Human rights and biometric data. Social credit system

2020 ◽  
pp. 36-50
Author(s):  
Olga O. Bazina
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Pilot Project ◽  
The European Union ◽  
Credit System ◽  
Biometric Data ◽  
General Data Protection Regulation ◽  
Social Credit ◽  
The Social

Biometrics, as a field of science, analyzes the physical and behavioral characteristics of people in order to identify their personality. A huge amount of technology in the field of biometric data collection is developed by IT giants like Google, Facebook, or Alibaba. The European Union (EU) took an important step towards biometric data confidentiality by developing a unified law on the protection of personal data (General Data Protection Regulation, GDPR). The main goal of this action is to return control over personal data to European citizens and at the same time simplify the regulatory legal basis for companies. While European countries and organisations are introducing the GDPR into force, China since 2016 has launched a social credit system as a pilot project. The Social Credit Score (SCS) is based on collecting the maximum amount of data about citizens and assessing the reliability of residents based on their financial, social and online behavior. Only critical opinions can be read about the social credit system in European literature, although the opinions of persons being under this system – Chinese citizens – are quite positive. In this context, we should not forget about the big difference in the mentality of Asians and Europeans. The aim of this article is to compare EU law and the legislation of the People's Republic of China regarding the use and storage of biometric data. On the basis of statistical data and materials analysed, key conclusions will be formulated, that will allow to indicate differences in the positions of state institutions and the attitude of citizens to the issue of personal data protection in China and the European Union.

scholarly journals Social credit mechanisms and modern standards of legal protection of personal data: correspondence problems

2021 ◽  
pp. 174-189
Author(s):  
Roman Z. Rouvinsky
Keyword(s):  
Public Administration ◽  
Data Protection ◽  
Management Practices ◽  
Personal Information ◽  
Personal Data ◽  
Legal Protection ◽  
The European Union ◽  
Credit System ◽  
General Data Protection Regulation ◽  
Social Credit

The subject of this article is the problem of correspondence of the practices of digital profiling and social score, which imply collection and analysis of biographical (reputational) information, to the worldwide-accepted standards of protection of personal data and privacy. Analysis is conducted on the legislation of the People's Republic of China – the country that in recent years has implemented the “Social Credit System” in the sphere of public administration. This project consists of management practices, which are viewed through the prism of the legal model of personal data protection formed by the Law in Protection of Personal Information adopted in 2021. The peculiarity of this research is its comparative legal nature: the provisions of China’s legislation are juxtaposed to the provisions of the General Data Protection Regulation adopted in the European Union and Russia’s Federal Law “On Personal Data”. Assessment is given to the European and Russian models of regulation of operations with personal data in the context of possible implementation of digital profiling practices, social score (ranking, grading), and automated law enforcement decision-making. Having determined the gaps in the current Russian and EU legislation on personal data, and indicating the risk caused by the presence of blanket rules, the conclusion is made according to which the modern legislation on personal data can be an obstacle for arbitrary use of such data; however, it cannot stop the implementation of innovative technologies, mechanisms and practices that suggest using registry and biographical information of individuals for the purpose of social control into the public administration.

scholarly journals Data Sharing Under the General Data Protection Regulation

Hypertension ◽  
2021 ◽  
Vol 77 (4) ◽  
pp. 1029-1035
Author(s):  
Antonia Vlahou ◽  
Dara Hallinan ◽  
Rolf Apweiler ◽  
Angel Argiles ◽  
Joachim Beige ◽  
...  
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Research Approach ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
Protection Legislation ◽  
General Data ◽  
Almost All

The General Data Protection Regulation (GDPR) became binding law in the European Union Member States in 2018, as a step toward harmonizing personal data protection legislation in the European Union. The Regulation governs almost all types of personal data processing, hence, also, those pertaining to biomedical research. The purpose of this article is to highlight the main practical issues related to data and biological sample sharing that biomedical researchers face regularly, and to specify how these are addressed in the context of GDPR, after consulting with ethics/legal experts. We identify areas in which clarifications of the GDPR are needed, particularly those related to consent requirements by study participants. Amendments should target the following: (1) restricting exceptions based on national laws and increasing harmonization, (2) confirming the concept of broad consent, and (3) defining a roadmap for secondary use of data. These changes will be achieved by acknowledged learned societies in the field taking the lead in preparing a document giving guidance for the optimal interpretation of the GDPR, which will be finalized following a period of commenting by a broad multistakeholder audience. In parallel, promoting engagement and education of the public in the relevant issues (such as different consent types or residual risk for re-identification), on both local/national and international levels, is considered critical for advancement. We hope that this article will open this broad discussion involving all major stakeholders, toward optimizing the GDPR and allowing a harmonized transnational research approach.

scholarly journals Artificial intelligence, Digital Single Market and the proposal of a right to fair and reasonable inferences: a legal issue between ethics and techniques

2019 ◽  
Vol 5 (2) ◽  
pp. 75-91
Author(s):  
Alexandre Veronese ◽  
Alessandra Silveira ◽  
Amanda Nunes Lopes Espiñeira Lemos
Keyword(s):  
Artificial Intelligence ◽  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Legal Framework ◽  
Single Market ◽  
Legal Issue ◽  
The European Union ◽  
European Union Law ◽  
General Data Protection Regulation

The article discusses the ethical and technical consequences of Artificial intelligence (hereinafter, A.I) applications and their usage of the European Union data protection legal framework to enable citizens to defend themselves against them. This goal is under the larger European Union Digital Single Market policy, which has concerns about how this subject correlates with personal data protection. The article has four sections. The first one introduces the main issue by describing the importance of AI applications in the contemporary world scenario. The second one describes some fundamental concepts about AI. The third section has an analysis of the ongoing policies for AI in the European Union and the Council of Europe proposal about ethics applicable to AI in the judicial systems. The fourth section is the conclusion, which debates the current legal mechanisms for citizens protection against fully automated decisions, based on European Union Law and in particular the General Data Protection Regulation. The conclusion will be that European Union Law is still under construction when it comes to providing effective protection to its citizens against automated inferences that are unfair or unreasonable.

scholarly journals GDPR implementation as the main reason for the regional fragmentation in the online mediasphere

2021 ◽  
Vol 273 ◽  
pp. 08099
Author(s):  
Mikhail Smolenskiy ◽  
Nikolay Levshin
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Main Role ◽  
The European Union ◽  
Protection Measures ◽  
General Data Protection Regulation ◽  
Personal Data Protection ◽  
The Usa ◽  
General Data

The EU’s General Data Protection Regulation (GDPR) applies not only to the territory of the European Union, but also to all information systems containing data of EU’s citizens around the world. Misusing or carelessly handling personal data bring fines of up to 20 million euros or 4% of the annual turnover of the offending company. This article analyzes the main trends in the global implementation of the GDPR. Authors considered and analyzed results of personal data protection measures in nineteen regions: The USA, Canada, China, France, Germany, India, Kazakhstan, Nigeria, Russia, South Korea and Thailand, as well as the European Union and a handful of other. This allowed identifying a direct pattern between the global tightening of EU’s citizens personal data protection and the fragmentation of the global mediasphere into separate national segments. As a result of the study, the authors conclude that GDPR has finally slowed down the globalization of the online mediasphere, playing a main role in its regional fragmentation.

scholarly journals Certain aspects of personal data protection in the social network: european experience and legislative regulation in Ukraine

2020 ◽  
Vol 9 (27) ◽  
pp. 383-390 ◽  
Author(s):  
Iryna Davydova ◽  
Olena Bernaz-Lukavetska ◽  
Semen Reznichenko
Keyword(s):  
Social Network ◽  
Data Protection ◽  
Personal Data ◽  
Eu Law ◽  
The European Union ◽  
General Data Protection Regulation ◽  
European Legislation ◽  
Personal Data Protection ◽  
The Social ◽  
The Individual

The purpose of this study is to examine some aspects of personal data protection in the social network, a comparative analysis of the protection of personal data in the social network under Ukrainian and European legislation, namely the General Data Protection Regulation of the European Union. The methods used in this work are: dialectical, comparative-legal, formal-logical, analysis and dogmatic interpretation. Each of these methods was used in the study to understand and qualitatively explain to the audience categories the individual aspects of personal data protection on the social network. This article reveals the notion of: personal data in the social network, the features of their collection, storage and protection in accordance with European legislation and the development of proposals aimed at improving these processes in Ukraine. The research also addresses the following issues: Features of managing consent to the processing of personal data that have already been obtained; who can act as an "operator" under EU law and what actions he can take; who can act as "controller" and what functions it performs. The article concludes that there is an urgent need to streamline Ukrainian domestic legislation in line with EU law, which should result in a new law on personal data protection that complies with GDPR norms. As a result, a new law on personal data protection may soon emerge in Ukraine, replacing the outdated Law of Ukraine “On Personal Data Protection” of 01.06.2010, which is a “mirror” of the repealed Directive 95/46/EC of the European Parliament and of the Council.

scholarly journals The Impact of the New European Union General Data Protection Regulation (GDPR) on Data Collection at Mass Gatherings

2019 ◽  
Vol 34 (s1) ◽  
pp. s138-s138
Author(s):  
Annelies Scholliers ◽  
Dimitri De Fré ◽  
Inge D’haese ◽  
Stefan Gogaert
Keyword(s):  
European Union ◽  
Data Collection ◽  
Data Protection ◽  
Scientific Research ◽  
Personal Data ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Mass Gatherings ◽  
General Data ◽  
The Law

Introduction:As of May 2018, a new European privacy law called the General Data Protection Regulation (GDPR) is in order. With this law, every organization operating in the European Union (EU), needs to adhere to a strict set of rules concerning collection and processing of personal data.Aim:To explore the consequences of the GDPR for data collection at mass gatherings in the European Union.Methods:Since the law was published on April 27, 2016, a thorough reading of the law was conducted by 4 persons with a background in mass gathering health. The GDPR consists of 99 articles organized into 11 chapters. There are also 173 recitals to further explain certain ambiguities. Key articles and recitals relating to healthcare and scientific research were identified. Possible pitfalls and opportunities for data collection and processing at mass gatherings were noted.Discussion:Under article 4, key definitions are noted. There is a clear definition of “data concerning health”. According to the GDPR, health data is a special category of personal data which should not be processed according to article 9(1). However, there is an exception for scientific research (article 9(2)(j)). There are a few safeguards in place, as laid out in article 89. One interesting point is that according to article 89(2), certain derogations can take place if the law interferes with scientific research. The GDPR has major consequences for data collection and processing in the EU. However, with the use of certain safeguards (e.g., pseudonymization) there are still ample opportunities for scientific research. It is important to review one’s method of data collection to make sure it complies with the GDPR.

scholarly journals DEVELOPMENT OF THE PERSONAL DATA PROTECTION FRAMEWORK – WILL THE PANDEMIC BRING NEW CHANGES?

2021 ◽  
Vol 12 ◽  
pp. 59-66
Author(s):  
Marta Mackeviča ◽  
Keyword(s):  
European Union ◽  
Data Protection ◽  
Personal Data ◽  
Legal Framework ◽  
Point Of View ◽  
The European Union ◽  
Personal Privacy ◽  
General Data Protection Regulation ◽  
Complex Concept ◽  
Personal Data Protection

The General Data Protection Regulation (hereinafter – the Regulation), which entered into force on 25 May 2018 and introduced a new legal framework for the protection of personal data in the European Union, also included a number of new rights, more precise definitions and improvements in the field of personal data protection. The three‐year period has shown that the Regulation has successfully replaced Directive 95/46/EC of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement ofsuch data, but the Covid‐19 pandemic posed the question: does the Regulation sufficiently define and explain how controllers should deal with the processing of sensitive data, or in situations where employees of companies and institutions work remotely? Data protection is a complex concept that can be analyzed from both a legal and a social point of view. Traditionally, data protection has been referred to as the protection of personal privacy in the context of processes involving the use of personal data. Prior to the implementation of the Regulation, the existing rules on the protection of personal data in the European Union were not sufficiently uniform and were implemented differently in each Member State. It contributed to the development and implementation of the Regulation, in the hope that it would modernize and promote a common data protection regime, while maintaining all the basic principles of data protection that have been followed so far. Prior to the pandemic, the Regulation successfully achieved its original objectives, but hasthe pandemic necessitated a revision of the Regulation? This article will analyze the development of the legal framework for the protection of personal data and analyze the compliance of the Regulation with the requirements arising from the effects of the pandemic.

scholarly journals Those Who Shall Be Identified: The Data Protection Aspects of the Legal Framework for Electronic Identification in the European Union

2021 ◽  
Vol 11 (2) ◽  
pp. 3-24
Author(s):  
Jozef Andraško ◽  
Matúš Mesarčík
Keyword(s):  
European Union ◽  
Data Processing ◽  
Data Protection ◽  
Mutual Recognition ◽  
Personal Data ◽  
Legal Framework ◽  
The European Union ◽  
General Data Protection Regulation ◽  
General Data

Abstract The article focuses on the intersections of the regulation of electronic identification as provided in the eIDAS Regulation and data protection rules in the European Union. The first part of the article is devoted to the explanation of the basic notions and framework related to the electronic identity in the European Union— the eIDAS Regulation. The second part of the article discusses specific intersections of the eIDAS Regulation with the General Data Protection Regulation (GDPR), specifically scope, the general data protection clause and mainly personal data processing in the context of mutual recognition of electronic identification means. The article aims to discuss the overlapping issues of the regulation of the GDPR and the eIDAS Regulation and provides a further guide for interpretation and implementation of the outcomes in practice.

scholarly journals Data Protection in the EU and its Implications on Software Development outside the EU

2019 ◽  
Vol 24 (1) ◽  
pp. 1-5
Author(s):  
Ralf Kneuper
Keyword(s):  
European Union ◽  
Software Development ◽  
Data Protection ◽  
Personal Data ◽  
Software Requirements ◽  
The European Union ◽  
General Data Protection Regulation ◽  
It Systems ◽  
General Data ◽  
The Eu

In May 2018, the General Data Protection Regulation (GDPR 2016) came into effect in the European Union (EU), defining requirements on how to handle personal data of EU citizens. This report discusses the effects of this regulation on software development organisations outside the EU, and summaries the software requirements that result from GDPR and therefore apply to most information technology (IT) systems that will handle data of individuals based in the EU.

Sign in / Sign up

Export Citation Format

Share Document