Your search keyword '"personal data processing"' showing total 86 results

1. Understanding challenges of GDPR implementation in business enterprises: a systematic literature review

Author

Smirnova, Yelena and Travieso-Morales, Victoriano

Published

2024

2. Monitorizarea la locul de muncă. Gestionarea limitei dintre dreptul la viaţă privată şi dreptul de proprietate.

Author

MOARCĂŞ, Claudia-Ana and ZĂRNESCU, Valentina Lidia

Subjects

RIGHT of privacy, EMPLOYEE surveillance, DATA protection, CIVIL rights, TELECOMMUTING

Abstract

Copyright of Romanian Case Law Review / Revista Română de Jurisprudenţă is the property of Universul Juridic Publishing House and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2024

3. ОСНОВНІ ПРИНЦИПИ ОБРОБКИ ТА ЗАХИСТУ ПЕРСОНАЛЬНИХ ДАНИХ

Author

В. С., Галінкіна

Abstract

The development of an information society that prefers quick and remote resolution of issues, including on the Internet, raises the issue of protecting information and data disseminated and provided by personal data subjects. People do not want to transmit personal information without a clear understanding that it will be protected and not used, or to transfer it unnecessarily to third parties, because most of this information is identifying and personal, and in some cases even «sensitive». In this case, persons who transfer, process, or store personal data must be guided by legal grounds that determine the course of such actions. The fundamental concepts that must be followed in any operations with personal data are the principles. Principles are the basic framework that everyone in this process must adhere to, and failure to do so entails legal liability. The institute of personal data protection is relatively new, therefore, with the development of this institute, legislation at various levels develops and improves the basic provisions and general principles of personal data protection. At present, the general principles of personal data processing and protection can be summarised as: transparency, fairness, lawfulness, purpose limitation, data minimisation, data accuracy, data retention period limitation, data security and the princ iple of accountability. Such principles are enshrined in the General Data Protection Regulation and meet the main goal, namely to define the standards on the basis of which personal data should be collected, processed, transferred, stored, and destroyed. The existence of such principles and, most importantly, their consolidation in regulatory legal acts that are binding for all and are primarily necessary to preserve and not restrict the right to privacy and the right to protection of personal data, the right to privacy. The general principles of legitimate operations with personal information provide for notification of the person who provides his/her personal data about the purpose of processing and all the details concerning future actions with the provided information and regulation, limitation and determination of liability for violation of the principles of processing and protection of personal data for the person who further carries out the specified operations. [ABSTRACT FROM AUTHOR]

Published

2024

4. ШТРАФНІ САНКЦІЇ, ЯК ОСНОВНА ФОРМА ВІДПОВІДАЛЬНОСТІ ЗА ПОРУШЕННЯ ЗАГАЛЬНОГО РЕГЛАМЕНТУ ЗАХИСТУ ПЕРСОНАЛЬНИХ ДАНИХ В ЄС

Author

І. М., Яворська and С. А., Стахура

Abstract

The article outlines the legal basis of the penalties for violation of the General Data Protection Regulation in the EU. The necessity of studying the mechanisms by which the procedure for collecting fines for violations in the field of personal data protection within the European Union is carried out. Provisions of the General Data Protection Regulation are analyzed in order to apply the experience of EU member states in the field of personal data protection as well as in the context of harmonization of Ukrainian legislation with EU law. The article analyzes changes in the legislation on the protection of personal data and identifies the most frequently applied penalties in the form of fines imposed on companies in countries such as Great Britain, Netherlands, and Spain. Forms of liability for violations of the Regulation are: administrative fine, warning, temporary suspension of activity, or certain actions performed by the controller or operator. In addition to the list, member states in their domestic legislation have the right to establish additional forms of liability for violations of personal data protection, if such a penalty does not contradict the GDPR. In the article, it has also been determined which violations in the field of personal data protection act as grounds for imposing fines, namely, it has been established that these are non-compliance by companies with the security of personal data, non-observance of conditions and rules regarding consent to the processing of personal data, and the subsequent use by companies of personal data of customers after the leak the period provided for their use or the transfer of customer data to third parties. As mentioned above, the adoption of the General Data Protection Regulation contributed to ensuring the stability of normative acts that regulate issues related to the confidentiality of personal data of users, as well as responsibility for the violation of rights related to such data. According to the Regulation, any information by which a person can be identified should be interpreted as personal data. The article examines the application of mechanisms for imposing fines and analyzes the circumstances that determine the extent of liability for violations in the field of personal data protection. [ABSTRACT FROM AUTHOR]

Published

2023

5. Privacy frontiers in customers’ relations with banks

Author

Piotrowski Dariusz

Subjects

privacy, personal data processing, artificial intelligence, banking ethics, social media, a13, g21, o33, Economics as a science, HB71-74

Abstract

The widespread use of digital technologies in banking allows banks to obtain and analyse huge amounts of data from different communication channels. While this phenomenon is conducive to improving the quality of services it also increases the risk of privacy breaches. The aim of this study is to identify what factors determine consumer acceptance of banks’ use of public access personal data found on social media accounts. The results indicate the importance of the financial incentive and consumers’ assessment of banks’ information activities regarding the processing of personal data. Determinants relating to the technological sophistication of respondents were also found to be significant, with a particular focus on the ethical evaluation of decisions made by Artificial Intelligence algorithms. The results of the work may be used by banks in practice to adapt the area of personal data management to the requirements of e-privacy and Trustworthy Artificial Intelligence.

Published

2023

6. Prawo do bycia zapomnianym w perspektywie przetwarzania danych osobowych.

Author

NASIADKA, ŁUKASZ

Abstract

Nowadays, effective protection of personal data is one of the fundamental issues of a democratic state under the rule of law. Therefore, the legislator should be very precise about the principles and standards of data processing. In the last few decades, in particular, the development of new technologies, digitalisation and the increase in the need for electronic communication has become evident, which leads to the adoption of appropriate regulations for the handling of personal data. In addition, the EU legislator has introduced the General Data Protection Regulation (GDPR) in order to harmonise the regulations of EU Member States regarding the protection of personal data. This provides a framework for the proper functioning of legal provisions across the European Union regarding the handling of personal data of its citizens. The aim of the article is to identify the legal changes resulting from the Personal Data Protection Regulation, with a particular focus on the persons to which they apply and then to analyse the regulation of 'the right to be forgotten'. In the first part of the article, attention is drawn to the way personal data are processed and the scope of obligations incumbent on data controllers. This is because data controllers are, together with the personal data protection officer, responsible for recording data processing activities, including ongoing monitoring and responding to situations of inaccurate data processing. The second part focuses on the right to be forgotten and the assessment of this entitlement in the perspective of Regulation 2016/679. The research methods include an analysis of legal acts, at the same time using the subject literature. [ABSTRACT FROM AUTHOR]

Published

2023

7. Prawo do bycia zapomnianym w perspektywie przetwarzania danych osobowych

Author

Łukasz Nasiadka

Subjects

personal data processing, right to be forgotten, data protection, Public law, K3150

Abstract

Nowadays, effective protection of personal data is one of the fundamental issues of a democratic state under the rule of law. Therefore, the legislator should be very precise about the principles and standards of data processing. In the last few decades, in particular, the development of new technologies, digitalisation and the increase in the need for electronic communication has become evident, which leads to the adoption of appropriate regulations for the handling of personal data. In addition, the EU legislator has introduced the General Data Protection Regulation (GDPR) in order to harmonise the regulations of EU Member States regarding the protection of personal data. This provides a framework for the proper functioning of legal provisions across the European Union regarding the handling of personal data of its citizens. The aim of the article is to identify the legal changes resulting from the Personal Data Protection Regulation, with a particular focus on the persons to which they apply and then to analyse the regulation of ‘the right to be forgotten’. In the first part of the article, attention is drawn to the way personal data are processed and the scope of obligations incumbent on data controllers. This is because data controllers are, together with the personal data protection officer, responsible for recording data processing activities, including ongoing monitoring and responding to situations of inaccurate data processing. The second part focuses on the right to be forgotten and the assessment of this entitlement in the perspective of Regulation 2016/679. The research methods include an analysis of legal acts, at the same time using the subject literature.

Published

2023

8. Media users' and professionals' responses to personal data receipts: A mixed methods study.

Author

Buggenhout, Natasja Van and den Broeck, Wendy Van

Subjects

*PERSONALLY identifiable information, *ELECTRONIC data processing, *GENERAL Data Protection Regulation, 2016, *INFORMATION overload

Abstract

European General Data Protection Regulation requires organisations to request the data subject's consent for personal data processing. Data controllers must be able to demonstrate valid consent was obtained ('transparency'). Media often struggle to meet GDPR requirements in practice. We identified several issues with existing consent procedures amongst which a need for trustworthy approaches to record and track consent. In this article, we evaluate a specific transparency initiative: a Personal Data Receipt (PDR) for news personalisation. We investigated how European media users and media professionals evaluated the PDR. We conducted qualitative surveys and interviews to explore and describe individuals' viewpoints on/responses to the PDR. The main strengths highlighted in this study are: GDPR compliance and improved data processing transparency which leads to more control and user trust. PDR weaknesses are mainly related to users not reading the receipt, lack/overload of information, and design issues. Based on our findings, we identified missing elements and formulated recommendations for PDR improvement to optimise consent strategies. By examining how individuals responded to this specific transparency tool, and rhetorical tactics connected to it (placation, diversion, jargon, and misnaming), our study provides informed suggestions for ways out of digital resignation (Draper & Turow, 2019). [ABSTRACT FROM AUTHOR]

Published

2023

9. Issues and Possibilities of Personal Data Remote Processing in the COVID19 Pandemic Environment

Author

Mityushin, Dmitry A., Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Silhavy, Radek, editor, Silhavy, Petr, editor, and Prokopova, Zdenka, editor

Published

2021

10. Regulating Telematics Insurance : Role for the IDD to Complement the GDPR on Improving Consumer Data Protection in the Context of Telematics Insurance

Author

van den Boom, Freyja, Marano, Pierpaolo, Series Editor, Bataller Grau, Juan, Editorial Board Member, Chang, Johnny, Editorial Board Member, Chrissanthis, Christos S, Editorial Board Member, Cousy, Herman, Editorial Board Member, Grima, Simon, Editorial Board Member, Gurses, Ozlem, Editorial Board Member, Heiss, Helmut, Editorial Board Member, Kochenburger, Peter, Editorial Board Member, Koezuka, Tadao, Editorial Board Member, Kullmann, Jérôme, Editorial Board Member, Kursche, Birgit, Editorial Board Member, Kwon, W. Jean J., Editorial Board Member, Landini, Sara, Editorial Board Member, Lima Rego, Margarida, Editorial Board Member, Lin, JJ, Editorial Board Member, Malinowska, Katarzyna, Editorial Board Member, Martinez, Leo P., Editorial Board Member, McCoy, Patricia, Editorial Board Member, Meggit, Gary, Editorial Board Member, Merkin, Robert, Editorial Board Member, Millard, Daleen, Editorial Board Member, Nakaide, Satoshi, Editorial Board Member, Norio, Jaana, Editorial Board Member, Noussia, Kyriaki, Editorial Board Member, Núñez, Laura, Editorial Board Member, Perner, Stefan, Editorial Board Member, Rokas, Ioannis, Editorial Board Member, Siri, Michele, Editorial Board Member, Van Schoubroeck, Caroline, Editorial Board Member, Verheyen, Wouter, Editorial Board Member, Wandt, Manfred, Editorial Board Member, Wang, Hsin-Chun, Editorial Board Member, Yeşilova Aras, Ecehan, Editorial Board Member, and Zhu, Ling, Editorial Board Member

Published

2021

11. Challenges Regarding the Compliance with the General Data Protection Law by Brazilian Organizations: A Survey

Author

Canedo, Edna Dias, Ribeiro, Vanessa Coelho, Alarcão, Ana Paula de Aguiar, Chaves, Lucas Alexandre Carvalho, Reed, Johann Nicholas, Mendonça, Fábio Lúcio Lopes, de Sousa Jr, Rafael T., Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Gervasi, Osvaldo, editor, Murgante, Beniamino, editor, Misra, Sanjay, editor, Garau, Chiara, editor, Blečić, Ivan, editor, Taniar, David, editor, Apduhan, Bernady O., editor, Rocha, Ana Maria A. C., editor, Tarantino, Eufemia, editor, and Torre, Carmelo Maria, editor

Published

2021

12. Personal Data as a Market Commodity in the GDPR Era: A Systematic Review of Social and Economic Aspects

Author

Aleksei Zelianin

Subjects

general data protection regulation, personal data, digital marketing, personal data protection, personal data processing, data breach, Electronic computers. Computer science, QA75.5-76.95

Abstract

With the development of modern data processing, mining and collection technologies, various companies and institutions will have more opportunities to make these data operations faster and more efficiently. From the economic perspective, processing personal data is evidently lucrative and companies would therefore like to obtain as much data as possible. This paper analyses and summarizes existing and emerging social and economic trends, implications and issues caused by clashes between European legislation on personal data protection (the GDPR) and current data processing practices. Utilizing both quantitative and qualitative data, the article attempts to scrutinize the implications of the conflict between the rising demand for privacy and personal data protection on the one hand and the ever-growing need to process and store personal data, especially by commercial organizations, on the other. Analysing databases, legislation, reports, statistical data and surveys, the paper attempts to provide an estimate of the value of personal data and the consequences of poor handling of personal data.

Published

2022

13. Toward a Model for Building Information Awareness in Crisis Situations.

Author

Meesters, Kenny, Alexiou, Andreas, and Ou, Carol

Subjects

ACCESS to information, DECISION making, INFORMATION technology, ORGANIZATIONAL change, INFORMATION storage & retrieval systems

Abstract

In crisis situations access to information is key to reduce uncertainty and enable effective decision making. With the advent of modern information technologies there is an abundance of possibilities to obtain, process, and share information. The number of actors that can potentially provide information has grown concomitantly. The challenge therefore is no longer the availability of information but rather the ability to find and connect with actors providing information in a volatile and dynamic environment. This requires of organizations to be aware of the actors and their information potential, and actively build informational awareness. In this paper we propose a model for the development of the awareness of organizations of the information landscape during critical events. We validate this model using two case studies and extract key factors that contribute to the challenges and success of leveraging information potential of actors in a crisis. [ABSTRACT FROM AUTHOR]

Published

2022

14. Personal Data Processing within a Smart Cemetery.

Author

Şchiopu, Silviu-Dorin

Subjects

ELECTRONIC data processing, PERSONALLY identifiable information, CEMETERIES, SMART cities

Abstract

Starting from the characteristics that an intelligent cemetery should have, this article aims to highlight possible personal data processing within it. The article presents the challenges faced by smart cemeteries starting from examples of data handling inherent to the functioning of a classic cemetery, to then analyze processing hypotheses that may intervene precisely as a result of the technological input in the administration of cemeteries. Last but not least, the relationship between the processing of personal data, on the one hand, and the respect due to the memory of the deceased, on the other, is of interest for the functioning of a smart cemetery. Although the cemeteries are rather spared by technology, it is already obvious that they are not completely immune to it. Any introduction of modern technologies in these spaces must be carefully considered. Personal data processing should contribute not only to the good administration of the cemetery but also to the respect owed to the memory of those who have passed away while also protecting the privacy of the living ones. [ABSTRACT FROM AUTHOR]

Published

2022

15. Personal Data Protection in the Decision-Making of the CJEU Before and After the Lisbon Treaty

Author

Pavelek Ondřej and Zajíčková Drahomíra

Subjects

court of justice of the eu, eu law, gdpr, personal data processing, Political science, International relations, JZ2-6530

Abstract

Personal data protection is one of the important areas of the EU’s operation and the general public is especially aware of the General Data Protection Regulation (GDPR). However, personal data protection has been an issue in the EU for a long time. The Court of Justice of the European Union (CJEU) plays a major role in personal data protection as their function is to interpret EU law and thus also EU legislation related to personal data protection. Until now, research papers have tackled specific issues related to interpreting EU legislation or analyses of specific decisions made by the CJEU. However, no comprehensive empirical legal study has been published so far which would evaluate the decision-making of the CJEU in the area of personal data protection using a combination of quantitative and qualitative methods. Therefore, no analysis has been carried out to determine how many decisions of the CJEU have been related to personal data protection, how their number has increased, or which participants and from which areas have participated in the proceedings. The results of the analysis presented here can be used as a basis for studying the future development of the CJEU’s decision-making in the area of personal data protection in relation to digitization and especially to the COVID-19 pandemic, which undoubtedly has contributed to a significant increase in online communication, posing new challenges towards a more efficient personal data protection in the online world.

Published

2021

16. The New European Commission Decision on Standard Contractual Clauses: A System Reform?

Author

Chiara Bertoldi

Subjects

standard contractual clauses, commission implementing decision, cross border data flows, personal data processing, data protection, controller and processor's responsibility, Law, Law of Europe, KJ-KKZ

Abstract

(Series Information) European Papers - A Journal on Law and Integration, 2021 6(3), 1363-1365 | European Forum Highlight of 24 February 2022 | (Abstract) The evolution of an increasingly globalized market has resulted in the expansion of international trade through transnational data flows. Standard contractual clauses (SCC) are one of the most commonly used legal bases for transferring personal data beyond EU borders. The new Decision of the Commission on SCC represents a major innovation for the transfers of data. This Highlight offers an overview of the model clauses and addresses some of its new features, especially as to the relationship with art. 3(2) of Regulation (EU) 679/2016.

Published

2022

17. A RESPONSABILIDADE CIVIL NA LEI GERAL DE PROTEÇÃO DE DADOS PESSOAIS E A REGRA DE HAND.

Author

Souto dos Santos, Rômulo Marcel, Studart Leitão, André, and Navarro Wolkart, Erik

Subjects

LEGAL liability, CIVIL liability, DATA protection, PERSONALLY identifiable information, DATA protection laws

Abstract

Copyright of Revista Opinião Jurídica is the property of Revista Opiniao Juridica and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2022

18. Automated Decision Making and Personal Data Protection in Intelligent Tutoring Systems: Design Guidelines

Author

Mougiakou, Eirini, Papadimitriou, Spyros, Virvou, Maria, Howlett, Robert James, Series Editor, Jain, Lakhmi C., Series Editor, Virvou, Maria, editor, Kumeno, Fumihiro, editor, and Oikonomou, Konstantinos, editor

Published

2019

19. Legal Responsibility of Administration for the Protection of Personal Health Data

Author

Veli Durmuş

Subjects

personal health data, personal data processing, privacy, administration, health services, Nursing, RT1-120

Abstract

Health institutions are places where personal health data is intensively processed and maintained. These data are collected and processed during each examination and treatment. All kinds of information regarding the mental and physical health of a person may be considered within the field of personal health data. Hence, there are some data that every patient has to share with the administration in the process of examination and treatment. This data may be related to the health and sexuality of the individual and socio-demographic. It has become easier to obtain and process the personal health data. The protection of information is regulated as a fundamental right in various agreements at international level. With the development of information technology, it is necessary to provide personal data security and to take comprehensive protection measures by the administration. This review article aims to to explain the legal responsibility of the administration in the light of the decisions of the European Court of Human Rights and the Supreme Administrative Court by presenting the importance of ensuring privacy and the protection of personal health data in health care providers. In addition, suggestions for the protection of personal health data were presented during the conduct of administrative health activities.

Published

2021

20. What Makes Personal Data Processing by Social Networking Services Permissible?

Author

Wolmarans, Lichelle and Voorhoeve, Alex

Subjects

*SOCIAL networks, *SOCIAL media, *ELECTRONIC data processing, *SOCIAL processes, *PERSONALLY identifiable information

Abstract

Social networking services provide services in return for rights to commercialize users' personal data. We argue that what makes this transaction permissible is not users' autonomous consent but the provision of sufficiently valuable opportunities to exchange data for services. We argue that the value of these opportunities should be assessed for both (a) a range of users with different decision-making abilities and (b) third parties. We conclude that regulation should shift from aiming to ensure autonomous consent towards ensuring that users face options that they will use to advance individual and common interests. [ABSTRACT FROM AUTHOR]

Published

2022

21. Artificial Intelligence and the GDPR: Inevitable Nemeses?

Author

Kesa Aleksandr and Kerikmäe Tanel

Subjects

ai, compliance, gdpr, machine learning, personal data processing, right to erasure, Political science, International relations, JZ2-6530

Abstract

The rapid development of computer technology over the past decades has brought about countless benefits across industries and social benefits as well—constant interpersonal connectivity is facilitated through numerous communication channels and social media outlets, energy-producing enterprises employ complex machinery management systems for increased efficiency, ease of access and safety, hedge funds make use of high-frequency trading algorithms to engage in trades happening at a fraction of a second, while medical professionals use predictive technologies to diagnose diseases and forecast viral outbreaks. Widespread adoption of technology necessitated the creation of regulatory frameworks that would ensure the safeguarding of rights and regulatory and judicial supervision over the exploitation of high technology. one such framework is the Gdpr, created due to the need for a comprehensive, contemporary legal regime governing the processing of personal data in a time when such data has become a commodity that is traded and sold in return for services or financial gain. However, in the authors’ view, the Gdpr suffers in terms of efficacy in the context of artificial intelligence-based technologies, and full compliance of data controllers and processors employing such technologies is unlikely to be achieved, particularly in regards to the right to information, the general principle of transparency and the right to erasure. The article provides an overview of these issues, including a discussion on the movement towards a regime of data ownership, and proposes legislative amendments as an effective method of mitigating these drawbacks.

Published

2020

22. REFLECTIONS ON PERSONAL DATA PROCESSING THAT IS NECESSARY FOR THE ENTERING OR PERFORMANCE OF A CONTRACT.

Author

Maria Cristolovean, Nicoleta

Subjects

*PERSONALLY identifiable information, *DATA protection, *ELECTRONIC data processing, *GENERAL Data Protection Regulation, 2016

Abstract

Even in pandemic times everyday life involves the conclusion of contracts written on paper, which in turn involves the processing of personal data not only for the performance of the contracts to which a data subject is party, but also in order to take steps at the request of the data subject prior to entering into a contract. In this regard Article 6 (1) (b) of the General Data Protection Regulation provides the legal basis that ensures the lawfulness of processing. This short article examines the limits of using this legal basis for personal data processing in the context of the controllers' obligations and the rights of the data subjects. The primary conclusion is that, although any contract can ensure the legality of personal data processing, not all personal data may be necessary for the performance of the contract, in which case another ground of processing must be used for the rest of the personal data processed, which in turn requires a thorough understanding of Regulation (EU) 2016/679 for an implementation of its provisions in their spirit and letter, the more so as an implementation of the General Data Protection Regulation limited to the preparation of documentation on the conformity of processing has no other effect than to turn it into a dead letter. [ABSTRACT FROM AUTHOR]

Published

2021

23. Towards Transparentizing Personal Data Processing, Winning Public Trust.

Author

O. L., Steenbergen and K. J. M. G., Meesters

Abstract

Over the past decade, as private organizations have increased the amount of data that is being processed, governmental institutions and other non-profit organizations (who shall be referred to as public organizations) have followed suit. Both types of organizations carry responsibilities regarding personal data processing, yet as clients of public organizations are not always able to avoid services provided, additional questions arise regarding the transparency of processing. Currently, this transparency is lacking, causing privacy concerns of clients to rise due to what is termed informational uncertainty, or the lack of information regarding the content, the process, and the purpose of data processing. By taking an information systems (IS) perspective, this research shows five principles to be effective in enhancing the privacy of the general public for public organizations: transparency, accountability, purpose specification, security, and ownership. In addition, results show the influence of the absence of time and experience on these principles. [ABSTRACT FROM AUTHOR]

Published

2021

24. Datele personale ale copiilor, autoritatea părintească și rețelele de socializare.

Author

BARBUR, Diana Flavia

Subjects

PARENTS, PERSONALLY identifiable information, ELECTRONIC data processing, FAMILIES, SOCIAL media, SOCIAL networks

Abstract

Copyright of Pandectele Române is the property of Wolters Kluwer Romania and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2021

25. Legal Guaranties Of Personalized Data Treatment Stady In Light Of Law N° 18-07

Author

HAZAM Fatiha

Subjects

legal guarantees, personal data processing, private life, Law, Economic history and conditions, HC10-1085

Abstract

The study seeks to highlight the most important legal guarantees provided by the law 18-07 on the protection of natural persons in the field of processing personal data, which stand out the gravity of the means of modern information technology of private life when the process of collection and storage of nominal data and operation and also when extracting this information from the memory of the intelligent system and its delivery to others, regardless of whether it is handled by a public or private person or even a natural person. It is therefore necessary to protect the rights of the person concerned with the treatment and to strengthen them with the legal guarantees that prevent the possibility of being attacked by the responsible for the processing or sub-processor or even by others as a violation of the privacy of natural persons in the scope of electronic information society.

Published

2019

26. Principles of the EU General Regulations for the Protection of Personal Data (GDPR): Problems and Perspectives for Implementation

Author

A. Yu. Churilov

Subjects

personal data, european union, principles, personal data processing, legal regulation, Law

Abstract

The paper discusses the fundamental principles of personal data processing enshrined in EU Regulation No. 2016/679: legality, fairness, and transparency; purpose limitation; data minimization; accuracy; storage limitation; integrity and confidentiality; responsibility (accountability). The need to study and implement the requirements outlined in the regulations is related to the extraterritorial nature of its operation and the potential possibility of extending its operation to Russian companies providing services and selling goods in the European Union countries. The Author gives comments regarding each principle on the difficulties of implementation and recommendations on their application, as well as some critical comments. The Author covers the disclosure of each of the principles in other articles of the Regulations and demonstrates the interaction of these principles with each other.

Published

2019

27. Kişisel Sağlık Verilerinin Korunmasında İdarenin Hukuki Sorumluluğu.

Author

DURMUŞ, Veli

Abstract

Copyright of Dokuz Eylül Üniversitesi Hemsirelik Fakültesi Elektronik Dergisi is the property of Dokuz Eylul Universitesi Hemsirelik Fakultesi Elektronik Dergisi and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2021

28. ZAKONSKO ODSTUPANJE OD OPĆE UREDBE O ZAŠTITI PODATAKA(EU) 2016/679 (GDPR).

Author

Smoljić, Mirko and Vukić, Ana Marija

Abstract

Copyright of Transition: Journal of Economic & Politics of Transition / Tranzicija: Časopis za Ekonomiju i Politiku Tranzicije is the property of Ekonomski Institut Tuzla and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2021

29. Artificial Intelligence and the GDPR: inevitable nemeses?

Author

Kesa, Aleksandr and Kerikmäe, Tanel

Subjects

ARTIFICIAL intelligence, RIGHT to be forgotten, GENERAL Data Protection Regulation, 2016, PERSONALLY identifiable information, DATA protection, COMPUTER engineering, LEGISLATIVE amendments

Abstract

The rapid development of computer technology over the past decades has brought about countless benefits across industries and social benefits as well--constant interpersonal connectivity is facilitated through numerous communication channels and social media outlets, energy-producing enterprises employ complex machinery management systems for increased efficiency, ease of access and safety, hedge funds make use of high-frequency trading algorithms to engage in trades happening at a fraction of a second, while medical professionals use predictive technologies to diagnose diseases and forecast viral outbreaks. Widespread adoption of technology necessitated the creation of regulatory frameworks that would ensure the safeguarding of rights and regulatory and judicial supervision over the exploitation of high technology. one such framework is the Gdpr, created due to the need for a comprehensive, contemporary legal regime governing the processing of personal data in a time when such data has become a commodity that is traded and sold in return for services or financial gain. However, in the authors' view, the Gdpr suffers in terms of efficacy in the context of artificial intelligence-based technologies, and full compliance of data controllers and processors employing such technologies is unlikely to be achieved, particularly in regards to the right to information, the general principle of transparency and the right to erasure. The article provides an overview of these issues, including a discussion on the movement towards a regime of data ownership, and proposes legislative amendments as an effective method of mitigating these drawbacks. [ABSTRACT FROM AUTHOR]

Published

2020

30. Limitele dreptului la viață privată în contextul educației digitale.

Author

GEORGESCU, Alexandru

Subjects

COVID-19 pandemic, RIGHT of privacy, CIVIL rights, RIGHT to education, DIGNITY, PERSONALLY identifiable information

Abstract

Copyright of Pandectele Române is the property of Wolters Kluwer Romania and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2020

31. THE RIGHT TO BE FORGOTTEN AS AN ELEMENT OF THE PERSONAL DATA PROTECTION SYSTEM IN THE ORGANISATION.

Author

ODLANICKA-POCZOBUTT, Monika and SZYSZKA-SCHUPPIK, Aleksandra

Subjects

DATA protection, RIGHT to be forgotten, PERSONALLY identifiable information, ORGANIZATION, IDENTITY theft

Abstract

Introduction/background: The protection of personal data, as the protection of information on natural persons by entities which hold it, is currently a topic of considerable interest. Proper protection of personal data is closely related to the way the organisation is managed. Lack of management awareness of the dangers of inappropriate procedures in this respect can lead to abuse and even crime, e.g. identity theft. In the light of doubts as to whether to rely on existing solutions or build a system from scratch, there are many research problems in this area. Aim of the paper: The cognitive goal of this article is to analyse the basics of building a system of personal data protection in the scope of creating new internal regulations and to indicate the role of the Data Protection Officer, while the utilitarian goal is to analyse the case of a request to erase the processed data. Materials and methods: A selected organisation was studied, where a process map with a detailed description of actions was drawn up on the basis of participant observation and direct interviews. Results and conclusions: The conclusions indicate that the Data Protection Officer may perform the function of a person responsible for the system. However, their activities must be supported by information obtained from within the organisation. Therefore, it is important to involve the highest management in the development of the personal data protection system. The foundations for creating a procedure to handle the request for erasure of personal data were also indicated. [ABSTRACT FROM AUTHOR]

Published

2020

32. ZAKONSKO ODSTUPANJE OD OPĆE UREDBE O ZAŠTITI PODATAKA (EU) 2016/679 (GDPR).

Author

Smoljić, Mirko and Vukić, Ana Marija

Abstract

Copyright of Zbornik Radova / Proceedings SKEI (1986-5945) is the property of University Vitez, Bosnia & Herzegovina and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2019

33. Od Ljubice Atanasijević do Ksenije Marković

Author

Bukovala, Jovan and Bukovala, Jovan

Abstract

Osnovni cilj ovog istraživanja je saznajni - eksplorativno-deskriptivni, zahvaljujući činjenicama stečenim teorijskom analizom, i to putem literature koju čine pozitivni pravni propisi (Zakon o matičnim knjigama, Zakon o opštem upravnom postupku, Porodični zakon). Predmet i cilj ovog rada su zahtevali korišćenje kvalitativnog empirijskog metoda - biografskog (činjenice rođenja Ljubice Atanasijević, zaključenja braka između Milana Markovića i Ksenije Atanasijević i smrti Ksenije Atanasijević Marković) i operativnog - analizu sadržaja dokumenata (matične knjige rođenih, venčanih i umrlih, knjige državljana)., The main goal of this research is cognitive - exploratory-descriptive, thanks to the facts obtained through theoretical analysis, through the literature that consists of positive legal regulations (Law on Registration Books, General Administrative Procedure Act, Family Law). The subject and aim of this paper required the use of a qualitative empirical method - biographical (the fact of the birth of Ljubica Atanasijević, the conclusion of the marriage between Milan Marković and Ksenija Atanasijević and the death of Ksenija Atanasijević Marković) and operational - analysis of the content of documents (certificates of births, marriages and deaths, registers of citizens).

Published

2023

34. Sharing personal genetic information: the impact of privacy concern and awareness of benefit

Author

Heath, Don, Ardestani, Ali, and Nemati, Hamid

Published

2016

35. Realizarea cartografierii prelucrărilor de date cu caracter personal, aspecte practice.

Author

PLOEŞTEANU, Nicolae and FĂRCAŞ, Darius

Abstract

Copyright of Revista Română de Drept al Afacerilor is the property of Wolters Kluwer Romania and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2019

36. Citizens’ Information Privacy Protection Model in e-Government for Developing Countries

Author

Mohammad Taghi Taghavifard, Mohammad Reza Taghva, Mehdi Faghihi, and Mohammad Javad Jamshidi

Subjects

information privacy, e-government, personal data processing, citizenship rights, developing countries, Political institutions and public administration (General), JF20-2112

Abstract

The most important aim of this study is to propose a model for protecting citizens’ information privacy in e-Government for developing countries. This study develops theoretical foundations and models of e-Government in judicial-legal dimension. The methodology of this study is qualitative including documentary study, content analysis and comparative study. Statistical population of this study includes 58 countries with information privacy act which 11 countries were selected by judgment sampling for documentary study. These countries include:, England, Canada, France, Germany, Spain, Italy, Norway, Sweden, Ireland, Belgium and Republic of Korea. Proposed model of this study includes seven dimensions: (1) data collection obligations, (2) data use obligations, (3) data retention obligations, (4) data disclosure obligations, (5) data subject rights, (6) controller responsibilities and (7) obligations of accessing to data by citizen. Of 124 identified obligations for protecting citizens’ information privacy in e-Government as indexes of these dimensions, 105 obligations have a weight over 0.5 and can be a pattern for developing countries in order to regulate the e-Government development in the in the field of citizens’ information privacy protection as standard principles. It is hoped that the proposed model of this study would help developing countries in order to protect citizens’ information privacy in e-Government.

Published

2016

37. Media users' and professionals' responses to personal data receipts: A mixed methods study

Author

Wendy Van den Broeck, Natasja Van Buggenhout, Communication Sciences, Faculty of Economic and Social Sciences and Solvay Business School, and Studies in Media, Innovation and Technology

Subjects

transparency, personal data processing, Personal Data Receipt, Public Administration, Sociology and Political Science, accountability, Communication, user research, consent, media and communication studies, GDPR, Trust, Information Systems

Abstract

European General Data Protection Regulation requires organisations to request the data subject’s consent for personal data processing. Data controllers must be able to demonstrate valid consent was obtained (‘transparency’). Media often struggle to meet GDPR requirements in practice. We identified several issues with existing consent procedures amongst which a need for trustworthy approaches to record and track consent. In this article, we evaluate a specific transparency initiative: a Personal Data Receipt (PDR) for news personalisation. We investigated how European media users and media professionals evaluated the PDR. We conducted qualitative surveys and interviews to explore and describe individuals’ viewpoints on/responses to the PDR. The main strengths highlighted in this study are: GDPR compliance and improved data processing transparency which leads to more control and user trust. PDR weaknesses are mainly related to users not reading the receipt, lack/overload of information, and design issues. Based on our findings, we identified missing elements and formulated recommendations for PDR improvement to optimise consent strategies. By examining how individuals responded to this specific transparency tool, and rhetorical tactics connected to it (placation, diversion, jargon, and misnaming), our study provides informed suggestions for ways out of digital resignation (Draper & Turow, 2019).

Published

2023

38. Ψηφιακά Πιστοποιητικά Covid-19 και Προστασία Δεδομένων Προσωπικού χαρακτήρα

Subjects

Επεξεργασία δεδομένων προσωπικού χαρακτήρα, Δεδομένα Υγείας, Γενικός Κανονισμός Προστασίας Δεδομένων(ΓΚΠΔ), General Data Protection Regulation (GPA), Ψηφιακά πιστοποιητικά covid-19, Health Data, Covid-19 pandemic, Personal data processing, Covid-19 digital certificates, Πανδημία covid-19

Abstract

Για την αντιμετώπιση της πανδημίας covid-19, υιοθετήθηκαν κάποια μέτρα σε εθνικό και ενωσιακό επίπεδο. Τα μέτρα αυτά περιόρισαν σε σημαντικό βαθμό θεμελιώδη ανθρώπινα δικαιώματα στο βωμό της προστασίας της δημόσιας υγείας. Ένα από τα μέτρα ήταν και η καθιέρωση του ψηφιακού πιστοποιητικού covid-19, με απώτερο σκοπό την διευκόλυνση της ελεύθερης κυκλοφορίας. Το ψηφιακό πιστοποιητικό covid-19 περιλαμβάνει πληροφορίες για την κατάσταση του κατόχου του, αναφορικά με τον εμβολιασμό, την εξέταση ή την ανάρρωση του, τα οποία τυγχάνουν επεξεργασίας, ήτοι δεδομένα που σχετίζονται με την υγεία. Η παρούσα διπλωματική εργασία εξετάζει από τη νομική σκοπιά της προστασίας δεδομένων προσωπικού χαρακτήρα τα μέτρα που υιοθετήθηκαν κατά τη διάρκεια της πανδημίας covid-19, επικεντρώνεται στο νομικό πλαίσιο καθιέρωσης των ψηφιακών αυτών πιστοποιητικών και εξετάζει, εάν εφαρμόστηκαν οι εγγυήσεις του ΓΚΠΔ για την προστασία των δεδομένων προσωπικού χαρακτήρα που τυγχάνουν επεξεργασίας, To deal with the covid-19 pandemic, some measures have been adopted at national and EU level. These measures have significantly reduced fundamental human rights at the altar of public health protection. One of the measures was the introduction of the covid-19 digital certificate, with the ultimate goal of facilitating free movement. The covid-19 digital certificate contains information about the holder's condition regarding vaccination, examination or recovery, which is being processed, that is health-related data. This dissertation examines from a legal point of view the protection of personal data the measures adopted during the covid-19 pandemic, focuses on the legal framework for the establishment of these digital certificates and examines whether the GPA guarantees for data protection have been applied personal processing

Published

2023

39. SOME CONSIDERATIONS ON THE LAWFULNESS OF PERSONAL DATA PROCESSING BY PUBLIC ADMINISTRATION AUTHORITIES UNDER REGULATION (EU) 2016/679.

Author

ȘCHIOPU, Silviu-Dorin

Subjects

*PUBLIC administration, *ELECTRONIC data processing, *GENERAL Data Protection Regulation, 2016, *ADMINISTRATIVE acts

Abstract

In this short paper we intend to examine the processing of personal data by the Romanian public administration authorities from the perspective of its lawfulness under the General Data Protection Regulation (GDPR). We will argue that the processing of personal data in violation of Regulation (EU) 2016/679 provisions for the purpose of issuing administrative acts by public authorities can affect not only the lawfulness of the latter, but such infringements lead also to the erosion of the concept of good administration, one of the key factors being that the Romanian Law 190/2018 on implementing measures for GDPR doesn't allow the possibility of imposing a contravention fine on public authorities when finding a GDPR infringement. [ABSTRACT FROM AUTHOR]

Published

2018

40. Ce este și cum poate fi folosită inteligența artificială (III).

Author

GEORGESCU, Laura

Abstract

Copyright of Revista Româna de Dreptul Muncii is the property of Wolters Kluwer Romania and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2018

41. Impactul Regulamentului privind protecţia datelor cu caracter personal asupra răspunderii civile.

Author

POPA, IONUŢ-FLORIN

Abstract

Copyright of Romanian Review of Private Law / Revista Română de Drept Privat is the property of Universul Juridic Publishing House and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2018

42. Захист комодифікованих даних на цифрових платформах

Author

Булгакова, Д.A.

Subjects

цифрові платформи, personal data processing, користувач, e-platforms, підтвердження особистості, обробка персональних даних, identity proof, user, технології підвищення конфіденційності, privacy-enhancing technologies

Abstract

Using limited information, notably excluding paramount items in e-platforms, the user leads to sub-optimal decisions regarding his/her data to digital commodes. Thus, the study statement: personal data has been commodified. The study uses a method the mitigation of data commodification risk. It aims to find a way for data protection when a person uses e-platforms. It is important because user's attributes that allow others to recognize each other are closely aligned with a person's being, and individuals identify themselves through these attributes. As such, they are essential to personhood and warrant protection. The personality of user in e-platforms must be dignity - inalienable. Based on the GDPR Article 25 and Recital 78, the measure for the data protection is assumed to comply when data systems go along with technical and organizational safeguards. The EU's concept advances a new legal approach where users are holders of their data. It allows them to manage data in secure, local, and online storage orderliness, dispensing it by person's choice. Selves are capable to select settings for data execution and data accord. This mitigation technique acknowledges a human-centric distinction and increased e-platforms for empowered designs. It can also guard against unlawful profiling techniques that strive to circumvent critical measures for the risk mitigation of data commodification. The solution is found aground in the experience of e-platforms such as Mydex, NextCloud, and MyData Global. In this regard, the article defends the digital integrity in e-platforms through data protection by design, informed consent, and the prohibition in e-platforms to consider data - a source of financial gain. The conclusion would remain to go along with data accuracy, time reservation, and user informativeness., Через великий потік даних, користувач класифікує такі, тим самим обмежуючи себе у кількості переглядів того чи іншого розділу на цифрових платформах. Так як користувач має схильність до неоптимальних рішень, то шляхом перегляду інформації, він нерозбірливо виключає з зору читання тих чи інших цифрових елементів. Під їх категорію підпадають комодифіковані персональні дані, і тому потребують правового захисту. У дослідженні використовується метод пом'якшення правового ризику щодо недостатнього захисту комодифікованих даних на цифрових платформах. Мета статті — знайти спосіб захисту таких даних при використанні електронних платформ. Це важливо, оскільки атрибути користувача, які дозволяють іншим впізнавати один одного, тісно узгоджені з істотою людини, коли ідентифікація можлива за допомогою цих атрибутів. Таким чином, вони є важливими для користувача, а тому необхідний правовий гарантор для захисту. Ключем до цього є правового закріплення положення про те, що особистість користувача цифрових платформ має бути гідною - невідчужуваною. Тому задача данної статті полягає у знаходженні способів захисту даних шляхом реалізації технічних та організаційних гарантій закріплених у статті 25 та recital 78 General Data Protection Regulation. Концепція Європейського Союзу просуває новий правовий підхід, коли користувачі є утримувачами своїх даних. Це дозволяє їм керувати даними у захищеному, локальному та впорядкованому режимі зберігання, розподіляючи дані за прямим вибором особи. Такими є параметри виконання даних та узгодження їх обробки. Цей метод пом’якшення захищає від незаконних методів профілювання, та є важливими заходами для зниження ризику комодифікації передачі даних. Таке рішення побудовано на основі досвіду таких цифрових платформ як Mydex, NextCloud, MyData Global. Дослідження приходить до висновку про необхідність правового регулювання точності оброблюючих автоматизованим шляхом даних, резервування часу такої обробки та інформативністю користувачів через розвинений дизайн е-кабінету.

Published

2022

43. RESPONSABILIDAD CIVIL EN LA LEY GENERAL DE PROTECCIÓN DE DATOS PERSONALES Y LA REGLA DE HAND

Author

Santos, Rômulo Marcel Souto dos, Leitão, André Studart, and Wolkart, Erik Navarro

Subjects

Direito Civil, personal data processing, LGPD, negligence, rule of Hand, tratamiento de datos personales, responsabilidad civil, regla de Hand, tratamento de dados pessoais, responsabilidade civil, regra de Hand

Abstract

Objective: This article proposes to investigate the issue of civil liability for damages arising from the processing of personal data, under the terms and limits in which it is regulated by Federal Law No. 13.709, of August 14, 2018, known as the General Law of Personal Data Protection (LGPD). The central question to be answered, as it is not clearly defined by the infra-constitutional legislator, says with the type of civil liability provided for in the LGPD, whether objective or subjective. It is intended to analyze, in addition, whether Hand's rule, formulated by the American magistrate Learned Hand, can be useful to delimit the responsibility for negligence of agents processing personal data.Methodology: The research method used will be qualitative-deductive, with a view to confirming the hypotheses raised for the resolution of the exposed problem. For this purpose, the concepts of objective and subjective civil liability will be established, as well as the central aspects of the special legislation related to that liability, notably with regard to agents for processing personal data, will be analyzed. Since the legislator has not clarified the nature of civil liability regulated by the LGPD, it will be investigated whether the processing of personal data can be included in the list of risky activities, attracting the incidence of art. 927, sole paragraph, of the Brazilian Civil Code.Results: A relationship was found between civil liability provided for in the law protecting personal data and Hand's rule, suggesting that the understanding of the American judge Learned Hand can be useful for the delimitation of civil liability arising from the processing of personal data. It was also evidenced that the processing of personal data is a multiple activity, not always capable of being included in the area of risky activities.Contributions: Use of the Hand rule as a useful criterion to assess the civil liability of personal data processing agents in cases of negligence liability. Objetivo: Este artículo se propone investigar el tema de la responsabilidad civil por daños y perjuicios derivados del tratamiento de datos personales, en los términos y límites en los que se regula por la Ley Federal N ° 13.709, de 14 de agosto de 2018, conocida como Ley General de Protección de Datos Personales (LGPD). La pregunta central a responder, al no estar claramente definida por el legislador infraconstitucional, dice con el tipo de responsabilidad civil prevista en la LGPD, ya sea objetiva o subjetiva. Se pretende analizar, además, si la Regla de Hand, formulada por el magistrado estadounidense Learned Hand, puede ser útil para delimitar la responsabilidad por negligencia de los agentes que procesan datos personales.Metodología: El método de investigación utilizado será cualitativo-deductivo, con el fin de confirmar las hipótesis planteadas para la resolución del problema expuesto. A tal efecto, se establecerán los conceptos de responsabilidad civil objetiva y subjetiva, así como se analizarán los aspectos centrales de la legislación especial relacionada con dicha responsabilidad, en particular en lo que se refiere a los agentes del tratamiento de datos personales. Dado que el legislador no ha aclarado la naturaleza de la responsabilidad civil regulada por la LGPD, se investigará si el tratamiento de datos personales puede incluirse en la lista de actividades de riesgo, atrayendo la incidencia del art. 927, párrafo único, del Código Civil brasileño.Resultados: Se encontró una relación entre la responsabilidad civil prevista en la ley de protección de datos personales y la Regla de Hand, sugiriendo que la comprensión del juez estadounidense Learned Hand puede ser útil para la delimitación de la responsabilidad civil derivada del tratamiento de datos personales. También se evidenció que el tratamiento de datos personales es una actividad múltiple, no siempre susceptible de ser incluida en el área de actividades de riesgo.Contribuciones: Uso de la Regla de Hand como criterio útil para evaluar la responsabilidad civil de los agentes procesadores de datos personales en casos de responsabilidad por negligencia. Objetivo:O presente artigo se propõe a investigar o tema da responsabilidade civil por danos decorrentes do tratamento de dados pessoais, fazendo-o nos termos e nos limites em que regulado pela Lei Federal nº 13.709, de 14 de agosto de 2018, cognominada Lei Geral de Proteção de Dados Pessoais (LGPD). A indagação central a ser respondida, por não ter sido definida de forma clara pelo legislador infraconstitucional, diz respeito ao tipo de responsabilidade civil previsto na LGPD, se de índole objetiva ou subjetiva. Pretende-se analisar, em complemento, se a regra de Hand, formulada pelo magistrado estadunidense Learned Hand, pode ser útil à delimitação da responsabilidade por negligência dos agentes de tratamento de dados pessoais.Metodologia: O método de pesquisa utilizado será o qualitativo-dedutivo, com vistas à confirmação das hipóteses suscitadas para a resolução da problemática exposta. Para tanto, serão estabelecidos os conceitos de responsabilidade civil objetiva e subjetiva, bem como analisados os aspectos centrais da legislação especial relacionados à referida responsabilidade, notadamente no que diz respeito aos agentes de tratamento de dados pessoais. Não tendo o legislador esclarecido a natureza da responsabilidade civil regulada pela LGPD, será investigado se o tratamento de dados pessoais pode ser inserido no rol de atividades de risco, a atrair a incidência do art. 927, parágrafo único, do Código Civil brasileiro.Resultados: Encontrou-se uma relação entre a responsabilidade civil prevista na lei protetiva de dados pessoais e a regra de Hand, sugerindo-se que a compreensão do juiz estadunidense Learned Hand pode ser útil à delimitação da responsabilidade civil decorrente do tratamento de dados pessoais. Evidenciou-se, ainda, que o tratamento de dados pessoais é atividade múltipla, nem sempre passível de enquadramento na seara das atividades de risco.Contribuições: Utilização da regra de Hand como critério útil para aquilatar a responsabilidade civil dos agentes de tratamento de dados pessoais em casos de responsabilidade por negligência.

Published

2022

44. The New European Commission Decision on Standard Contractual Clauses: A System Reform?

Author

Bertoldi, Chiara

Subjects

personal data processing, data protection, standard contractual clauses, controller and processor's responsibility, cross border data flows, Commission Implementing Decision

Abstract

European Papers - A Journal on Law and Integration, 2021 6(3), 1363-1365, European Forum Highlight of 24 February 2022, The evolution of an increasingly globalized market has resulted in the expansion of international trade through transnational data flows. Standard contractual clauses (SCC) are one of the most commonly used legal bases for transferring personal data beyond EU borders. The new Decision of the Commission on SCC represents a major innovation for the transfers of data. This Highlight offers an overview of the model clauses and addresses some of its new features, especially as to the relationship with art. 3(2) of Regulation (EU) 679/2016.

Published

2022

45. 6698 Sayılı Kişisel Verilerin Korunması Kanunu Kapsamında Kişisel Verilerin İşlenmesi ve Açık Rıza

Author

Batu, Betül, Ayan, Nurşen, and Selçuk Üniversitesi

Subjects

Kişisel Verilerin İşlenmesi, Explicit Consent, Personal Data Processing, Personal Data, Personality Rights, Veri Koruma Hukuku, Kişilik Hakları, Data Protection Law, Açık Rıza, Kişisel Veri

Abstract

Teknolojik gelişmelerle beraber kişisel verilerin taşıdığı değer, her geçen gün daha da artmaktadır. Kişisel verinin kolayca kaydedilen ve paylaşılan bir forma dönüşmesi, onu bireysel sınırların çok ötesine taşımıştır. Siyasî, sosyal, ticarî ve ekonomik amaçlarla kullanılması ve bir menfaat kaynağına dönüşmesi, birey açısından çoğu zaman farkında bile olmadığı hak ihlâllerini doğurur. Birey ve toplum güvenliğinin önemli bir parçası olması ve artan hak ihlâlleri nedeniyle ulusal ve uluslararası hukuk metinlerinde kişisel verilerin işlenmesi ile ilgili temel ilkeler belirlenmiştir. Bu ilkelerden bir kısmı, kişisel verilerin işlenmesine ilişkindir. Bu çalışma, 6698 sayılı Kişisel Verilerin Korunması Kanunu’na göre kişisel verilerin işlenmesi esasları ve veri sahibinin açık rızası üzerine odaklanır. Birinci bölümde, tarihî gelişimiyle beraber kişisel veri kavramı, kişisel verilerin korunmasını temin eden ulusal ve uluslararası hukuk normları açıklanmıştır. İkinci bölümde, kişisel veri kavramının niteliği, unsurları kişisel verinin işlenme esasları belirtilmiştir. Üçüncü bölümde, açık rıza kavramı, açık rızanın unsurları, hukukî mahiyeti, istisnaları, şekli, beyan zamanı, rıza beyanında bulunma ehliyeti, ispat yükü ve geri alınması, açık rızanın aranmadığı haller, 6698 Sayılı Kanunun yürürlüğe girmesinden önce alınan rızaların geçerliliği ve genel nitelikli verilerin işlenmesinde aranan açık rıza kavramı ile özel nitelikli verilerin işlenmesinde aranan açık rıza kavramlarının karşılaştırılması konularına değinilmiştir, Thanks to the technological developments, the value of personal data has been increasing day by day. Nowadays, personal data are easily recorded and shared. Hence such transformation has taken personal data far beyond individual borders. The fact that using it for political, social, commercial and economic purposes and turning it into a source of interest often unwittingly results in violations of rights. In consequence of increasing right infringements and being an important part of individual and social security, basic principles regarding the processing of personal data have been determined in national and international legal texts. Some of these principles are related to the processing of personal data. This study focuses on the principles of processing personal data pursuant to the Law on the Protection of Personal Data (Law No. 6698) and the data subject’s explicit consent. In the first chapter, the concept of personal data has been explained together with its historical development along with national and international legal norms ensuring the protection of personal data. In the second chapter, the nature and elements of the concept of personal data have been explained along with the principles of processing personal data. In the third chapter, this research demonstrates and explain following concepts: explicit consent and its elements, the legal nature of explicit consent, its exceptions, its timing, capacity of giving consent, its proof and withdrawal, and the circumstance that explicit consent is not necessary. At the same time, this chapter explains the validity of explicit consent, and comparison between the explicit consent sought for processing ordinary aggravated information and exceptional information, before article number 6698 has been introduced by law

Published

2022

46. Consideraciones básicas en materia de privacidad

Subjects

derecho deportivo, personal data processing, sports law, public administrations, administraciones públicas, tratamiento de datos personales, Derecho del deporte, reglamento general de protección de datos, general data protection regulation

Abstract

El objetivo principal del presente estudio de investigación consiste en ofrecer un análisis sistemático de los aspectos fundamentales a tener en consideración en todos tratamientos de datos personales realizados en materia de Derecho deportivo al amparo del Reglamento general de protección de datos y en la Ley Orgánica de Protección de Datos Personales y de Garantía de Derechos Digitales. En concreto, además de profundizar en el principio de licitud, lealtad y transparencia como base jurídica fundamental, se diseccionan los contornos esenciales del consentimiento como instrumento más idóneo para garantizar la adecuación del procesamiento, haciendo especial énfasis en las singularidades que ello presenta cuando quienes intervienen las Administraciones Públicas., The main objective of this research study is to offer a systematic analysis of the fundamental aspects to be taken into consideration in all processing of personal data carried out in the field of sports law under the General Data Protection Regulation and the Organic Law on the Protection of Personal Data and the Guarantee of Digital Rights. Specifically, in addition to delving into the principle of lawfulness, fairness and transparency as a fundamental legal basis, the essential contours of consent as the most suitable instrument for guaranteeing the adequacy of the processing are dissected, placing special emphasis on the singularities that this presents when Public Administrations are involved., Número de páginas: 16, Revista Española de Derecho Deportivo. Volumen y número 49 (01/2022), páginas 73-88, I. A modo de introducción. II. Exigencias del principio de accountability: A. Planteamiento. B. Cesiones de datos por los propios deportistas. C. Datos personales provenientes de terceros ajenos al interesado. III. Justificaciones legales para el tratamiento de datos personales de deportistas. IV. Datos personales sensibles: aspectos a tener en consideración. V. Bibliografía.

Published

2022

47. Zastosowanie zarządzania ryzykiem w przetwarzaniu danych osobowych w systemach informatycznych

Author

Agnieszka Dornfeld and Ewa Kulińska

Subjects

risk management, identification and risk analysis, personal details, personal data processing, IT systems, Marketing. Distribution of products, HF5410-5417.5, Finance, HG1-9999

Abstract

The risk management was presented in the area of personal details processing and control mechanisms in the department of public finances were presented in this paper. In terms of control mechanisms the changes in the Personal Data Protection Act which is effective on 1 January 2015 was considered. The changes concern new role of an administrator of information safety.

Published

2015

48. Éthique et sciences cognitives : Introduction au dossier

Author

Khamassi, Mehdi, Chatila, Raja, and Mille, Alain

Subjects

personal data processing, Ethics, cognitive science, decision-making, reasoning, moral dilemmas, behavioral influence, artificial cognitive systems, algorithms, sciences cognitives, décision, Éthique, raisonnement, dilemmes moraux, influence comportementale, systèmes artificiels cognitifs, algorithmes, traitement des données personnelles, General Medicine

Abstract

Ethics and Cognitive Sciences. This special issue presents a set of contributions aimed at discussing ethical questions related to the cognitive science field. The goal is dual : raising ethical questions that may appear specific to cognitive science, as well as more general ethical issues on which cognitive science knowledge could shed a new light. Among the specific questions, this issue raises a number of questions related to potential applications of cognitive science research, such as the application of neuroscience to the juridical domain, of artificial intelligence to the development of autonomous artificial systems or to the processing of personal data, and of behavioral sciences to public policies. Among the general questions is raised the question whether cognitive science can bring a new perspective on humans’ ethical decisions and moral dilemmas, given the fact that decision-making and cognition are core objects of research of the field. Shall our understanding of what ethics is at the XXIst century be revised given the new knowledge generated by cognitive science research ? The interdisciplinary points of views expressed in this special issue contribute to highlight that, rather than trying to give a sole response to ethical debates in replacement of other disciplines, cognitive science has the responsibility to underline with precaution and modesty some ethical questions to which the field can bring new knowledge which could contribute with other disciplines to update the characterization of ethical behaviors and reasoning in humans., Ce volume présente un ensemble de contributions visant à discuter de questions éthiques liées au champ des sciences cognitives. Il s’agit à la fois d’aborder des questions éthiques qui sembleraient spécifiques des sciences cognitives, et des questions éthiques générales auxquelles les sciences cognitives pourraient apporter un éclairage particulier. Sont soulevés notamment les problèmes liés à un certain nombre d’applications des sciences cognitives, comme celles des neurosciences au cadre juridique, de l’intelligence artificielle aux systèmes artificiels autonomes ou au traitement des données personnelles, ou encore des sciences comportementales aux politiques publiques. Parmi les questions générales, il s’agit de voir dans quelle mesure les sciences cognitives, pour qui la cognition humaine est un des objets d’étude centraux, incluant la manière dont nous prenons des décisions et nous nous posons des dilemmes moraux, peut apporter une vision nouvelle ou éventuellement une caractérisation plus précise des processus cognitifs sous-jacents. Notre vision de ce qu’est l’éthique au XXIe siècle doit-elle être révisée au regard des nouvelles connaissances en sciences cognitives ? L’interdisciplinarité des points de vue esquissés dans ce numéro contribue à souligner que loin de chercher à remplacer les autres disciplines pour tenter de répondre seules aux questions éthiques générales, les sciences cognitives se doivent de souligner avec précaution et modestie des questionnements éthiques sur lesquelles elles peuvent apporter de nouvelles connaissances qui contribueraient avec d’autres disciplines à actualiser la caractérisation des comportements et raisonnements éthiques chez l’humain., Khamassi Mehdi, Chatila Raja, Mille Alain. Éthique et sciences cognitives : Introduction au dossier. In: Intellectica. Revue de l'Association pour la Recherche Cognitive, n°70, 2019/1. Éthique et Sciences Cognitives. pp. 7-39.

Published

2019

49. International experience in personal data protection

Author

Neznamova, Alla Andreevna, Kuleshov, Georgyi Nickolaevich, Turkin, Mikhail Mikhailovich, Neznamova, Alla Andreevna, Kuleshov, Georgyi Nickolaevich, and Turkin, Mikhail Mikhailovich

Abstract

The article is devoted to the analysis of various approaches to the protection of personal data in Russia and the European Union. In order to determine the importance of observing the right to protection of personal data, a number of documents of the European Commission adopted over the past few years have been analyzed. General scientific and special legal methods of cognition allowed for a comparative analysis of Regulation 2016/679 on the Protection of Individuals in the Processing of Personal Data and Their Free Movement (2018) and EU Directive 2016/680. Although Russia has ratified the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (1981), it has not been able to solve a number of problems related to the mandatory notification about personal data leaks, protection of personal data during their processing and against unauthorized access, etc. As a result, conclusions are drawn regarding the prevailing approaches to the definition of personal data and a unified conceptual and categorical apparatus in the field of personal data. Proposals for the modernization of Russian legislation based on international experience are made as well., El artículo está dedicado al análisis de varios enfoques para la protección de datos personales en Rusia y la Unión Europea. Para identificar la importancia de guardar el derecho a la protección de datos personales, se han analizado unos documentos de la Comisión Europea adoptados en los últimos años. Los métodos científicos generales y legales individuales de cognición han permitido el análisis comparativo del Reglamento 2016/679 sobre la protección de las personas durante el procesamiento de datos personales y la libertad de circulación (2018) y la Directiva de la Unión Europea 2016/680. Se ha revelado que aunque Rusia ha ratificado el Convenio del Consejo de Europa para la protección de las personas con respecto al procesamiento automático de datos personales (1981), no ha podido resolver una serie de problemas relacionados con la notificación obligatoria sobre filtración de datos personales, protección de datos personales durante el procesamiento y contra el acceso no autorizado, etc. Como resultado, se ha deducido con respecto a los enfoques predominantes para la definición de datos personales y se ha desarrollado el aparato conceptual y categórico unificado en el campo de los datos personales y se han preparado las propuestas específicas para modernizar la legislación rusa basada en la experiencia internacional.

Published

2020

50. La «autodeterminación informativa» como barrera a la libertad de información y al ejercicio profesional del periodismo

Subjects

Tratamiento de datos personales, Informática, Internet, Personal data processing, Journalism, Protection of data, Computing, Censorship, Autodeterminació informativa, Autodeterminación informativa, Web, Protecció de dades, Periodisme, Protección de datos, Libertad de información, Freedom of information, Informative self-determination, Tractament de dades personals, Llibertat d'informació

Published

2021