scholarly journals Online Behavior Recognition: Can We Consider It Biometric Data under GDPR?

2018 ◽  
Vol 12 (2) ◽  
pp. 161-178 ◽  
Author(s):  
Alžběta Krausová
Keyword(s):  
Behavior Analysis ◽  
Data Protection ◽  
Electronic Devices ◽  
Legal Interpretation ◽  
Online Behavior ◽  
Biometric Data ◽  
General Data Protection Regulation ◽  
Future Behavior ◽  
Biometric Template ◽  
General Data

Our everyday use of electronic devices and search for various contents online provides valuable insights into our functioning and preferences. Companies usually extract and analyze this data in order to predict our future behavior and to tailor their marketing accordingly. In terms of the General Data Protection Regulation such practice is called profiling and is subject to specific rules. However, the behavior analysis can be used also for unique identification or verification of identity of a person. Therefore, this paper claims that under certain conditions data about online behavior of an individual fall into the category of biometric data within the meaning defined by the GDPR. Moreover, this paper claims that profiling of a person can not only be done upon existing biometric data as biometric profiling but it can also lead to creation of new biometric data by constituting a new biometric template. This claim is based both on legal interpretation of the concepts of biometric data, unique identification, and profiling as well as analysis of existing technologies. This article also explains under which conditions online behavior can be considered biometric data under the GDPR, at which point profiling results in creation of new biometric data and what are the consequences for a controller and data subjects.

scholarly journals Analysis of Biometric Data Under the General Data Protection Regulation

2019 ◽  
Vol 8 (2) ◽  
pp. 88-111 ◽  
Author(s):  
Ján Matejka ◽  
Soňa Matochová ◽  
Josef Prokeš
Keyword(s):  
Data Protection ◽  
Biometric Data ◽  
General Data Protection Regulation ◽  
General Data

A Layered Approach to Jurisdiction

2017 ◽  
Author(s):  
Dan Jerker B. Svantesson
Keyword(s):  
Data Protection ◽  
Data Privacy ◽  
General Data Protection Regulation ◽  
Legal Rules ◽  
Privacy Laws ◽  
Scope Of Application ◽  
General Data ◽  
Layered Approach ◽  
Substantive Law

This chapter observes how it may be inappropriate to apply a single jurisdictional threshold to diverse instruments such as data privacy laws. In the light of this observation, a proposal is outlined for a ‘layered approach’ under which the substantive law rules of such instruments are broken up into different layers, with different jurisdictional thresholds applied to each such layer. This layered approach is discussed primarily as a technique to be utilized in legal drafting, but it may also be applied in the interpretation and application of legal rules. Article 3 of the European Union’s General Data Protection Regulation, which determines that regulation’s scope of application in a territorial sense, provides a particularly useful lens through which to approach this topic and, thus, the discussion is largely centred around that Article.

Sign in / Sign up

Export Citation Format

Share Document