The General Data Protection Regulation and the effective protection of data subjects' rights in the online environment


Book Description

Nach einem umfassenden Überblick über die DSGVO untersucht diese Arbeit das neue Recht auf Vertretung, das in Art. 80 Abs. 1 DSGVO verankert ist. Dieses Recht ermöglicht es den betroffenen Personen, einen zuständigen Verband zu benennen, der ihre Durchsetzungsrechte ausübt, einschließlich des Rechts auf Entschädigung, vorausgesetzt, dass das Recht der Mitgliedstaaten dies zulässt. Da dieses Recht vom nationalen Recht abhängig ist, wird in dieser Arbeit untersucht, wie in den wichtigsten europäischen Gerichtsbarkeiten mit kollektiven Rechtsbehelfen gegen Massenschäden beim Datenschutz umgegangen wird, bevor ein Überblick über die allgemeine Situation in der EU und die damit verbundenen Herausforderungen gegeben wird.




The EU General Data Protection Regulation (GDPR)


Book Description

This book provides expert advice on the practical implementation of the European Union’s General Data Protection Regulation (GDPR) and systematically analyses its various provisions. Examples, tables, a checklist etc. showcase the practical consequences of the new legislation. The handbook examines the GDPR’s scope of application, the organizational and material requirements for data protection, the rights of data subjects, the role of the Supervisory Authorities, enforcement and fines under the GDPR, and national particularities. In addition, it supplies a brief outlook on the legal consequences for seminal data processing areas, such as Cloud Computing, Big Data and the Internet of Things.Adopted in 2016, the General Data Protection Regulation will come into force in May 2018. It provides for numerous new and intensified data protection obligations, as well as a significant increase in fines (up to 20 million euros). As a result, not only companies located within the European Union will have to change their approach to data security; due to the GDPR’s broad, transnational scope of application, it will affect numerous companies worldwide.




APEC Privacy Framework


Book Description




Ethical Quandaries in Business Practices: Exploring Morality and Social Responsibility


Book Description

In today's fast-paced business environment, organizations face increasingly complex ethical challenges. From navigating cultural differences in global operations to balancing profit motives with social responsibility, businesses must make moral decisions that impact their stakeholders and the broader society. However, many need more frameworks and insights to address these challenges effectively, leading to ethical dilemmas that can harm their reputation and bottom line. Ethical Quandaries in Business Practices: Exploring Morality and Social Responsibility is a practical guide for organizations and individuals grappling with ethical decision-making. Delving into real-world case studies and offering theoretical perspectives equips readers with the tools to analyze ethical challenges in various business contexts. From understanding the ethical implications of marketing strategies to promoting ethical leadership and corporate governance, this book offers actionable insights to help businesses navigate complex ethical landscapes. It also addresses the growing demand from consumers, investors, and regulators for enterprises to prioritize social responsibility, providing strategies for integrating ethical practices into organizational culture.




Guide to the GDPR


Book Description

To execute and guarantee the right to privacy and data protection within the European Union (EU), the EU found it necessary to establish a stable, consistent framework for personal data protection and to enforce it in a decisive manner. This book, the most comprehensive guide available to the General Data Protection Regulation (GDPR), is the first English edition, updated and expanded, of a bestselling book published in Poland in 2018 by a renowned technology lawyer, expert to the European Commission on cloud computing and to the Article 29 Working Party (now: the European Data Protection Board) on data transfers who in fact contributed ideas to the GDPR. The implications of major innovations of the new system – including the obligation of businesses to consult the GDPR first rather than relevant Member State legislation and the extension of the GDPR to companies located outside of the European Economic Area – are fully analysed for the benefit of lawyers and companies worldwide. Among the specific issues and topics covered are the following: insight into the tricky nature of the GDPR; rules relating to free movement of personal data; legal remedies, liability, administrative sanctions; how to prove compliance with GDPR; direct liability of subcontractors (sub-processors); managing incidents and reporting data breaches; information on when and under what conditions the GDPR rules may apply to non-EU parties; backups and encryption; how to assess risk and adjust security accordingly and document the process; guidelines of the European Data Protection Board; and the GDPR’s digest for obligated parties in a form of a draft data protection policy. The Guide often breaks down GDPR articles into checklists of specific requirements. Of special value are the numerous ready-to-adapt template compliance documents presented in Part II. Because the GDPR contains a set of new obligations and a perspective of severe administrative fines for non-compliance, this guide is an indispensable practical resource for corporate data protection officers, in-house counsel, lawyers in data protection practice, and e-commerce start-ups worldwide.




GDPR and Biobanking


Book Description

Part I Setting the scene -- Introduction: Individual rights, the public interest and biobank research 4000 (8) -- Genetic data and privacy protection -- Part II GDPR and European responses -- Biobank governance and the impact of the GDPR on the regulation of biobank research -- Controller' and processor's responsibilities in biobank research under GDPR -- Individual rights in biobank research under GDPR -- Safeguards and derogations relating to processing for archiving purposes in the scientific purposes: Article 89 analysis for biobank research -- A Pan-European analysis of Article 89 implementation and national biobank research regulations -- EEA, Switzerland analysis of GDPR requirements and national biobank research regulations -- Part III National insights in biobank regulatory frameworks -- Selected 10-15 countries for reports: Germany -- Greece -- France -- Finland -- Sweden -- United Kingdom -- Part IV Conclusions -- Reflections on individual rights, the public interest and biobank research, ramifications and ways forward. .




Modern Socio-Technical Perspectives on Privacy


Book Description

This open access book provides researchers and professionals with a foundational understanding of online privacy as well as insight into the socio-technical privacy issues that are most pertinent to modern information systems, covering several modern topics (e.g., privacy in social media, IoT) and underexplored areas (e.g., privacy accessibility, privacy for vulnerable populations, cross-cultural privacy). The book is structured in four parts, which follow after an introduction to privacy on both a technical and social level: Privacy Theory and Methods covers a range of theoretical lenses through which one can view the concept of privacy. The chapters in this part relate to modern privacy phenomena, thus emphasizing its relevance to our digital, networked lives. Next, Domains covers a number of areas in which privacy concerns and implications are particularly salient, including among others social media, healthcare, smart cities, wearable IT, and trackers. The Audiences section then highlights audiences that have traditionally been ignored when creating privacy-preserving experiences: people from other (non-Western) cultures, people with accessibility needs, adolescents, and people who are underrepresented in terms of their race, class, gender or sexual identity, religion or some combination. Finally, the chapters in Moving Forward outline approaches to privacy that move beyond one-size-fits-all solutions, explore ethical considerations, and describe the regulatory landscape that governs privacy through laws and policies. Perhaps even more so than the other chapters in this book, these chapters are forward-looking by using current personalized, ethical and legal approaches as a starting point for re-conceptualizations of privacy to serve the modern technological landscape. The book's primary goal is to inform IT students, researchers, and professionals about both the fundamentals of online privacy and the issues that are most pertinent to modern information systems. Lecturers or teachers can assign (parts of) the book for a “professional issues” course. IT professionals may select chapters covering domains and audiences relevant to their field of work, as well as the Moving Forward chapters that cover ethical and legal aspects. Academics who are interested in studying privacy or privacy-related topics will find a broad introduction in both technical and social aspects.




The European Union as Guardian of Internet Privacy


Book Description

This book examines the role of the EU in ensuring privacy and data protection on the internet. It describes and demonstrates the importance of privacy and data protection for our democracies and how the enjoyment of these rights is challenged by, particularly, big data and mass surveillance. The book takes the perspective of the EU mandate under Article 16 TFEU. It analyses the contributions of the specific actors and roles within the EU framework: the judiciary, the EU legislator, the independent supervisory authorities, the cooperation mechanisms of these authorities, as well as the EU as actor in the external domain. Article 16 TFEU enables the Court of the Justice of the EU to play its role as constitutional court and to set high standards for fundamental rights protection. It obliges the European Parliament and the Council to lay down legislation that encompasses all processing of personal data. It confirms control by independent supervisory authorities as an essential element of data protection and it gives the EU a strong mandate to act in the global arena. The analysis shows that EU powers can be successfully used in a legitimate and effective manner and that this subject could be a success story for the EU, in times of widespread euroskepsis. It demonstrates that the Member States remain important players in ensuring privacy and data protection. In order to be a success story, the key stakeholders should be prepared to go the extra mile, so it is argued in the book. The book is based on academic research for which the author received a double doctorate at the University of Amsterdam and the Vrije Universiteit Brussels. It builds on a long inside experience within the European institutions, as well as within the community of data protection and data protection authorities. It is a must read in a time where the setting of EU privacy and data protection is changing dramatically, not only as a result of the rapidly evolving information society, but also because of important legal developments such as the entry into force of the General Data Protection Regulation. This book will appeal to all those who are in some way involved in making this regulation work. It will also appeal to people interested in the institutional framework of the European Union and in the role of the Union of promoting fundamental rights, also in the wider world.




Human Aspects of Information Security and Assurance


Book Description

This book constitutes the proceedings of the 14th IFIP WG 11.12 International Symposium on Human Aspects of Information Security and Assurance, HAISA 2020, held in Mytilene, Lesbos, Greece, in July 2020.* The 27 full papers presented in this volume were carefully reviewed and selected from 43 submissions. They are organized in the following topical sections: privacy and COVID-19; awareness and training; social engineering; security behavior; education; end-user security; usable security; security policy; and attitudes and perceptions. *The symposium was held virtually due to the COVID-19 pandemic.




Processing personal data under Art. 6.1.f GDPR


Book Description

Essay from the year 2019 in the subject Law - Data protection, grade: N/A, , language: English, abstract: The goal of this article, as stipulated by its title, is to bring this complex notion to the understanding of every privacy stakeholder. The protection of personal data has been a major preoccupation of the European legislators in recent years. Apart from data protection being a fundamental Human Right, it is worth noting that almost all the other fundamental Human Rights rely on personal data. For instance, if a person’s personal data such as name, address, bank details and location falls into wrong hands as a result inappropriate data protection policies, the damages may range from financial losses to bodily harm-thus affecting the individual’s right to property, life et cetera. It is for these reasons that the General Data Protection Regulation lays down conditions under which personal data must be processed, grants a list of rights to data subjects and fixes very heavy fines that await defaulters. Among the lawful grounds for processing personal data, is the legitimate interest pursued by the controller. This ground is mostly used by online marketing companies. Considering that the GDPR gives no clear definition of "legitimate interest", this article provides a clear understanding of such interest, the circumstances under which it may arise, as well as a balancing exercise and guiding factors that would help in understanding whether the legitimate interest pursued by the controller actually overrides the fundamental rights and freedoms of the data subject-a precondition for processing personal data under such grounds.