The new EP Library Catalogue allows you to search the EP collection for:
- Journals, books and articles in paper or electronic format
- EPRS and Policy Department publications
Abstract by the authors: Discusses the strategic implications of Regulation 2016/679 (GDPR) for businesses processing personal data. Considers extraterritoriality, exceptions, lawful data activities, legal basis for data processing, sensitive data, cross-border data transfers, data processors' duties, data subjects' rights and enforcement. Compares US law.
Abstract by the author: Discusses, with reference to Psara v European Parliament (T-639/15) (GC), the restrictive approach to access to documents under Regulation 1049/2001 due to data protection considerations. Reviews the legal basis of the conflicting rights, case law on Regulation 45/2001, and the reforms made by Regulation 2018/1725, including the revised public interest test. Considers the shortcomings of the current conflict, and potential solutions.
Abstract by the authors: In the data economy, many organisations, particularly SMEs may not be in a position to generate large amounts of data themselves, but may benefit from reusing data previously collected by others. Organisations that collect large amounts of data themselves may also benefit from reusing such data for other purposes than originally envisioned. However, under the current EU personal data protection legal framework, constituted by the General Data Protection Regulation, there are clear limits and restrictions to the reuse of personal data. Data can only be reused for purposes that are compatible with the original purposes for which the data were collected and processed. This is at odds with the reality of the data economy, in which there is a considerable need for data reuse. To address this issue, in this article we present the concept of a Data Reuse Impact Assessment (DRIA), which can be considered as an extension to existing Privacy and Data Protection Impact Assessments (PIAs and DPIAs). By adding new elements to these existing tools that specifically focus on the reuse of data and aspects regarding data ethics, a DRIA may typically be helpful to strike a better balance between the protection of personal data that is being reused and the need for data reuse in the data economy. Using a DRIA may contribute to increased trust among data subjects that their personal data is adequately protected. Data subjects, in turn, may then be willing to share more data, which on the long term may also be beneficial for the data economy.
Abstract by the authors: Why is Big Data absent in the recent basic data protection documents of the European Union (EU) and the Council of Europe (CoE)? Why not one single reference to Big Data practices - be it to regulate or to prohibit it - in the recent General Data Protection Regulation (EU) 2016/679, the Data Protection Law Enforcement Directive (EU) 2016/680 and the Modernised CoE Convention 108 for the Protection of Individuals with Regard to the Processing of Personal Data (Convention 108+)? Some actors in the policy field considered Big Data too dangerous and counted on existing data protection principles to tame the beast. Others simply ignored the phenomenon or were not aware of the potential benefits of Big Data for economy and governments (the rendez-vous was missed). Our discussion of no less than six recent initiatives, - standalone laws and soft law instruments - is an indication that Europe is embracing Big Data but is seemingly hesitant to confront Big Data within the classical paradigm (field) of data protection law. Concrete guidance for Big Data practices is now spread over multiple texts emanating outside the data protection field.
Abstract by the authors: Considers the impact of Brexit on data protection law where, once the UK leaves the EU, Regulation 2016/679 (GDPR) will no longer have direct effect in the UK. Notes the proposed transition period drafted under the Withdrawal Agreement. Reviews the GDPR's requirements that each Member State has a competent supervisory authority and on the appointment of data protection officers. Discusses the effect on international transfers of personal data of the UK's status as a third country.
Abstract by the authors: Given global concern over the increasing conflict between “informational privacy” and protection of online communication, this article examines the post–Google Spain impact on the right to be forgotten in the European Union and its worldwide impact.
Abstract by the author: Mit den beiden Beschlüssen zum ,,Recht auf Vergessenwerden‘‘ hat das BVerfG die EU-Grundrechtecharta zum auch mit der Verfassungsbeschwerde rügefähigen Prüfungsmaßstab erklärt. Damit und mit den differenzierten Prüfungsansätzen im unionsrechtlich vollständig determinierten und im den Mitgliedstaaten Gestaltungsspielräume lassenden Bereich hat es das ,,Kooperationsverhältnis‘‘ zum EuGH auf eine neue Grundlage gestellt. Dies erfolgte in Fällen des Datenschutzrechts als herausragendem Anwendungsfeld unionalen Grundrechtsschutzes. Der Erfolg dieses Ansatzes hängt von der gegenseitigen Kooperationsbereitschaft ab, mit der vorhandene Konfliktpotentiale entschärft werden können. Im Datenschutzrecht werfen die Präzisierung des Grundrechtsschutzes bei kollidierenden Grundrechten und die DSGVO mit ihren Öffnungsklauseln Fragen auf, die ggf. durch Vorlagen an den EuGH zu klären sind.
EPRIVACY
App Users Unwittingly in the Spotlight: A Model of Privacy Protection in Mobile Apps; V.M. Wottrich, E.A. van Reijmersdal, E.G.Smit; Journal of Consumer Affairs; 2019; Vol.53 (3); p.1056-1083
Abstract by the authors: Mobile apps are increasingly jeopardizing app users' online privacy by collecting, storing, and sharing personal data disclosed via apps. However, little is known about mobile app users' current privacy protection behavior and the factors that motivate it. Drawing on Roger's Protection Motivation Theory (PMT), this study develops and tests the App Privacy Protection Model among 1,593 Western European app users. The results demonstrate that, on the one hand, increased levels of perceived self-efficacy, vulnerability, and privacy concern enhance mobile app users' motivation to engage in risk-reducing behavior, while on the other hand, higher levels of knowledge of the data collection practices of mobile apps, app attitude, and perceived response costs diminish it. Being the first study that applies PMT in the mobile app context, this study offers several important implications regarding privacy protection in mobile apps..
Abstract by the authors: Considers why there is a need for an EU Regulation safeguarding the privacy of electronic communications and internet use, given the forthcoming entry into force of Regulation 2016/679 (General Data Protection Regulation (GDPR)). Comments on the level of consistency between the GDPR and the proposals of the draft Regulation on the respect for private life and the protection of personal data in electronic communications (e-Privacy Regulation).
Abstract by the author: Summarises the findings of a European Commission review of Directive 2002/58 (ePrivacy Directive), covering topics including: (1) its scope of application; (2) its protection of the confidentiality of communications; (3) its rules on cookies, traffic and location data and unsolicited marketing communications; and (4) its interaction with the forthcoming General Data Protection Regulation.
Abstract by the authors: On the internet, we encounter take-it-or-leave-it choices regarding our privacy on a daily basis. In Europe, online tracking for targeted advertising generally requires the internet users’ consent to be lawful. Some websites use a tracking wall, a barrier that visitors can only pass if they consent to tracking by third parties. When confronted with such a tracking wall, many people click ‘I agree’ to tracking. A survey that we conducted shows that most people find tracking walls unfair and unacceptable. We analyse under which conditions the ePrivacy Directive and the General Data Protection Regulation allow tracking walls. We provide a list of circumstances to assess when a tracking wall makes consent invalid. We also explore how the EU lawmaker could regulate tracking walls, for instance in the ePrivacy Regulation. It should be seriously considered to ban tracking walls, at least in certain circumstances.
Abstract by the authors : Cette contribution, extrêmement fouillée et très pratique, fait le point sur la réglementation applicable à la publicité ciblée, potentiellement attentatoire à la vie privée des internautes. Ce risque d’atteinte est encadré par deux textes européens, l’un visant la protection des données à caractère personnel, l’autre protégeant la vie privée (privacy). Le cumul de ces deux corps de règles rend l’encadrement de la publicité ciblée relativement complexe. Cette complexité s’accroit du fait des interprétations divergentes des textes et de leur évolution prochaine. L’analyse de ces deux textes permet de se pencher en filigrane sur la question du consentement, l’un des points phare concentrant l’attention en vue de l’entrée en vigueur du RGPD. L’application combinée de ces règles aux pratiques de la publicité ciblée n’est pas toujours aisée, également au regard de la multitude d’acteurs opérant dans ce secteur et de l’intrication de nombreux flux de données entre les acteurs. Ces pratiques font d’ailleurs régulièrement l’objet de l’attention des autorités de contrôle nationales, comme la CNIL, et des juridictions nationales comme européennes. Outre les implications de ces règles du jeu, cette étude présente des ébauches de solutions afin de remédier à l’insécurité juridique pesant sur les acteurs du secteur.
If you are unable to access the article you need, please contact us and we will get it for you as soon as possible.
| Data Protection Notice | Cookie Policy & Inventory |
 |
 |
 |
Journals on all devices |
Books, articles, EPRS publications & more |
Newspapers on all devices |