Reliable and Quality E-Healthcare ◽

10.4018/ijrqeh.2012070102 ◽

2012 ◽

Vol 1 (3) ◽

pp. 13-19

Author(s):

Ángel Igualada Menor ◽

Teresa Pereyra Caramé

Keyword(s):

Medical Care ◽

Electronic Medical Records ◽

Data Protection ◽

Medical Records ◽

Personal Data ◽

Medical Records Systems ◽

The right implementation and design of Electronic Medical Records Systems present an opportunity of improvement, since they provide the owners of personal data, who are under treatment in medical care activities, with the exercise of control over them; avoidance of any change; loss or non-authorised access, as well as availability safeguarding, and use in activities that are not strictly within welfare.

6. Individual rights and remedies

10.1093/he/9780198787556.003.0006 ◽

2017 ◽

Author(s):

Ian J. Lloyd

Keyword(s):

Data Protection ◽

Personal Data ◽

Individual Rights ◽

The Right ◽

To Receive

This chapter examines the rights that are specifically conferred upon data subjects and to the remedies which may be available in the event of any breach. The Data Protection Act 1998 provides in the sixth data protection principle that ‘Personal data shall be processed in accordance with the rights of data subjects under this Act’. Part II of the Act is entitled ‘Rights of Data Subjects and Others’ and provides for rights of access, the right to receive certain items of information, and rights either total or qualified to object to certain forms of processing of their personal data.

Applicable Law to Transnational Personal Data: Trends and Dynamics

German Law Journal ◽

10.1017/glj.2020.73 ◽

2020 ◽

Vol 21 (6) ◽

pp. 1283-1308

Author(s):

Jie (Jeanne) Huang

Keyword(s):

Data Protection ◽

Personal Data ◽

Chinese Media ◽

Applicable Law ◽

Regional Coordination ◽

The Law ◽

Model Law ◽

The Right ◽

The Eu

AbstractThe recent COVID-19 outbreak has pushed the tension of protecting personal data in a transnational context to an apex. Using a real case where the personal data of an international traveler was illegally released by Chinese media, this Article identifies three trends that have emerged at each stage of conflict-of-laws analysis for lex causae: (1) The EU, the US, and China characterize the right to personal data differently; (2) the spread-out unilateral applicable law approach comes from the fact that all three jurisdictions either consider the law for personal data protection as a mandatory law or adopt connecting factors leading to the law of the forum; and (3) the EU and China strongly advocate deAmericanization of substantive data protection laws. The trends and their dynamics provide valuable implications for developing the choice of laws for transnational personal data. First, this finding informs parties that jurisdiction is a predominant issue in data breach cases because courts and regulators would apply the law of the forum. Second, currently, there is no international treaty or model law on choice-of-law issues for transnational personal data. International harmonization efforts will be a long and difficult journey considering how the trends demonstrate not only the states’ irreconcilable interests but also how states may consider these interests as their fundamental values that they do not want to trade off. Therefore, for states and international organizations, a feasible priority is to achieve regional coordination or interoperation among states with similar values on personal data protection.

Right of Access under GDPR and Copyright

Masaryk University Journal of Law and Technology ◽

10.5817/mujlt2018-2-5 ◽

2018 ◽

Vol 12 (2) ◽

pp. 221-246

Author(s):

Angela Sobolčiaková

Keyword(s):

Data Protection ◽

Personal Data ◽

Case Law ◽

Main Question ◽

The Subject ◽

The Right ◽

Access Right ◽

Right Of Access ◽

Data Subject

The paper discusses the right to obtain a copy of personal data based on the access right guaranteed in Articles 15 (3) and limited in 15 (4) of the GDPR. Main question is to what extent, the access right provided to data subject under the data protection rules is compatible with copyright. We argue that the subject matter of Article 15 (3) of the GDPR - copy of personal data – may infringe copyright protection of third parties but not a copyright protection attributed to the data controllers.Firstly, because the right of access and copyright may be in certain circumstances incompatible. Secondly, the data controllers are primarily responsible for balancing conflicting rights and neutral balancing exercise could only be applied by the Data Protection Authorities. Thirdly, the case law of the CJEU regarding this issue will need to be developed because the copy as a result of access right may be considered as a new element in data protection law.

Data protection rules in the united states legal system

Law Review of Kyiv University of Law ◽

10.36695/2219-5521.2.2020.94 ◽

2020 ◽

pp. 481-484

Author(s):

Araz Poladov

Keyword(s):

United States ◽

Legal System ◽

Data Protection ◽

Data Privacy ◽

Practical Importance ◽

Personal Data ◽

The United States ◽

Right To Privacy ◽

The Right To Privacy ◽

Purpose of research: define the general characteristics of the protection of personal data; analysis of legislation and case law.Methods of research: analysis and study of regulatory documents containing provisions on protection of personal data.Results: normative and practical importance of personal data protection provisions in various legal acts has been underscored.The right to privacy strengthened its position in the United States in the late 19th century and is now recognized by most States.Although the right to privacy in the United States was originally a British political legacy, judicial decisions in England were more conservativeand cautious than those of U.S. courts. One of the important features of this law in the Anglo-Saxon legal system is that itwas previously formed by judicial precedents and legal doctrine. Also, the right to privacy was not among the rights provided for in theBill of Rights. In general, there is an industry-wide approach to data privacy in the United States. There is no specific federal law thatwould guarantee the confidentiality and protection of personal data. Instead, legislation at the federal level is dispersed and aims to protectdata in certain sectors. Judicial practice and court decisions taken at different times play an important role in regulating personaldata protection in the United States. It is also worth mentioning that until the 1970s, decisions of the U.S. courts did not provide thenecessary privacy protection safeguards.Discussion: offering a comprehensive and detailed study and use of this practice in other states.