How to Build Data-Driven Innovation Projects at Large With Data Protection by Design: A Scientific-Legal Data Protection Impact Assessment With Respect to a Hypothetical Smart City Scenario in Berlin

2020 ◽  
Author(s):  
Maximilian Grafenstein
Keyword(s):  
Impact Assessment ◽  
Data Protection ◽  
Smart City ◽  
Data Driven ◽  
Innovation Projects

A typology of Smart City services: The case of Data Protection Impact Assessment

Cities ◽  
2020 ◽  
Vol 104 ◽  
pp. 102731 ◽  
Author(s):  
Laurens Vandercruysse ◽  
Caroline Buts ◽  
Michaël Dooms
Keyword(s):  
Impact Assessment ◽  
Data Protection ◽  
Smart City

scholarly journals Tokenized Ecosystem of Personal Data — Exemplified on the Context of the Smart City

2017 ◽  
Vol 9 (2) ◽  
pp. 110-133 ◽  
Author(s):  
Jan Thomas Frecè ◽  
Thomas Selzam
Keyword(s):  
Data Protection ◽  
Smart City ◽  
Smart Cities ◽  
Personal Data ◽  
Privacy Preserving ◽  
Data Sources ◽  
Data Driven ◽  
Access To Data

Data driven businesses, services, and even smart cities of tomorrow depend on access to data not only from machines, but also personal data of consumers, clients, citizens. Sustain-able utilization of such data must base on legal compliancy, ethical soundness, and consent. Data subjects nowadays largely lack empowerment over utilization and monetization of their personal data. To change this, we propose a tokenized ecosystem of personal data (TokPD), combining anonymization, referencing, encryption, decentralization, and functional layering to establish a privacy preserving solution for processing of personal data. This tokenized ecosys-tem is a more generalized variant of the smart city ecosystem described in the preceding publi-cation "Smart Cities of Self-Determined Data Subjects" (Frecè & Selzam 2017) with focus to-wards further options of decentralization. We use the example of a smart city to demonstrate, how TokPD ensures the data subjects’ privacy, grants the smart city access to a high number of new data sources, and simultaneously handles the user-consent to ensure compliance with mod-ern data protection regulation.

Impact Assessment for Data-driven Innovation in Cognitive IoT Architectures

2019 ◽  
Author(s):  
G. Carvalho ◽  
A. Madaan
Keyword(s):  
Impact Assessment ◽  
Data Driven

scholarly journals Data Protection Impact Assessment (DPIA) for Cloud-Based Health Organizations

2021 ◽  
Vol 13 (3) ◽  
pp. 66
Author(s):  
Dimitra Georgiou ◽  
Costas Lambrinoudakis
Keyword(s):  
Impact Assessment ◽  
Data Protection ◽  
Gap Analysis ◽  
Health Care Organization ◽  
Personal Data ◽  
Care Organization ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Compliance Level

The General Data Protection Regulation (GDPR) harmonizes personal data protection laws across the European Union, affecting all sectors including the healthcare industry. For processing operations that pose a high risk for data subjects, a Data Protection Impact Assessment (DPIA) is mandatory from May 2018. Taking into account the criticality of the process and the importance of its results, for the protection of the patients’ health data, as well as the complexity involved and the lack of past experience in applying such methodologies in healthcare environments, this paper presents the main steps of a DPIA study and provides guidelines on how to carry them out effectively. To this respect, the Privacy Impact Assessment, Commission Nationale de l’Informatique et des Libertés (PIA-CNIL) methodology has been employed, which is also compliant with the privacy impact assessment tasks described in ISO/IEC 29134:2017. The work presented in this paper focuses on the first two steps of the DPIA methodology and more specifically on the identification of the Purposes of Processing and of the data categories involved in each of them, as well as on the evaluation of the organization’s GDPR compliance level and of the gaps (Gap Analysis) that must be filled-in. The main contribution of this work is the identification of the main organizational and legal requirements that must be fulfilled by the health care organization. This research sets the legal grounds for data processing, according to the GDPR and is highly relevant to any processing of personal data, as it helps to structure the process, as well as be aware of data protection issues and the relevant legislation.

The Bigger Picture: Approaches to Inter-organizational Data Protection Impact Assessment

2020 ◽  
pp. 283-293
Author(s):  
Dimitri Van Landuyt ◽  
Laurens Sion ◽  
Pierre Dewitte ◽  
Wouter Joosen
Keyword(s):  
Impact Assessment ◽  
Data Protection

The Making of Data-Driven Sustainable Smart City Communities in Holiday Destinations

2019 ◽  
pp. 273-296
Author(s):  
Sudipta Kiran Sarkar ◽  
Michalis Toanoglou ◽  
Babu George
Keyword(s):  
Smart City ◽  
Data Driven

scholarly journals Digital Economy, Big Data and Competition Law

2019 ◽  
Vol 3 (1) ◽  
pp. 53-89
Author(s):  
Roberto Augusto Castellanos Pfeiffer
Keyword(s):  
Big Data ◽  
Data Protection ◽  
Personal Data ◽  
Competition Law ◽  
Digital Economy ◽  
Data Driven ◽  
Dominant Position ◽  
Privacy Concerns ◽  
Sense Data ◽  
Abuse Of Dominant Position

Big data has a very important role in the digital economy, because firms have accurate tools to collect, store, analyse, treat, monetise and disseminate voluminous amounts of data. Companies have been improving their revenues with information about the behaviour, preferences, needs, expectations, desires and evaluations of their consumers. In this sense, data could be considered as a productive input. The article focuses on the current discussion regarding the possible use of competition law and policy to address privacy concerns related to big data companies. The most traditional and powerful tool to deal with privacy concerns is personal data protection law. Notwithstanding, the article examines whether competition law should play an important role in data-driven markets where privacy is a key factor. The article suggests a new approach to the following antitrust concepts in cases related to big data platforms: assessment of market power, merger notification thresholds, measurement of merger effects on consumer privacy, and investigation of abuse of dominant position. In this context, the article analyses decisions of competition agencies which reviewed mergers in big data-driven markets, such as Google/DoubleClick, Facebook/ WhatsApp and Microsoft/LinkedIn. It also reviews investigations of alleged abuse of dominant position associated with big data, in particular the proceeding opened by the Bundeskartellamt against Facebook, in which the German antitrust authority prohibited the data processing policy imposed by Facebook on its users. The article concludes that it is important to harmonise the enforcement of competition, consumer and data protection polices in order to choose the proper way to protect the users of dominant platforms, maximising the benefits of the data-driven economy.

Sign in / Sign up

Export Citation Format

Share Document