scholarly journals Data protection for networked and robotic toys - a legal perspective

2018 ◽  
Vol 27 ◽  
Author(s):  
Rocco Panetta ◽  
Federico Sartore
Keyword(s):  
Data Protection ◽  
Codes Of Conduct ◽  
Personal Data ◽  
Legal Framework ◽  
Fundamental Rights ◽  
Security Measures ◽  
General Data Protection Regulation ◽  
Legal Perspective ◽  
Psychological Maturity ◽  
Iot Devices

This paper is aimed to understand the state of the art and the resulting consequences of the legal framework in Europe, with regard to the protection of children's data. Especially when they interact with networked and robotic toys, like in 'My friend Cayla' case. In order to evaluate the practical implications of the use of IoT devices by children or teenager users, the first part of the paper presents an analysis of the international guiding principles of the protection of minors, a category which enjoys a higher level of protection of their fundamental rights, due to their condition of lack of physical and psychological maturity. Secondly, the focus is moved upon the protection of personal data of children. Only after confronting previous data protection legal instruments and having compared them with the novelties set forth in General Data Protection Regulation, it is reasonable to assume that new provisions such as "privacy by design" principle, adequacy of security measures and codes of conduct, can support data controllers in ensuring compliance (in line with the accountability principle) in the field of IoT toys. In conclusion, the paper supports a view of Data Protection Authorities as a relevant player in enhancing these renovated tools in order to achieve the protection of children's rights, as to ensure their substantial protection against the threats of the interconnected world.

scholarly journals Personal Data Protection in Russia

2020 ◽  
pp. 95-113
Author(s):  
Alexander Gurkov
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Legal Framework ◽  
Fundamental Rights ◽  
Special Role ◽  
State Control ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
General Data

AbstractThis chapter considers the legal framework of data protection in Russia. The adoption of the Yarovaya laws, data localization requirement, and enactment of sovereign Runet regulations allowing for isolation of the internet in Russia paint a grim representation of state control over data flows in Russia. Upon closer examination, it can be seen that the development of data protection in Russia follows many of the steps taken at the EU level, although some EU measures violated fundamental rights and were invalidated. Specific rules in this sphere in Russia are similar to the European General Data Protection Regulation. This chapter shows the special role of Roskomnadzor in forming data protection regulations by construing vaguely defined rules of legislation.

scholarly journals Compatibility of a Security Policy for a Cloud-Based Healthcare System with the EU General Data Protection Regulation (GDPR)

Information ◽  
2020 ◽  
Vol 11 (12) ◽  
pp. 586
Author(s):  
Dimitra Georgiou ◽  
Costas Lambrinoudakis
Keyword(s):  
Healthcare System ◽  
Data Protection ◽  
Security Policy ◽  
Personal Data ◽  
Legal Framework ◽  
Healthcare Systems ◽  
Security And Privacy ◽  
Security Measures ◽  
General Data Protection Regulation ◽  
General Data

Currently, there are several challenges that cloud-based healthcare systems around the world are facing. The most important issue is to ensure security and privacy, or in other words, to ensure the confidentiality, integrity, and availability of the data. Although the main provisions for data security and privacy were present in the former legal framework for the protection of personal data, the General Data Protection Regulation (GDPR) introduces new concepts and new requirements. In this paper, we present the main changes and the key challenges of the GDPR and, at the same time, we present how a cloud-based security policy could be modified in order to be compliant with the GDPR, as well as how cloud environments can assist developers to build secure and GDPR compliant cloud-based healthcare systems. The major concept of this paper is dual-purpose; primarily, to facilitate cloud providers in comprehending the framework of the new GDPR and secondly, to identify security measures and security policy rules, for the protection of sensitive data in a cloud-based healthcare system, following our risk-based security policy methodology that assesses the associated security risks and takes into account different requirements from patients, hospitals, and various other professional and organizational actors.

scholarly journals La libertad de información como límite al derecho a la protección de datos personales: la excepción periodística

2015 ◽  
pp. 377
Author(s):  
Cristina Pauner Chulvi
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Legal Framework ◽  
Fundamental Rights ◽  
Freedom Of Information ◽  
Member States ◽  
General Data Protection Regulation ◽  
Personal A ◽  
The Media ◽  
The Right

La aplicación indiscriminada de la normativa sobre el derecho a la protección de datos de carácter personal a los medios de comunicación puede suponer una restricción excesiva de la libertad de información, uno de los elementos más característicos del patrimonio jurídico de las sociedades democráticas. En el intento de lograr un equilibrio entre ambos derechos fundamentales, el régimen europeo en materia de protección de datos —la actual Directiva 95/46/CE y la Propuesta de Reglamento General de Protección de Datos— contemplan la denominada excepción periodística que autoriza a los Estados miembros a establecer limitaciones a la aplicación de determinadas disposiciones. El presente artículo analiza el concepto y alcance de la mencionada excepción en las normas europeas y en las legislaciones de los Estados miembros que, en transposición de la Directiva, han incorporado el reconocimiento de la excepción periodística.Indiscriminate application to the media of the rules on the right to data protection may cause excessive restriction of freedom of information, one of the most characteristic items of the legal heritage of democratic societies. In an attempt to strike a balance between the two fundamental rights, the European legal framework for the protection of personal data — the current Directive 95/46/EC and the proposed General Data Protection Regulation — provide for the so-called journalism exemption which allows Member States to establish exemptions to the application of certain provisions. This article analyses the concept and scope of this exemption in the European regulations and in the legislation of the Member States which have transposed the Directive into their national law and have thus incorporated recognition of the journalism exemption.

scholarly journals Compatibility of a Security Policy for a Cloud-based Healthcare System with the EU General Data Protection Regulation (GDPR)

2020 ◽  
Author(s):  
Dimitra Georgiou ◽  
Costas Lambrinoudakis
Keyword(s):  
Data Protection ◽  
Security Policy ◽  
Health Care Systems ◽  
Personal Data ◽  
Legal Framework ◽  
Security And Privacy ◽  
Security Measures ◽  
Sensitive Data ◽  
General Data Protection Regulation ◽  
General Data

Currently, there are several challenges that Cloud-based health-care Systems, around the world, are facing. The most important issue is to ensure security and privacy or in other words to ensure the confidentiality, integrity and availability of the data. Although the main provisions for data security and privacy were present in the former legal framework for the protection of personal data, the General Data Protection Regulation (GDPR) introduces new concepts and new requirements. In this paper, we present the main changes and the key challenges of the General Data Protection Regulation, and also at the same time we present how the Cloud-based Security Policy methodology proposed in [1] could be modified in order to be compliant with the GDPR and how Cloud environments can assist developers to build secure and GDPR compliant Cloud-based health Systems. The major concept of this paper is, primarily, to facilitate Cloud Providers in comprehending the framework of the new General Data Protection Regulation and secondly, to identify security measures and security policy rules for the protection of sensitive data in a Cloud-based Health System, following our risk-based Security Policy Methodology that assesses the associated security risks and takes into account different requirements from patients, hospitals, and various other professional and organizational actors.

scholarly journals Artificial intelligence, Digital Single Market and the proposal of a right to fair and reasonable inferences: a legal issue between ethics and techniques

2019 ◽  
Vol 5 (2) ◽  
pp. 75-91
Author(s):  
Alexandre Veronese ◽  
Alessandra Silveira ◽  
Amanda Nunes Lopes Espiñeira Lemos
Keyword(s):  
Artificial Intelligence ◽  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Legal Framework ◽  
Single Market ◽  
Legal Issue ◽  
The European Union ◽  
European Union Law ◽  
General Data Protection Regulation

The article discusses the ethical and technical consequences of Artificial intelligence (hereinafter, A.I) applications and their usage of the European Union data protection legal framework to enable citizens to defend themselves against them. This goal is under the larger European Union Digital Single Market policy, which has concerns about how this subject correlates with personal data protection. The article has four sections. The first one introduces the main issue by describing the importance of AI applications in the contemporary world scenario. The second one describes some fundamental concepts about AI. The third section has an analysis of the ongoing policies for AI in the European Union and the Council of Europe proposal about ethics applicable to AI in the judicial systems. The fourth section is the conclusion, which debates the current legal mechanisms for citizens protection against fully automated decisions, based on European Union Law and in particular the General Data Protection Regulation. The conclusion will be that European Union Law is still under construction when it comes to providing effective protection to its citizens against automated inferences that are unfair or unreasonable.

scholarly journals The GDPR as Global Data Protection Regulation?

AJIL Unbound ◽  
2020 ◽  
Vol 114 ◽  
pp. 5-9 ◽  
Author(s):  
Cedric Ryngaert ◽  
Mistale Taylor
Keyword(s):  
International Law ◽  
Data Protection ◽  
Personal Data ◽  
Fundamental Rights ◽  
General Data Protection Regulation ◽  
Data Protection Directive ◽  
Protection Legislation ◽  
General Data ◽  
Global Data ◽  
The Eu

The deterritorialization of the Internet and international communications technology has given rise to acute jurisdictional questions regarding who may regulate online activities. In the absence of a global regulator, states act unilaterally, applying their own laws to transborder activities. The EU's “extraterritorial” application of its data protection legislation—initially the Data Protection Directive (DPD) and, since 2018, the General Data Protection Regulation (GDPR)—is a case in point. The GDPR applies to “the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to: (a) the offering of goods or services . . . to such data subjects in the Union; or (b) the monitoring of their behaviour . . . within the Union.” It also conditions data transfers outside the EU on third states having adequate (meaning essentially equivalent) data protection standards. This essay outlines forms of extraterritoriality evident in EU data protection law, which could be legitimized by certain fundamental rights obligations. It then looks at how the EU balances data protection with third states’ countervailing interests. This approach can involve burdens not only for third states or corporations, but also for the EU political branches themselves. EU law viewed through the lens of public international law shows how local regulation is going global, despite its goal of protecting only EU data subjects.

EU Data Protection Law: The Review of Directive 95/46/EC and the General Data Protection Regulation

2017 ◽  
Author(s):  
Peter Hustinx
Keyword(s):  
Data Protection ◽  
Legal Framework ◽  
Fundamental Rights ◽  
Full Potential ◽  
General Data Protection Regulation ◽  
Gradual Development ◽  
Charter Of Fundamental Rights ◽  
General Data ◽  
Data Protection Law ◽  
The Difference

This chapter looks at the origins and the current state of EU data protection law, and highlights the context of the ongoing review of Directive 95/46/EC as its key instrument, as well as the main lines of the proposed General Data Protection Regulation which will replace the Directive in the near future. The analysis shows a gradual development along two lines: one aiming at stronger rights in order to provide more effective protection, and one ensuring more consistent application of those rights across the EU. It also demonstrates the increasing impact of the Charter of Fundamental Rights, both in the case law of the Court of Justice and in the review of the legal framework. At the same time, it is argued that a lack of awareness of the difference in character between Articles 7 and 8 of the Charter could prevent Article 8 from reaching its full potential.

scholarly journals Wearable Technologies and Smart Clothes in the Fashion Business: Some Issues Concerning Cybersecurity and Data Protection

Laws ◽  
2020 ◽  
Vol 9 (2) ◽  
pp. 12
Author(s):  
Giovanni Ziccardi
Keyword(s):  
Data Protection ◽  
Legal Framework ◽  
Wearable Devices ◽  
Point Of View ◽  
Fundamental Rights ◽  
Management Policy ◽  
Digital Society ◽  
General Data Protection Regulation ◽  
Need To Evaluate ◽  
The Individual

Wearable devices and smart clothes give rise to pivotal technological and legal issues in the fashion business. The cybersecurity attention in the digital society, and the advent of General Data Protection Regulation No. 2016/679 (GDPR) in the European, and global, legal framework, implied the need to evaluate which norms and aspects of the European Regulation could apply to wearable devices, which are becoming more and more invasive. Wearable devices are, first of all (and from a data protection point of view), intrusive tools that can put users’ personal (and intimate) data at risk. In particular, we will discuss the aspects of the spread of an accountability “culture” (also) in the fashion business, the need for correct management policy of data breaches, the rights of transparency for users/customers who are using wearable devices and smart clothes, and respect for the dignity and nondiscrimination of the individual during the data collection and processing. These are, all, fundamental points: the protection of the individual’s data in the digital landscape is, in fact, strictly connected to the protection of his/her fundamental rights in the modern digital society.

scholarly journals Mass data gathering and surveillance: the fight against facial recognition technology in the globalized world

2020 ◽  
Vol 74 ◽  
pp. 03006
Author(s):  
Irena Nesterova
Keyword(s):  
San Francisco ◽  
Data Protection ◽  
Facial Recognition ◽  
Data Gathering ◽  
Legal Framework ◽  
Fundamental Rights ◽  
General Data Protection Regulation ◽  
The Us ◽  
The Impact ◽  
The Eu

The growing use of facial recognition technologies has put them under the regulatory spotlight all around the world. The EU considers to regulate facial regulation technologies as a part of initiative of creating ethical and legal framework for trustworthy artificial intelligence. These technologies are attracting attention of the EU data protection authorities, e.g. in Sweden and the UK. In May, San Francisco was the first city in the US to ban police and other government agencies from using facial recognition technology, soon followed by other US cities. The paper aims to analyze the impact of facial recognition technology on the fundamental rights and values as well as the development of its regulation in Europe and the US. The paper will reveal how these technologies may significantly undermine fundamental rights, in particular the right to privacy, and may lead to prejudice and discrimination. Moreover, alongside the risks to fundamental rights a wider impact of these surveillance technologies on democracy and the rule of law needs to be assessed. Although the existing laws, in particular the EU General Data Protection Regulation already imposes significant requirements, there is a need for further guidance and clear regulatory framework to ensure trustworthy use of facial recognition technology.

Introducing Key Elements Regarding Access to Personal Data for Scientific Research in the Perspective of Developing Innovative Medicines

2020 ◽  
Vol 27 (3) ◽  
pp. 195-212
Author(s):  
Jean Herveg ◽  
Annagrazia Altavilla
Keyword(s):  
Data Protection ◽  
Open Data ◽  
Scientific Research ◽  
Personal Data ◽  
Private Life ◽  
Fundamental Rights ◽  
Future Research ◽  
General Data Protection Regulation ◽  
Public Sector Information ◽  
General Data

Abstract This article aims at opening discussions and promoting future research about key elements that should be taken into account when considering new ways to organise access to personal data for scientific research in the perspective of developing innovative medicines. It provides an overview of these key elements: the different ways of accessing data, the theory of the essential facilities, the Regulation on the Free Flow of Non-personal Data, the Directive on Open Data and the re-use of public sector information, and the General Data Protection Regulation (GDPR) rules on accessing personal data for scientific research. In the perspective of fostering research, promoting innovative medicines, and having all the raw data centralised in big databases localised in Europe, we suggest to further investigate the possibility to find acceptable and balanced solutions with complete respect of fundamental rights, as well as for private life and data protection.

Sign in / Sign up

Export Citation Format

Share Document