scholarly journals The Right to Communications Confidentiality in Europe: Protecting Privacy, Freedom of Expression, and Trust

2019 ◽  
Vol 20 (1) ◽  
pp. 291-322
Author(s):  
Frederik J. Zuiderveen Borgesius ◽  
Wilfred Steenbruggen
Keyword(s):  
Service Providers ◽  
Freedom Of Expression ◽  
Personal Data ◽  
European Convention ◽  
The European Union ◽  
Communication Services ◽  
General Data Protection Regulation ◽  
Individual Privacy ◽  
General Data ◽  
The Right

Abstract In the European Union, the General Data Protection Regulation (GDPR) provides comprehensive rules for the processing of personal data. In addition, the EU lawmaker intends to adopt specific rules to protect confidentiality of communications, in a separate ePrivacy Regulation. Some have argued that there is no need for such additional rules for communications confidentiality. This Article discusses the protection of the right to confidentiality of communications in Europe. We look at the right’s origins to assess the rationale for protecting it. We also analyze how the right is currently protected under the European Convention on Human Rights and under EU law. We show that at its core the right to communications confidentiality protects three individual and collective values: privacy, freedom of expression, and trust in communication services. The right aims to ensure that individuals and organizations can safely entrust communication to service providers. Initially, the right protected only postal letters, but it has gradually developed into a strong safeguard for the protection of confidentiality of communications, regardless of the technology used. Hence, the right does not merely serve individual privacy interests, but also other more collective interests that are crucial for the functioning of our information society. We conclude that separate EU rules to protect communications confidentiality, next to the GDPR, are justified and necessary.

scholarly journals The Right to Data Portability: conception, status quo, and future directions

2021 ◽  
Author(s):  
Sophie Kuebler-Wachendorff ◽  
Robert Luzsa ◽  
Johann Kranz ◽  
Stefan Mager ◽  
Emmanuel Syrmoudis ◽  
...  
Keyword(s):  
Service Providers ◽  
Personal Data ◽  
The European Union ◽  
Future Directions ◽  
General Data Protection Regulation ◽  
Digital Service ◽  
General Data ◽  
Data Portability ◽  
The One ◽  
The Right

AbstractFor almost three years, the General Data Protection Regulation (GDPR) has been granting citizens of the European Union the right to obtain personal data from companies and to transfer these data to another company. The so-called Right to Data Portability (RtDP) promises to significantly reduce switching costs for consumers in digital service markets, provided that its potential is effectively translated into reality. Thus, of all the consumer rights in the GDPR, the RtDP has the potential to be the one with the most significant implications for digital markets and privacy. However, our research shows that the RtDP is barely known among consumers and can currently only be implemented in a fragmented manner—especially with regard to the direct transfer of data between online service providers. We discuss several ways to improve the implementation of this right in the present article.

scholarly journals Identity Management and Protection Motivated by the General Data Protection Regulation of the European Union—A Conceptual Framework Based on State-of-the-Art Software Technologies

Technologies ◽  
2018 ◽  
Vol 6 (4) ◽  
pp. 115
Author(s):  
Pascal Birnstill ◽  
Erik Krempel ◽  
Paul Wagner ◽  
Jürgen Beyerer
Keyword(s):  
Data Protection ◽  
Service Providers ◽  
State Of The Art ◽  
Personal Data ◽  
Legal Rights ◽  
Data Provenance ◽  
The European Union ◽  
Usage Control ◽  
General Data Protection Regulation ◽  
General Data

In times of strongly (personal) data-driven economy, the inception of the European General Data Protection Regulation (GDPR) recently reinforced the call for transparency and informational self-determination—not only due to the penalties for data protection violations becoming significantly more severe. This paper recaps the GDPR articles that should be noticed by software designers and developers and explains how, from the perspective of computer scientists, the summarized requirements can be implemented based on state-of-the-art technologies, such as data provenance tracking, distributed usage control, and remote attestation protocols. For this, the challenges for data controllers, i.e., the service providers, as well as for the data subjects, i.e., the users whose personal data are being processed by the services, are worked out. As a result, this paper proposes the ideal functionality of a next-generation privacy dashboard interacting with data provenance and usage control infrastructure implemented at the service providers to operationalize the legal rights of the data subject granted by the GDPR. Finally, it briefly outlines the options for establishing trust in data provenance tracking and usage control infrastructures operated by the service providers themselves.

scholarly journals Can the GDPR and Freedom of Expression Coexist?

AJIL Unbound ◽  
2020 ◽  
Vol 114 ◽  
pp. 31-34
Author(s):  
Nani Jansen Reventlow
Keyword(s):  
Data Protection ◽  
Data Privacy ◽  
Freedom Of Expression ◽  
Personal Information ◽  
Personal Data ◽  
Raw Material ◽  
Individual Data ◽  
General Data Protection Regulation ◽  
General Data ◽  
The Right

The General Data Protection Regulation (GDPR) imposes important transparency and accountability requirements on different actors who process personal data. This is great news for the protection of individual data privacy. However, given that “personal information and human stories are the raw material of journalism,” what does the GDPR mean for freedom of expression and especially for journalistic activity? This essay argues that, although EU states seem to have taken their data protection obligations under the GDPR seriously, efforts to balance this against the right to freedom of expression have been more uneven. The essay concludes that it is of key importance to ensure that the GDPR's safeguards for data privacy do not compromise a free press.

scholarly journals THE RIGHT TO BE FORGOTTEN: An analysis from an American perspective and what it means for the U.S. to adopt it

2019 ◽  
Author(s):  
Ani Kristo
Keyword(s):  
Freedom Of Expression ◽  
Personal Data ◽  
Legal Framework ◽  
Fundamental Rights ◽  
The European Union ◽  
Data Infrastructure ◽  
General Data Protection Regulation ◽  
American Perspective ◽  
The Right ◽  
The U.S

Today’s society is part of a shared digital life, with an Internet population of 3.2 billion people. Though this colossal data infrastructure enables communication, information sharing, and collaboration, it is a place that favors a paradigm of continuous collection and storage of data, without much analysis of how that disrupts certain social norms and induces cases of violations of fundamental rights like privacy, freedom, and protection from discrimination.In 2016, the European Union adopted the General Data Protection Regulation, which introduced a right for individuals to have their personal data erased. This opened a discussion on privacy and identity concerns in the context of perpetual stigmatization and discrimination due to obsolete data that remains on the web. Through analyses of some cases in the U.S. and E.U., this paper will investigate the challenges of importing a similar legal framework for the erasure of personal data in the U.S., while ensuring the freedom of expression and maintaining the quality of the search engines and respective websites.

scholarly journals Data Sharing Under the General Data Protection Regulation

Hypertension ◽  
2021 ◽  
Vol 77 (4) ◽  
pp. 1029-1035
Author(s):  
Antonia Vlahou ◽  
Dara Hallinan ◽  
Rolf Apweiler ◽  
Angel Argiles ◽  
Joachim Beige ◽  
...  
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Research Approach ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Protection Legislation ◽  
General Data ◽  
Almost All

The General Data Protection Regulation (GDPR) became binding law in the European Union Member States in 2018, as a step toward harmonizing personal data protection legislation in the European Union. The Regulation governs almost all types of personal data processing, hence, also, those pertaining to biomedical research. The purpose of this article is to highlight the main practical issues related to data and biological sample sharing that biomedical researchers face regularly, and to specify how these are addressed in the context of GDPR, after consulting with ethics/legal experts. We identify areas in which clarifications of the GDPR are needed, particularly those related to consent requirements by study participants. Amendments should target the following: (1) restricting exceptions based on national laws and increasing harmonization, (2) confirming the concept of broad consent, and (3) defining a roadmap for secondary use of data. These changes will be achieved by acknowledged learned societies in the field taking the lead in preparing a document giving guidance for the optimal interpretation of the GDPR, which will be finalized following a period of commenting by a broad multistakeholder audience. In parallel, promoting engagement and education of the public in the relevant issues (such as different consent types or residual risk for re-identification), on both local/national and international levels, is considered critical for advancement. We hope that this article will open this broad discussion involving all major stakeholders, toward optimizing the GDPR and allowing a harmonized transnational research approach.

scholarly journals Location Privacy in the Wake of the GDPR

2019 ◽  
Author(s):  
Yola Georgiadou ◽  
Rolf de By ◽  
Ourania Kounadi
Keyword(s):  
Data Protection ◽  
Location Privacy ◽  
Cultural Theory ◽  
Personal Data ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Digital Ecosystem ◽  
Protection Legislation ◽  
General Data ◽  
Conducting Research

The General Data Protection Regulation (GDPR) protects the personal data of natural persons and at the same time allows the free movement of such data within the European Union (EU). Hailed as majestic by admirers and dismissed as protectionist by critics, the Regulation is expected to have a profound impact around the world, including in the African Union (AU). For European–African consortia conducting research that may affect the privacy of African citizens, the question is ‘how to protect personal data of data subjects while at the same time ensuring a just distribution of the benefits of a global digital ecosystem?’ We use location privacy as a point of departure, because information about an individual’s location is different from other kinds of personally identifiable information. We analyse privacy at two levels, individual and cultural. Our perspective is interdisciplinary: we draw from computer science to describe three scenarios of transformation of volunteered/observed information to inferred information about a natural person and from cultural theory to distinguish four privacy cultures emerging within the EU in the wake of GDPR. We highlight recent data protection legislation in the AU and discuss factors that may accelerate or inhibit the alignment of data protection legislation in the AU with the GDPR.

scholarly journals Academic Freedom and Its Protection in the Law of European States

2016 ◽  
Vol 3 (3) ◽  
pp. 254-345
Author(s):  
Klaus D. Beiter ◽  
Terence Karran ◽  
Kwadwo Appiagyei-Atua
Keyword(s):  
Higher Education ◽  
Human Rights ◽  
Academic Freedom ◽  
Freedom Of Expression ◽  
European Convention ◽  
The European Union ◽  
International Human Rights ◽  
International Human ◽  
The Law ◽  
The Right

Focusing on those countries that are members of the European Union, it may be noted that these countries are bound under international human rights agreements, such as the International Covenants on Civil and Political, and Economic, Social and Cultural Rights or the European Convention on Human Rights, to safeguard academic freedom under provisions providing for the right to freedom of expression, the right to education, and respect for ‘the freedom indispensable for scientific research.’ unesco’s Recommendation concerning the Status of Higher-Education Teaching Personnel, a ‘soft-law’ document of 1997, concretises international human rights requirements to be complied with to make the protection of the right to academic freedom effective. Relying on a set of human rights indicators, the present article assesses the extent to which the constitutions, laws on higher education, and other relevant legislation of eu states implement the Recommendation’s criteria. The situation of academic freedom in practice will not be assessed here. The results for the various countries have been quantified and countries ranked in accordance with ‘their performance.’ The assessment demonstrates that, overall, the state of the protection of the right to academic freedom in the law of European states is one of ‘ill-health.’ Institutional autonomy is being misconstrued as exhausting the concept of academic freedom, self-governance in higher education institutions sacrificed for ‘executive-style’ management, and employment security abrogated to cater for ‘changing employment needs’ in higher education.

scholarly journals GDPR implementation as the main reason for the regional fragmentation in the online mediasphere

2021 ◽  
Vol 273 ◽  
pp. 08099
Author(s):  
Mikhail Smolenskiy ◽  
Nikolay Levshin
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Main Role ◽  
The European Union ◽  
Protection Measures ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
The Usa ◽  
General Data

The EU’s General Data Protection Regulation (GDPR) applies not only to the territory of the European Union, but also to all information systems containing data of EU’s citizens around the world. Misusing or carelessly handling personal data bring fines of up to 20 million euros or 4% of the annual turnover of the offending company. This article analyzes the main trends in the global implementation of the GDPR. Authors considered and analyzed results of personal data protection measures in nineteen regions: The USA, Canada, China, France, Germany, India, Kazakhstan, Nigeria, Russia, South Korea and Thailand, as well as the European Union and a handful of other. This allowed identifying a direct pattern between the global tightening of EU’s citizens personal data protection and the fragmentation of the global mediasphere into separate national segments. As a result of the study, the authors conclude that GDPR has finally slowed down the globalization of the online mediasphere, playing a main role in its regional fragmentation.

scholarly journals Credit-Based Insurance Scores: some Observations in the Light of the European General Data Protection Regulation

2020 ◽  
pp. 155-186
Author(s):  
María Dolores Mas Badia
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Insurance Companies ◽  
The European Union ◽  
History Data ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Credit History ◽  
Automated Processing ◽  
General Data

Despite the differences between credit risk and insurance risk, in many countries large insurance companies include credit history amongst the information to be taken into account when assigning consumers to risk pools and deciding whether or not to offer them an auto or homeowner insurance policy, or to determine the premium that they should pay. In this study, I will try to establish some conclusions concerning the requirements and limits that the use of credit history data by insurers in the European Union should be subject to. In order to do this, I shall focus my attention primarily on Regulation (EU) 2016/679. This regulation, that came into force on 24 May 2018, not only forms the backbone of personal data protection in the EU, but is also set to become a model for regulation beyond the borders of the Union. This article will concentrate on two main aspects: the lawful basis for the processing of credit history data by insurers, and the rules that should apply to decisions based solely on automated processing, including profiling.Received: 30 December 2019Accepted: 07 February 2020Published online: 02 April 2020

scholarly journals FORENSIC DATABASES IN POLAND. LEGAL ISSUES RELATED TO RIGHT TO THE PROTECTION OF PERSONAL DATA AND RIGHT TO PRIVACY

2021 ◽  
pp. 285-305
Author(s):  
Dariusz Wilk
Keyword(s):  
Personal Data ◽  
The European Union ◽  
Right To Privacy ◽  
Biometric Data ◽  
General Data Protection Regulation ◽  
Law And Policy ◽  
Detection And Identification ◽  
Criminal Justice Systems ◽  
General Data ◽  
Data Subject

Forensic databases are crucial resources in criminal justice systems, which allow for detection and identification of offenders. General Data Protection Regulation and Police Directive about processing of personal data were enacted in the European Union in 2016, which implied changes in national law and policy in processing genetic and biometric data by law enforcements. Therefore, current development of DNA and fingerprint databases in Poland were revealed and compared to other European countries. Changes in the law related to processing of genetic and biometric data were analysed. Issues related to the distinction between different categories of data subject and retention time of personal data were especially commented in the view of right to the protection of personal data and right to privacy.

Sign in / Sign up

Export Citation Format

Share Document