In/acceptable marketing and consumers' privacy expectations: four tests from EU data protection law

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Gianclaudio Malgieri
Keyword(s):  
Data Protection ◽  
Legal Framework ◽  
Online Marketing ◽  
Step Test ◽  
The European Union ◽  
Content Type ◽  
General Data Protection Regulation ◽  
Managerial Implications ◽  
Data Protection Law ◽  
Legal Frameworks

Purpose This study aims to discover the legal borderline between licit online marketing and illicit privacy-intrusive and manipulative marketing, considering in particular consumers’ expectations of privacy. Design/methodology/approach A doctrinal legal research methodology is applied throughout with reference to the relevant legislative frameworks. In particular, this study analyzes the European Union (EU) data protection law [General Data Protection Regulation (GDPR)] framework (as it is one of the most advanced privacy laws in the world, with strong extra-territorial impact in other countries and consequent risks of high fines), as compared to privacy scholarship on the field and extract a compliance framework for marketers. Findings The GDPR is a solid compliance framework that can help to distinguish licit marketing from illicit one. It brings clarity through four legal tests: fairness test, lawfulness test, significant effect test and the high-risk test. The performance of these tests can be beneficial to consumers and marketers in particular considering that meeting consumers’ expectation of privacy can enhance their trust. A solution for marketers to respect and leverage consumers’ privacy expectations is twofold: enhancing critical transparency and avoiding the exploitation of individual vulnerabilities. Research limitations/implications This study is limited to the European legal framework scenario and to theoretical analysis. Further research is necessary to investigate other legal frameworks and to prove this model in practice, measuring not only the consumers’ expectation of privacy in different contexts but also the practical managerial implications of the four GDPR tests for marketers. Originality/value This study originally contextualizes the most recent privacy scholarship on online manipulation within the EU legal framework, proposing an easy and accessible four-step test and twofold solution for marketers. Such a test might be beneficial both for marketers and for consumers’ expectations of privacy.

The Personal Data Protection Bill, 2018: India’s regulatory journey towards a comprehensive data protection law

2020 ◽  
Vol 28 (1) ◽  
pp. 1-19
Author(s):  
Deva Prasad M ◽  
Suchithra Menon C
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Legal Framework ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Supreme Court Of India ◽  
Indian Context ◽  
General Data ◽  
Data Protection Law

Abstract This article analyses the relevance of Personal Data Protection Bill, 2018 for developing a data protection legal framework in India. In this regard, the article attempts to analyse the evolution process of comprehensive personal data protection law in the Indian context. The manner in which the Personal Data Protection Bill, 2018 will revamp and strengthen the existing data protection regulatory framework forms the major edifice of this article. The article also dwells on the significant role played by the fundamental right to privacy judgment (Justice K.S. Puttaswamy v Union of India) of Supreme Court of India, thus preparing the regulatory ground for the evolution of the Personal Data Protection Bill, 2018. The influence of the European Union General Data Protection Regulation in shaping the Indian legal framework is highlighted. The article also discusses pertinent legal concerns that could question the effectiveness of the proposed data protection legal framework in the Indian context.

scholarly journals The European Union and the Search for an International Data Protection Framework

2014 ◽  
Vol 2 (2) ◽  
pp. 55 ◽  
Author(s):  
Christopher Kuner
Keyword(s):  
European Union ◽  
Data Protection ◽  
Legal Framework ◽  
Fundamental Rights ◽  
The European Union ◽  
International Data ◽  
Data Protection Law ◽  
Eu Fundamental Rights ◽  
Global Data ◽  
The Eu

The European Union (EU) has supported the growing calls for the creation of an international legal framework to safeguard data protection rights. At the same time, it has worked to spread its data protection law to other regions, and recent judgments of the Court of Justice of the European Union (CJEU) have reaffirmed the autonomous nature of EU law and the primacy of EU fundamental rights law. The tension between initiatives to create a global data protection framework and the assertion of EU data protection law raises questions about how the EU can best promote data protection on a global level, and about the EU’s responsibilities to third countries that have adopted its system of data protection.

scholarly journals Artificial intelligence, Digital Single Market and the proposal of a right to fair and reasonable inferences: a legal issue between ethics and techniques

2019 ◽  
Vol 5 (2) ◽  
pp. 75-91
Author(s):  
Alexandre Veronese ◽  
Alessandra Silveira ◽  
Amanda Nunes Lopes Espiñeira Lemos
Keyword(s):  
Artificial Intelligence ◽  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Legal Framework ◽  
Single Market ◽  
Legal Issue ◽  
The European Union ◽  
European Union Law ◽  
General Data Protection Regulation

The article discusses the ethical and technical consequences of Artificial intelligence (hereinafter, A.I) applications and their usage of the European Union data protection legal framework to enable citizens to defend themselves against them. This goal is under the larger European Union Digital Single Market policy, which has concerns about how this subject correlates with personal data protection. The article has four sections. The first one introduces the main issue by describing the importance of AI applications in the contemporary world scenario. The second one describes some fundamental concepts about AI. The third section has an analysis of the ongoing policies for AI in the European Union and the Council of Europe proposal about ethics applicable to AI in the judicial systems. The fourth section is the conclusion, which debates the current legal mechanisms for citizens protection against fully automated decisions, based on European Union Law and in particular the General Data Protection Regulation. The conclusion will be that European Union Law is still under construction when it comes to providing effective protection to its citizens against automated inferences that are unfair or unreasonable.

Protecting Genetic Privacy in Biobanking through Data Protection Law

2021 ◽  
Author(s):  
Dara Hallinan
Keyword(s):  
Data Protection ◽  
Critical Infrastructure ◽  
Legal Framework ◽  
Privacy Rights ◽  
Genetic Privacy ◽  
General Data Protection Regulation ◽  
General Data ◽  
Research Biobanks ◽  
The Subject ◽  
Data Protection Law

Biobanks are critical infrastructure for medical research. Biobanks, however, are also the subject of considerable ethical and legal uncertainty. Given that biobanks process large quantities of genomic data, questions have emerged as to how genetic privacy should be protected. What types of genetic privacy rights and rights holders should be protected and to what extent? Since 25 May 2018, the General Data Protection Regulation (GDPR) has applied and now occupies a key position in the European legal framework for the regulation of biobanking. This book takes an in-depth look at the function, problems, and opportunities presented by European data protection law under the GDPR as a framework for the protection of genetic privacy in biobanking. It argues that the substantive framework presented by the GDPR already offers an admirable baseline level of protection for the range of genetic privacy rights engaged by biobanking. The book further contends that while numerous problems with this standard of protection are indeed identifiable, the GDPR offers the flexibility to accommodate solutions to these problems, as well as the procedural mechanisms to realise these solutions.

The Legal Framework for Data and Consumer Protection in Europe

2009 ◽  
pp. 326-346
Author(s):  
Charles O’Mahony
Keyword(s):  
Economic Growth ◽  
European Union ◽  
Consumer Protection ◽  
Data Protection ◽  
Legal Framework ◽  
The European Union ◽  
Legal Structures ◽  
The Creation ◽  
The Law ◽  
Legal Frameworks

This chapter will discuss the legal framework for consumer and data protection in Europe. Central to this discussion will be the law of the European Union (EU) on data and consumer protection.3 Recent years have seen the creation of legal frameworks in Europe which seek to secure the protection of consumers while simultaneously facilitating economic growth in the European Union. This chapter will outline the main sources of law which protect consumers and their privacy. This chapter will outline the important provisions in these sources of law and critically analyse them. The chapter will also point up the gaps and deficiencies in the consumer and data protection legal structures.

The Second Internet: The Brussels Bourgeois Internet

2021 ◽  
pp. 77-91
Author(s):  
Kieron O’Hara
Keyword(s):  
European Union ◽  
Public Space ◽  
Data Protection ◽  
The European Union ◽  
Privacy Rights ◽  
General Data Protection Regulation ◽  
Internet Privacy ◽  
Data Protection Directive ◽  
General Data ◽  
Data Protection Law

This chapter describes the Brussels Bourgeois Internet. The ideal consists of positive, managed liberty where rights of others are respected, as in the bourgeois public space, where liberty follows only when rights are secured. The exemplar of this approach is the European Union, which uses administrative means, soft law, and regulation to project its vision across the Internet. Privacy and data protection have become the most emblematic struggles. Under the Data Protection Directive of 1995, the European Union developed data-protection law and numerous privacy rights, including a right to be forgotten, won in a case against Google Spain in 2014, the arguments about which are dissected. The General Data Protection Regulation (GDPR) followed in 2018, amplifying this approach. GDPR is having the effect of enforcing European data-protection law on international players (the ‘Brussels effect’), while the European Union over the years has developed unmatched expertise in data-protection law.

EU Data Protection Law: The Review of Directive 95/46/EC and the General Data Protection Regulation

2017 ◽  
Author(s):  
Peter Hustinx
Keyword(s):  
Data Protection ◽  
Legal Framework ◽  
Fundamental Rights ◽  
Full Potential ◽  
General Data Protection Regulation ◽  
Gradual Development ◽  
Charter Of Fundamental Rights ◽  
General Data ◽  
Data Protection Law ◽  
The Difference

This chapter looks at the origins and the current state of EU data protection law, and highlights the context of the ongoing review of Directive 95/46/EC as its key instrument, as well as the main lines of the proposed General Data Protection Regulation which will replace the Directive in the near future. The analysis shows a gradual development along two lines: one aiming at stronger rights in order to provide more effective protection, and one ensuring more consistent application of those rights across the EU. It also demonstrates the increasing impact of the Charter of Fundamental Rights, both in the case law of the Court of Justice and in the review of the legal framework. At the same time, it is argued that a lack of awareness of the difference in character between Articles 7 and 8 of the Charter could prevent Article 8 from reaching its full potential.

scholarly journals ESTUDO SOBRE A REALIZAÇÃO DO DIREITO DA PROTECÇÃO DE DADOS PESSOAIS ATRAVÉS DA JURISPRUDÊNCIA DO TRIBUNAL DE JUSTIÇA DA UNIÃO EUROPEIA

2020 ◽  
Vol 29 (1) ◽  
Author(s):  
Rita De Sousa Costa
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Case Law ◽  
Legal Framework ◽  
The European Union ◽  
Personal Data Protection ◽  
Court Of Justice ◽  
European Data ◽  
Data Protection Law

[PT]No presente texto, apresentamos as grandes linhas de aplicação do direito europeu da protecção de dados conforme gizadas pela jurisprudência do TJUE, com o objectivo de demonstrar como e em que medida este Tribunal modelou – e continua a modelar – o quadro jurídico em vigor, na certeza de que aquela jurisprudência impõe um conjunto de desafios determinantes para a realização material do direito europeu da protecção de dados pessoais. [ESP]Este texto presenta las líneas generales de la aplicación de la legislación europea de protección de datos tal como se establece en la jurisprudencia del TJUE, con el objetivo de demostrar cómo y en qué medida este Tribunal ha configurado -y sigue configurando- el marco jurídico vigente, con la certeza de que la dicha jurisprudencia plantea una serie de retos cruciales para la aplicación material del derecho europeo de la protección de datos personales. [ENG]This text outlines the implementation of the European data protection law as laid down in the case-law of the Court of Justice of the European Union, with the aim of demonstrating how and to what extent the Court has shaped – and continues to shape – the current legal framework. The case-law analysed points out a plethora of challenges which are key to the implementation of the European personal data protection law.

scholarly journals Criminal justice profiling and EU data protection law: precarious protection from predictive policing

2019 ◽  
Vol 15 (2) ◽  
pp. 162-176 ◽  
Author(s):  
Orla Lynskey
Keyword(s):  
Data Protection ◽  
Legal Framework ◽  
Predictive Policing ◽  
General Data Protection Regulation ◽  
Court Of Justice ◽  
Specific Assessment ◽  
General Data ◽  
Data Protection Law ◽  
Context Specific ◽  
The Eu

AbstractThis paper examines the application of the latest iterations of EU data protection law – in the General Data Protection Regulation, the Law Enforcement Directive and the jurisprudence of the Court of Justice of the EU – to the use of predictive policing technologies. It suggests that the protection offered by this legal framework to those impacted by predictive policing technologies is, at best, precarious. Whether predictive policing technologies fall within the scope of the data protection rules is uncertain, even in light of the expansive interpretation of these rules by the Court of Justice of the EU. Such a determination would require a context-specific assessment that individuals will be ill-placed to conduct. Moreover, even should the rules apply, the substantive protection offered by the prohibition against automated decision-making can be easily sidestepped and is subject to significant caveats. Again, this points to the conclusion that the protection offered by this framework may be more illusory than real. This being so, there are some fundamental questions to be answered – including the question of whether we should be building predictive policing technologies at all.

The Impact of the GDPR on Extra-EU Legal Systems

2020 ◽  
pp. 224-237
Author(s):  
Maria Casoria ◽  
Eman Mahmood AlSarraf
Keyword(s):  
United Arab Emirates ◽  
Data Protection ◽  
Arabian Gulf ◽  
Personal Data ◽  
Legal Framework ◽  
Legal Systems ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Data Protection Law ◽  
Regional Organisation

The chapter discusses the influence of the General Data Protection Regulation (GDPR) on legal systems extra-EU and particularly the Kingdom of Bahrain, country member to a regional organisation located in the Arabian Gulf denominated Gulf Cooperation Council (GCC), which is exclusive to six states (i.e., Saudi Arabia, United Arab Emirates, Oman, Qatar, and Kuwait in addition to Bahrain). Amongst these countries, Bahrain is the only one that has recently enacted its own separate Personal Data Protection Law (PDPL) mostly resembling the GDPR due to the ever-increasing commercial relationship with business undertakings in Europe. Moreover, the adoption of the data protection law counts as a huge leap forward taken by the kingdom in reforming its legal framework, since it is the state's striving strategy to grow into a midpoint for data centre, just on time for the launch of data centres opening in Bahrain that are endorsed by Amazon Web Services.

Sign in / Sign up

Export Citation Format

Share Document