Consumer Privacy Protection in the European Union

2012 ◽  
pp. 331-349
Author(s):  
Faye Fangfei Wang
Keyword(s):  
Information Systems ◽  
Privacy Protection ◽  
Data Privacy ◽  
Personal Data ◽  
The European Union ◽  
Consumer Privacy ◽  
Protection Legislation ◽  
Data Privacy Protection ◽  
Enforcement Mechanisms ◽  
The Eu

With the development of automated information systems, consumers’ decisions can be made based on models of individuals’ preferences without any personal interaction. This raises serious concerns regarding data-privacy protection. Up-to-date legislation and appropriate technological measures are needed to enhance lawful access, process, and storage of sensitive personal data under automated information systems. This chapter provides the general interpretation of the requirements of security, personal data breach notification systems, and enforcement mechanisms according to the EU data privacy protection legislation. It aims to examine and evaluate whether the EC Data Protection Directive in 1995 and the new EC e-Privacy Directive amended by the Directive 2009/136/EC are sufficient to ensure the security of the future development of automated information systems that automatically capture, process, store, and analyse sensitive personal data across the EU countries. It discusses the impact of the EC directives to business organizations and proposes solutions to enhance the protection of users’/consumers’ privacy from a legal perspective.

scholarly journals Apply or not to apply?

2020 ◽  
Vol 4 (2) ◽  
pp. 81-94
Author(s):  
Matúš Mesarčík
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
The European Union ◽  
Privacy Regulation ◽  
New Era ◽  
General Data Protection Regulation ◽  
Consumer Privacy ◽  
Privacy Act ◽  
General Data ◽  
The Eu

A new era of data protection laws arises after the adoption of the General Data Protection Regulation (GDPR) in the European Union. One of the newly adopted regulations of processing of personal data is Californian Consumer Privacy Act commonly referred to as CCPA. The article aims to fill the gap considering a deep analysis of the territorial scope of both acts and practical consequences of the application. The article starts with a brief overview of privacy regulation in the EU and USA. Introduction to GDPR and CCPA follows focusing on the territorial scope of respective legislation. Three scenarios of applicability are derived in the following part including practical examples.

scholarly journals Data Privacy Protection in News Crowdfunding in the Era of Artificial Intelligence

2022 ◽  
Vol 30 (7) ◽  
pp. 1-16
Author(s):  
Zhiqiang Xu ◽  
Dong Xiang ◽  
Jialiang He
Keyword(s):  
Artificial Intelligence ◽  
College Students ◽  
Privacy Protection ◽  
Data Privacy ◽  
Personal Data ◽  
Survey Method ◽  
Personal Credit ◽  
Privacy Measures ◽  
Neural Network Prediction ◽  
Data Privacy Protection

This paper aims to study the protection of data privacy in news crowdfunding in the era of artificial intelligence. This paper respectively quotes the encryption algorithm of artificial intelligence data protection and the BP neural network prediction model to analyze the data privacy protection in news crowdfunding in the artificial intelligence era. Finally, this paper also combines the questionnaire survey method to understand the public’s awareness of privacy. The results of this paper show that artificial intelligence can promote personal data awareness and privacy, improve personal data and privacy measures and methods, and improve the effectiveness and level of privacy and privacy. In the analysis, the survey found that male college students only have 81.1% of the cognition of personal trait information, only 78.5% of network trace information, and only 78.3% of female college students’ cognition of personal credit.

Data Protection Commissioner v. Facebook Ireland Ltd. and Maximillian Schrems (C.J.E.U.)

2021 ◽  
Vol 60 (1) ◽  
pp. 53-98
Author(s):  
Michael S. Aktipis ◽  
Ron B. Katwan
Keyword(s):  
Data Protection ◽  
Data Privacy ◽  
Personal Data ◽  
The United States ◽  
Transfer Mechanism ◽  
The European Union ◽  
Privacy Concerns ◽  
General Data Protection Regulation ◽  
General Data ◽  
The Eu

On July 16, 2020, the Court of Justice of the European Union (CJEU) issued its ruling in Data Protection Commissioner v. Facebook Ireland Limited and Maximillian Schrems, commonly known as Schrems II, invalidating the EU–U.S. Privacy Shield as a valid transfer mechanism under the EU's General Data Protection Regulation (GDPR) and creating significant legal uncertainty for the continued availability of another widely used transfer mechanism, Standard Contractual Clauses (SCCs), for transfers of EU personal data from commercial entities in the EU to the United States. The widely anticipated ruling marked the second time in five years that the CJEU had invalidated the legal foundation for such data transfers, which in both cases had been the result of a carefully negotiated compromise balancing European data privacy concerns with statutory and constitutional limitations of the U.S. system (see Schrems I).

scholarly journals Data Privacy in Electronic Commerce: Analysing Legal Provisions in Iran

2016 ◽  
Vol 9 (7) ◽  
pp. 133
Author(s):  
Parviz Bagheri ◽  
Kamal Halili Hassan
Keyword(s):  
Electronic Commerce ◽  
Privacy Protection ◽  
Data Privacy ◽  
Personal Data ◽  
Legal Protection ◽  
Internet Commerce ◽  
Protection Measures ◽  
Legal Provisions ◽  
Commerce Law ◽  
Data Privacy Protection

This article discusses the legal protection of data privacy in electronic commerce in Iran. Currently, there is a gap in respect of data privacy protection in Iran as there is no specific privacy legislation in force. Consequently, e-consumers dealing in internet commerce are less protected. However there are rules and regulations in the laws in Iran such as the Islamic Republic (IR) of Iran Constitution, Computer Crimes Act, Penal Code, and Civil Liability Act which relate to privacy in general, although not directly related to data privacy in e-commerce. The Electronic Commerce Law (ECL) is the main legislation in Iran which contains some provisions on personal data privacy. This article discusses the relevant provisions in the ECL pertaining to data messages and privacy and interprets its various meanings to determine whether they are in line with well established principles found in good data privacy protection measures.

scholarly journals THE RIGHT TO DATA PROTECTION VERSUS “SECURITY”

2020 ◽  
Vol 15 (36) ◽  
pp. 209-232
Author(s):  
Marcos Vinicius Viana da Silva ◽  
Erick Da Luz Scherf ◽  
Jose Everton Da Silva
Keyword(s):  
Data Protection ◽  
Privacy Protection ◽  
Data Privacy ◽  
Personal Data ◽  
Fundamental Rights ◽  
State Of Exception ◽  
Personal Data Protection ◽  
Data Privacy Protection ◽  
Rights Discourse ◽  
The Right

The protection of personal data in the cyberspace has been an issue of concern for quite some time. However, with the revolutions in information technology, big data and the internet of things, data privacy protection has become paramount in an era of free information flows. Considering this context, this research intends to shine a light on the experience of Brazil regarding data privacy protection, through the analysis of a brand new bill passed by Congress: the Brazilian General Personal Data Protection Act. Our assessment of the legislation was made from the perspective of a human rights-based approach to data, aiming to analyze both advancements, limitations and contradictions of the rights-discourse in the LGPD. Our main conclusions were that the (public and national) security rhetoric, also present in the bill, can create a state of exception regarding the processing of personal data of those considered “enemies of the state”, which may result in violations of fundamental rights and procedural guarantees.

scholarly journals To What Extent are Consumers Harmed in the Digital Market from the Perspective of the GDPR?

2021 ◽  
Vol 04 (08) ◽  
Author(s):  
Ammar Younas ◽  
Keyword(s):  
Data Processing ◽  
Data Protection ◽  
Personal Data ◽  
The European Union ◽  
General Data Protection Regulation ◽  
Legal Instrument ◽  
Protection Legislation ◽  
High Level ◽  
Existing Data ◽  
The Eu

The European Union has recently enacted a new law, the General Data Protection Regulation (GDPR),1 which is designed to strengthen existing data protection legislation in the EU. The selection of Regulation itself as a legal instrument makes the GDPR stronger than Directive as it ensures a uniform and consistent implementation of rules thereby, consolidating the EU digital single market. The GDPR reforms existing data protection policy by imposing more stringent obligations on not only data controllers but also on data processors relating to obtaining a valid consent,2 ensuring transparency of automated decision making3 and security of data processing,4 and by providing new rights for data subjects. Data subjects are entitled to withdraw their consent,5 request their data to be transferred to another data controller6 or to be deleted.7 Also, the GDPR includes certain principles aimed at regulating its cross border transfers of the EU citizens’ personal data to ensure a high level of protection outside the EU.8 Taking into account the above mentioned policies along with others, some scholars describe the GDPR as ‘the most consequential regulatory development in information policy in generation’ that has teeth.9 However, the GDPR cannot be claimed as a legal instrument that effectively deals with all threats of the digital market to consumers. This paper argues that although the GDPR has considerably expanded the rights of consumers thereby, enabling them to regain control over their personal data to certain extent, the effectiveness of its principles is limited and cannot ensure full security of data processing. Firstly, it examines the effectiveness of consent principle of the GDPR in empowering consumers to control over their data and make a genuine choice. Secondly, it analyzes “data control-rights” of consumers. Finally, it comprehensively discusses extraterritorial application of the GDPR and regulation of international transfers of data.

A federated interpretable scorecard and its application in credit scoring

2021 ◽  
pp. 2142009
Author(s):  
Fanglan Zheng ◽  
Erihe ◽  
Kun Li ◽  
Jiang Tian ◽  
Xiaojia Xiang
Keyword(s):  
Privacy Protection ◽  
Data Privacy ◽  
Credit Scoring ◽  
Training Session ◽  
Model Performance ◽  
Parameter Tuning ◽  
Kolmogorov Smirnov ◽  
Data Privacy Protection ◽  
Tuning Process ◽  
Positive Coefficients

In this paper, we propose a vertical federated learning (VFL) structure for logistic regression with bounded constraint for the traditional scorecard, namely FL-LRBC. Under the premise of data privacy protection, FL-LRBC enables multiple agencies to jointly obtain an optimized scorecard model in a single training session. It leads to the formation of scorecard model with positive coefficients to guarantee its desirable characteristics (e.g., interpretability and robustness), while the time-consuming parameter-tuning process can be avoided. Moreover, model performance in terms of both AUC and the Kolmogorov–Smirnov (KS) statistics is significantly improved by FL-LRBC, due to the feature enrichment in our algorithm architecture. Currently, FL-LRBC has already been applied to credit business in a China nation-wide financial holdings group.

Sign in / Sign up

Export Citation Format

Share Document