Table of Data Protection and Privacy Law Instruments Regulating Transborder Data Flows

Article 13 (Information to be provided where personal data are collected from the data subject); Article 14 (Information to be provided where personal data have not been obtained from the data subject); Article 15 (Right of access by the data subject); Article 24 (Responsibility of the controller); Article 32 (Security of processing); Article 35 (Data protection impact assessment); Article 37 (Designation of a data protection officer); Article 49 (Derogations for specific situations concerning transborder data flows); Article 83 (General conditions for imposing administrative fines)

Download Full-text

Data Protection

Commentary on the European Insolvency Regulation ◽

10.1093/oso/9780198727286.003.0006 ◽

2016 ◽

Author(s):

Tibor Tajti

Keyword(s):

Data Protection ◽

Personal Data ◽

Commercial Law ◽

Insolvency Law ◽

Member States ◽

Privacy Law ◽

Data Protection Directive ◽

Data Protection Law ◽

Made In

Chapter VI is a new chapter in the EIR. Its presence signals the importance that data protection law has gained in Europe since the adoption of the Data Protection Directive 95/46/EC (DPD) and Regulation 45/2001. Although the DPD is not—though it comes close to—a maximum harmonisation directive, its implementation by Member States by the end of 1998 increased data protection standards on national levels as well. Yet the concrete reason that led to the addition of this Chapter is the expanded scope of the EIR as far as the exchange and publication of personal data is concerned. The expansion and thus the enhanced need for data protection is due in particular to the provision made in the recast EIR for newly established interconnected national insolvency registers, accessible via the European e-Justice Portal. This provision has been made at a time when data protection law is increasingly recognised as a ‘stand-alone’ subject, emancipated from privacy law, as expressed indirectly also by the popularisation of the ‘data protection’ nomenclature originating in the German term ‘Datenschutz’. This has clear implications for private and commercial law, including insolvency law.

Download Full-text

Privacy and Manipulation in the Digital Age

Theoretical Inquiries in Law ◽

10.1515/til-2019-0006 ◽

2019 ◽

Vol 20 (1) ◽

pp. 157-188 ◽

Cited By ~ 9

Author(s):

Tal Z. Zarsky

Keyword(s):

Data Protection ◽

Digital Age ◽

Policy Option ◽

The Other ◽

Legal Intervention ◽

Future Directions ◽

Privacy Law ◽

Intuitive Appeal ◽

Visceral Response ◽

Policy Setting

Abstract The digital age brings with it novel forms of data flow. As a result, individuals are constantly being monitored while consuming products, services and content. These abilities have given rise to a variety of concerns, which are most often framed using “privacy” and “data protection”-related paradigms. An important, oft-noted yet undertheorized concern is that these dynamics might facilitate the manipulation of subjects; a process in which firms strive to motivate and influence individuals to take specific steps and make particular decisions in a manner considered to be socially unacceptable. That it is important and imperative to battle manipulation carries with it a strong intuitive appeal. Intuition, however, does not always indicate the existence of a sound justification or policy option. For that, a deeper analytic and academic discussion is called for. This Article begins by emphasizing the importance of addressing the manipulation-based argument, which derives from several crucial problems and flaws in the legal and policy setting currently striving to meet the challenges of the digital age. Next, the Article examines whether the manipulation-based concerns are sustainable, or are merely a visceral response to changing technologies which cannot be provided with substantial analytical backing. Here the Article details the reasons for striving to block manipulative conduct and, on the other hand, reasons why legal intervention should be, in the best case, limited. The Article concludes with some general implications of this discussion for the broader themes and future directions of privacy law, while trying to ascertain whether the rise of the manipulation-based discourse will lead to information privacy’s expansion or perhaps its demise.

Download Full-text

ECJ ruling further dims EU-US data protection outlook

Emerald Expert Briefings ◽

10.1108/oxan-db206050 ◽

2015 ◽

Keyword(s):

Data Storage ◽

Data Protection ◽

The United States ◽

The Internet ◽

Content Type ◽

Transatlantic Trade ◽

Data Flows ◽

The Us ◽

Trade And Investment ◽

The Eu

Significance The ECJ ruling could add to potential disruptions to transatlantic commercial data flows arising from the EU's developing data protection regime that a study for the US Chamber of Commerce valued at 0.8-1.3% of EU GDP. The ruling weakens the United States in negotiations over the new EU regime, as well as over the Transatlantic Trade and Investment Partnership (TTIP). Impacts The ruling may bolster development of EU-based cloud facilities as EU users seek to avoid the risks of US-based data storage. This could reduce US firms' estimated 76% share of the EU cloud market. It would also lead to further fragmentation of the internet as a global resource.

Download Full-text

The Law and Finance of Initial Coin Offerings

Cryptoassets ◽

10.1093/oso/9780190077310.003.0006 ◽

2019 ◽

pp. 117-156 ◽

Cited By ~ 1

Author(s):

Aurelio Gurrea-Martínez ◽

and Nydia Remolina

Keyword(s):

Corporate Governance ◽

Money Laundering ◽

Data Protection ◽

Law And Finance ◽

Privacy Law ◽

Section Viii ◽

The Law ◽

Financial Challenges ◽

Insolvency Proceedings ◽

Initial Coin Offerings

This chapter analyzes the legal and financial aspects of Initial Coin Offerings (ICOs). Section I examines the concept, features, and structure of an ICO. Section II analyzes the different regulatory approaches to deal with ICOs. Section III provides an overview of some of the accounting and financial challenges ICOs generate. Section VI focuses on the corporate governance aspects of ICOs. Section V analyzes how ICOs may raise issues related to money laundering, and how regulators and policymakers can deal with these problems. Section VI provides an overview of the challenges of ICOs from the perspective of privacy law and data protection. Section VII examines how insolvency may affect the issuer and buyer of tokens, and how insolvency jurisdictions should deal with those issues arising in insolvency proceedings involving cryptoassets. Finally, Section VIII discusses the jurisdictional issues arising in ICOs.

Download Full-text

CETA, TTIP, TiSA, and Data Protection

10.1093/oso/9780198808893.003.0007 ◽

2017 ◽

Cited By ~ 1

Author(s):

Walter Berka

Keyword(s):

Data Protection ◽

Data Privacy ◽

Trade Agreements ◽

Safe Harbor ◽

Digital Services ◽

Data Flows ◽

The Us ◽

Protection Legislation ◽

European Side ◽

The Eu

Trade agreements cannot avoid dealing with digital services and data sharing. In the cases of TTIP, CETA, and TiSA, different concepts of data protection collide and it is the fear of the European side that the EU’s acquis on data privacy could get compromised through the liberalization of data flows. This chapter analyses the possible impact of these agreements on data protection. It refers to the European Parliament’s call to include a horizontal self-standing clause in TTIP to exclude the current and future EU data protection legislation from being traded in TTIP, a claim which is based on Article XIV of the GATS. In dealing with these issues, it will be considered further that the EU and the US are discussing data transfers and data protection in other fora as well, namely on the tracks of the new Safe Harbor Agreement and the Data Protection Umbrella Agreement.

Download Full-text

Security and Confidentiality Approach for the Clinical E-Science Framework (CLEF)

Methods of Information in Medicine ◽

10.1055/s-0038-1633945 ◽

2005 ◽

Vol 44 (02) ◽

pp. 193-197 ◽

Cited By ~ 9

Author(s):

P. Singleton ◽

J. Milan ◽

J. MacKay ◽

D. Detmer ◽

A. Rector ◽

...

Keyword(s):

Cancer Patients ◽

Data Protection ◽

Health Record ◽

Patient Privacy ◽

Data Flows ◽

Rich Information ◽

Science Framework ◽

Privacy And Confidentiality ◽

Meet Data ◽

Additional Monitoring

Summary Objectives: CLEF is an MRC sponsored project in the E-Science programme that aims to establish methodologies and a technical infrastructure for the next generation of integrated clinical and bioscience research. Methods: The heart of the CLEF approach to this challenge is to design and develop a pseudonymised repository of histories of cancer patients that can be accessed by researchers. Robust mechanisms and policies have been developed to ensure that patient privacy and confidentiality are preserved while delivering a repository of such medically rich information for the purposes of scientific research. Results: This paper summarises the overall approach adopted by CLEF to meet data protection requirements, including the data flows, pseudonymisation measures and additional monitoring policies that are currently being developed. Conclusion: Once evaluated, it is hoped that the CLEF approach can serve as a model for other distributed electronic health record repositories to be accessed for research.

Download Full-text

Data Protection in EU Law

Personal Data Privacy and Protection in a Surveillance Era ◽

10.4018/978-1-60960-083-9.ch016 ◽

2011 ◽

pp. 273-297 ◽

Cited By ~ 4

Author(s):

Maria Tzanou

Keyword(s):

Data Protection ◽

Fundamental Rights ◽

European Court Of Justice ◽

Eu Law ◽

National Courts ◽

Court Of Justice ◽

European Court ◽

Data Protection Directive ◽

Data Flows ◽

Court Of First Instance

This chapter aims to discuss the possibilities and limitations of the EU to provide for an effective and comprehensive data protection regime. In this respect, it presents an analysis of the data protection rules in EU law by examining the relevant constitutional and secondary law framework. It analyzes the jurisprudence of the European Court of Justice and the Court of First Instance on data protection issues, and argues that the European Court of Justice has interpreted an internal market measure (the Data Protection Directive) in such a way so as to foster the protection of fundamental rights. However, when it comes to the balancing between fundamental rights the Court leaves the question to be resolved by national courts. Finally, the contribution assesses the transborder data flows regime established by the Data Protection Directive and attempts to draw some conclusions on whether the ‘adequate protection’ test ensures a high protection in such flows.

Download Full-text