Assessing The Impact Of The EU General Data Protection Regulation (GDPR) On Businesses In Nigeria

The changes that have been brought about by the General Data Protection Regulation starting with May 2018 are complex and ambitious. The General Data Protection Regulation is one of the most wide ranging pieces of legislation passed by the EU in recent years, and it introduces many concepts that are yet to be fully discovered in practice, such as the right to be forgotten, data portability and data breach notification. This paper intends to analyze the main obligations that public bodies, particularly, have after the GDPR has entered into force, and to evaluate the impact this legislative act has on the routine activities carried out by public authorities in Romania. To reach our goal, we will make reference to the obligations that are specific to public administration authorities as well as to those that public bodies are exempted from. We will also analyze the national legislative measures adopted in Romania after GDPR started to be in force, and the degree to which these have particularized the way public bodies are allowed and obliged to process personal data in Romania.

Download Full-text

Buchbesprechungen. Feiler, Lukas / Forgó, Nikolaus / Weigl, Michaela: The Eu General Data Protection Regulation (Gdpr): A Commentary

Computer und Recht ◽

10.9785/cr-2018-340626 ◽

2018 ◽

Vol 34 (6) ◽

pp. r69-r70

Author(s):

Joachim Scherer ◽

Gerd Kiparski

Keyword(s):

Data Protection ◽

General Data Protection Regulation ◽

General Data ◽

The Eu

Download Full-text

The EU General Data Protection Regulation (GDPR)

10.1093/oso/9780198826491.001.0001 ◽

2020 ◽

Cited By ~ 1

Keyword(s):

Data Protection ◽

Personal Data ◽

Privacy Regulation ◽

General Data Protection Regulation ◽

Data Protection Directive ◽

Ongoing Work ◽

Protection Legislation ◽

Recent Reform ◽

General Data ◽

The Eu

This new book provides an article-by-article commentary on the new EU General Data Protection Regulation. Adopted in April 2016 and applicable from May 2018, the GDPR is the centrepiece of the recent reform of the EU regulatory framework for protection of personal data. It replaces the 1995 EU Data Protection Directive and has become the most significant piece of data protection legislation anywhere in the world. This book is edited by three leading authorities and written by a team of expert specialists in the field from around the EU and representing different sectors (including academia, the EU institutions, data protection authorities, and the private sector), thus providing a pan-European analysis of the GDPR. It examines each article of the GDPR in sequential order and explains how its provisions work, thus allowing the reader to easily and quickly elucidate the meaning of individual articles. An introductory chapter provides an overview of the background to the GDPR and its place in the greater structure of EU law and human rights law. Account is also taken of closely linked legal instruments, such as the Directive on Data Protection and Law Enforcement that was adopted concurrently with the GDPR, and of the ongoing work on the proposed new E-Privacy Regulation.

Download Full-text

The GDPR as Global Data Protection Regulation?

AJIL Unbound ◽

10.1017/aju.2019.80 ◽

2020 ◽

Vol 114 ◽

pp. 5-9 ◽

Cited By ~ 2

Author(s):

Cedric Ryngaert ◽

Mistale Taylor

Keyword(s):

International Law ◽

Data Protection ◽

Personal Data ◽

Fundamental Rights ◽

General Data Protection Regulation ◽

Data Protection Directive ◽

Protection Legislation ◽

General Data ◽

Global Data ◽

The Eu

The deterritorialization of the Internet and international communications technology has given rise to acute jurisdictional questions regarding who may regulate online activities. In the absence of a global regulator, states act unilaterally, applying their own laws to transborder activities. The EU's “extraterritorial” application of its data protection legislation—initially the Data Protection Directive (DPD) and, since 2018, the General Data Protection Regulation (GDPR)—is a case in point. The GDPR applies to “the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to: (a) the offering of goods or services . . . to such data subjects in the Union; or (b) the monitoring of their behaviour . . . within the Union.” It also conditions data transfers outside the EU on third states having adequate (meaning essentially equivalent) data protection standards. This essay outlines forms of extraterritoriality evident in EU data protection law, which could be legitimized by certain fundamental rights obligations. It then looks at how the EU balances data protection with third states’ countervailing interests. This approach can involve burdens not only for third states or corporations, but also for the EU political branches themselves. EU law viewed through the lens of public international law shows how local regulation is going global, despite its goal of protecting only EU data subjects.

Download Full-text

Transparency you can trust: Transparency requirements for artificial intelligence between legal norms and contextual concerns

Big Data & Society ◽

10.1177/2053951719860542 ◽

2019 ◽

Vol 6 (1) ◽

pp. 205395171986054 ◽

Cited By ~ 8

Author(s):

Heike Felzmann ◽

Eduard Fosch Villaronga ◽

Christoph Lutz ◽

Aurelia Tamò-Larrieux

Keyword(s):

Artificial Intelligence ◽

Data Protection ◽

Contextual Factors ◽

Information Provision ◽

Human Robot Interaction ◽

Future Research ◽

General Data Protection Regulation ◽

Wide Range ◽

General Data ◽

The Impact

Transparency is now a fundamental principle for data processing under the General Data Protection Regulation. We explore what this requirement entails for artificial intelligence and automated decision-making systems. We address the topic of transparency in artificial intelligence by integrating legal, social, and ethical aspects. We first investigate the ratio legis of the transparency requirement in the General Data Protection Regulation and its ethical underpinnings, showing its focus on the provision of information and explanation. We then discuss the pitfalls with respect to this requirement by focusing on the significance of contextual and performative factors in the implementation of transparency. We show that human–computer interaction and human-robot interaction literature do not provide clear results with respect to the benefits of transparency for users of artificial intelligence technologies due to the impact of a wide range of contextual factors, including performative aspects. We conclude by integrating the information- and explanation-based approach to transparency with the critical contextual approach, proposing that transparency as required by the General Data Protection Regulation in itself may be insufficient to achieve the positive goals associated with transparency. Instead, we propose to understand transparency relationally, where information provision is conceptualized as communication between technology providers and users, and where assessments of trustworthiness based on contextual factors mediate the value of transparency communications. This relational concept of transparency points to future research directions for the study of transparency in artificial intelligence systems and should be taken into account in policymaking.

Download Full-text

To What Extent Does the EU General Data Protection Regulation (GDPR) Apply to Citizen Scientist-Led Health Research with Mobile Devices?

The Journal of Law Medicine & Ethics ◽

10.1177/1073110520917046 ◽

2020 ◽

Vol 48 (S1) ◽

pp. 187-195

Author(s):

Edward S. Dove ◽

Jiahong Chen

Keyword(s):

Mobile Devices ◽

Data Protection ◽

Health Research ◽

Health Data ◽

Specific Context ◽

General Data Protection Regulation ◽

Citizen Scientist ◽

Open Questions ◽

General Data ◽

The Eu

In this article, we consider the possible application of the European General Data Protection Regulation (GDPR) to “citizen scientist”-led health research with mobile devices. We argue that the GDPR likely does cover this activity, depending on the specific context and the territorial scope. Remaining open questions that result from our analysis lead us to call for lex specialis that would provide greater clarity and certainty regarding the processing of health data by for research purposes, including these non-traditional researchers.

Download Full-text

Mass data gathering and surveillance: the fight against facial recognition technology in the globalized world

SHS Web of Conferences ◽

10.1051/shsconf/20207403006 ◽

2020 ◽

Vol 74 ◽

pp. 03006

Author(s):

Irena Nesterova

Keyword(s):

San Francisco ◽

Data Protection ◽

Facial Recognition ◽

Data Gathering ◽

Legal Framework ◽

Fundamental Rights ◽

General Data Protection Regulation ◽

The Us ◽

The Impact ◽

The Eu

The growing use of facial recognition technologies has put them under the regulatory spotlight all around the world. The EU considers to regulate facial regulation technologies as a part of initiative of creating ethical and legal framework for trustworthy artificial intelligence. These technologies are attracting attention of the EU data protection authorities, e.g. in Sweden and the UK. In May, San Francisco was the first city in the US to ban police and other government agencies from using facial recognition technology, soon followed by other US cities. The paper aims to analyze the impact of facial recognition technology on the fundamental rights and values as well as the development of its regulation in Europe and the US. The paper will reveal how these technologies may significantly undermine fundamental rights, in particular the right to privacy, and may lead to prejudice and discrimination. Moreover, alongside the risks to fundamental rights a wider impact of these surveillance technologies on democracy and the rule of law needs to be assessed. Although the existing laws, in particular the EU General Data Protection Regulation already imposes significant requirements, there is a need for further guidance and clear regulatory framework to ensure trustworthy use of facial recognition technology.

Download Full-text

International Organizations and the EU General Data Protection Regulation

International Organizations Law Review ◽

10.1163/15723747-2019008 ◽

2019 ◽

Vol 16 (1) ◽

pp. 158-191 ◽

Cited By ~ 1

Author(s):

Christopher Kuner

Keyword(s):

International Law ◽

International Organizations ◽

Data Protection ◽

Personal Data ◽

Eu Law ◽

Protection Measures ◽

General Data Protection Regulation ◽

General Data ◽

High Level ◽

The Eu

The importance of personal data processing for international organizations (‘IOs’) demonstrates the need for them to implement data protection in their work. The EU General Data Protection Regulation (‘GDPR’) will be influential around the world, and will impact IOs as well. Its application to them should be determined under relevant principles of EU law and public international law, and it should be interpreted consistently with the international obligations of the EU and its Member States. However, IOs should implement data protection measures regardless of whether the GDPR applies to them in a legal sense. There is a need for EU law and international law to take each other better into account, so that IOs can enjoy their privileges and immunities also with regard to EU law and avoid conflicts with international law, while still providing a high level of data protection in their operations.

Download Full-text