The European Union As Guardian Of Internet Privacy

This book examines the role of the EU in ensuring privacy and data protection on the internet. It describes and demonstrates the importance of privacy and data protection for our democracies and how the enjoyment of these rights is challenged by, particularly, big data and mass surveillance. The book takes the perspective of the EU mandate under Article 16 TFEU. It analyses the contributions of the specific actors and roles within the EU framework: the judiciary, the EU legislator, the independent supervisory authorities, the cooperation mechanisms of these authorities, as well as the EU as actor in the external domain. Article 16 TFEU enables the Court of the Justice of the EU to play its role as constitutional court and to set high standards for fundamental rights protection. It obliges the European Parliament and the Council to lay down legislation that encompasses all processing of personal data. It confirms control by independent supervisory authorities as an essential element of data protection and it gives the EU a strong mandate to act in the global arena. The analysis shows that EU powers can be successfully used in a legitimate and effective manner and that this subject could be a success story for the EU, in times of widespread euroskepsis. It demonstrates that the Member States remain important players in ensuring privacy and data protection. In order to be a success story, the key stakeholders should be prepared to go the extra mile, so it is argued in the book. The book is based on academic research for which the author received a double doctorate at the University of Amsterdam and the Vrije Universiteit Brussels. It builds on a long inside experience within the European institutions, as well as within the community of data protection and data protection authorities. It is a must read in a time where the setting of EU privacy and data protection is changing dramatically, not only as a result of the rapidly evolving information society, but also because of important legal developments such as the entry into force of the General Data Protection Regulation. This book will appeal to all those who are in some way involved in making this regulation work. It will also appeal to people interested in the institutional framework of the European Union and in the role of the Union of promoting fundamental rights, also in the wider world.

The historic European Union Directive on Data Protection will take effect in October 1998. A key provision will prohibit transfer of personal information from Europe to other countries if they lack “adequate” protection of privacy. If enforced as written, the Directive could create enormous obstacles to commerce between Europe and other countries, such as the United States, that do not have comprehensive privacy statutes. In this book, Peter Swire and Robert Litan provide the first detailed analysis of the sector-by-sector effects of the Directive. They examine such topics as the text of the Directive, the tension between privacy laws and modern information technologies, issues affecting a wide range of businesses and other organizations, effects on the financial services sector, and effects on other prominent sectors with large transborder data flows. In light of the many and significant effects of the Directive as written, the book concludes with detailed policy recommendations on how to avoid a coming trade war with Europe. The book will be of interest to the wide range of individuals and organizations affected by the important new European privacy laws. More generally, the privacy clash discussed in the book will prove a major precedent for how electronic commerce and world data flows will be governed in the Internet Age.

In the age of technological advancement, including the emergence of artificial intelligence, big data, and the internet of things, the need for privacy and protection has risen massively. This phenomenon has led to the enforcement of two major legal directives in the European Union (EU) that aim to provide vigorous protection of personal data. There is a need for research on the repercussions and developments that have materialized with these recent regulations and how the rest of the world has been affected. Personal Data Protection and Legal Developments in the European Union is an essential reference source that critically discusses different aspects of the GDPR and the Law Enforcement Directive as well as recent jurisprudential developments concerning data privacy in the EU and its member states. It also addresses relevant recent case law of the Court of Justice of the EU, the European Court of Human Rights, and national courts. Featuring research on topics such as public transparency, medical research data, and automated decision making, this book is ideally designed for law practitioners, data scientists, policymakers, IT professionals, politicians, researchers, analysts, academicians, and students working in the areas of privacy, data protection, big data, information technology, and human rights law.

Since the Snowden revelations, the adoption in May 2016 of the General Data Protection Regulation and several ground-breaking judgments of the Court of Justice of the European Union, data protection and privacy are high on the agenda of policymakers, industries and the legal research community. Against this backdrop, Data Protection and Privacy under Pressure sheds light on key developments where individuals’ rights to data protection and privacy are at stake. The book discusses the persistent transatlantic tensions around various EU-US data transfer mechanisms and EU jurisdiction claims over non-EU-based companies, both sparked by milestone court cases. Additionally, it scrutinises the expanding control or surveillance mechanisms and interconnection of databases in the areas of migration control, internal security and law enforcement, and oversight thereon. Finally, it explores current and future legal challenges related to big data and automated decision-making in the contexts of policing, pharmaceutics and advertising.

GDPR: Personal Data Protection in the European Union Mariusz Krzysztofek Personal data protection has become one of the central issues in any understanding of the current world system. In this connection, the European Union (EU) has created the most sophisticated regime currently in force with the General Data Protection Regulation (GDPR) (EU) 2016/679. Following the GDPR’s recent reform – the most extensive since the first EU laws in this area were adopted and implemented into the legal orders of the Member States – this book offers a comprehensive discussion of all principles of personal data processing, obligations of data controllers, and rights of data subjects, providing a thorough, up-to-date account of the legal and practical aspects of personal data protection in the EU. Coverage includes the recent Court of Justice of the European Union (CJEU) judgment on data transfers and new or updated data protection authorities’ guidelines in the EU Member States. Among the broad spectrum of aspects of the subject covered are the following: – right to privacy judgments of the CJEU and the European Court of Human Rights; – scope of the GDPR and its key definitions, key principles of personal data processing; – legal bases for the processing of personal data; – direct and digital marketing, cookies, and online behavioural advertising; – processing of personal data of employees; – sensitive data and criminal records; – information obligation & privacy notices; – data subjects rights; – data controller, joint controllers, and processors; – data protection by design and by default, data security measures, risk-based approach, records of personal data processing activities, notification of a personal data breach to the supervisory authority and communication to the data subject, data protection impact assessment, codes of conduct and certification; – Data Protection Officer; – transfers of personal data to non-EU/EEA countries; and – privacy in the Internet and surveillance age. Because the global scale and evolution of information technologies have changed the data processing environment and brought new challenges, and because many non-EU jurisdictions have adopted equivalent regimes or largely analogous regulations, the book will be of great usefulness worldwide. Multinational corporations and their customers and contractors will benefit enormously from consulting and using this book, especially in conducting case law, guidelines and best practices formulated by European data protection authorities. For lawyers and academics researching or advising clients on this area, this book provides an indispensable source of practical guidance and information for many years to come.

On 25 January 2012, the European Commission presented its long awaited new “Data protection package”. With this proposal for a drastic revision of the data protection framework in Europe, it is fair to say that we are witnessing a rebirth of European data protection, and perhaps, its passage from an impulsive youth to a more mature state. Technology advances rapidly and mobile devices are significantly changing the landscape. Increasingly, we carry powerful, connected, devices, whose location and activities can be monitored by various stakeholders. Very powerful social network sites emerged in the first half of last decade, processing personal data of many millions of users. Updating the regulatory network was imminent and the presentation of the new package will initiate a period of intense debate in which the proposals will be thoroughly commented upon and criticized, and numerous amendments will undoubtedly be proposed. This volume brings together some 19 chapters offering conceptual analyses, highlighting issues, proposing solutions, and discussing practices regarding privacy and data protection. In the first part of the book, conceptual analyses of concepts such as privacy and anonymity are provided. The second section focuses on the contrasted positions of digital natives and ageing users in the information society. The third section provides four chapters on privacy by design, including discussions on roadmapping and concrete techniques. The fourth section is devoted to surveillance and profiling, with illustrations from the domain of smart metering, self-surveillance and the benefits and risks of profiling. The book concludes with case studies pertaining to communicating privacy in organisations, the fate of a data protection supervisor in one of the EU member states and data protection in social network sites and online media. This volume brings together some 19 chapters offering conceptual analyses, highlighting issues, proposing solutions, and discussing practices regarding privacy and data protection. In the first part of the book, conceptual analyses of concepts such as privacy and anonymity are provided. The second section focuses on the contrasted positions of digital natives and ageing users in the information society. The third section provides four chapters on privacy by design, including discussions on roadmapping and concrete techniques. The fourth section is devoted to surveillance and profiling, with illustrations from the domain of smart metering, self-surveillance and the benefits and risks of profiling. The book concludes with case studies pertaining to communicating privacy in organisations, the fate of a data protection supervisor in one of the EU member states and data protection in social network sites and online media.

"This publication seeks to identify the relationship between freedom of expression and Internet privacy, assessing where they support or compete with each other in different circumstances. The book maps out the issues in the current regulatory landscape of Internet privacy from the viewpoint of freedom of expression. It provides an overview of legal protection, self-regulatory guidelines, normative challenges, and case studies relating to the topic. With this publication UNESCO aims to provide its Member States and other stakeholders, national and international, with a useful reference tool containing up-to-date and sharp information on emerging issues relevant to both developed and developing countries. Multiple stakeholders, preferably in dialogue, can use it in their own spheres of operation, adapting where appropriate from the range of experiences as recorded in these pages. The publication also supplies additional sources of reference for interested readers to use to further investigate each of the subjects highlighted. The publication explores a range of issues, such as: (1) threats to privacy that have developed through the Internet, (2) international legal standards on privacy and responses to these emerging issues, (3) complex intersections between the rights to privacy and freedom of expression, (4) UNESCO recommendations to states and corporations for better practice, (5) overview of literature, background material and tools on international and national policy and practice on privacy and freedom of expression on the Internet. In the coming years, UNESCO will specifically seek to disseminate information about good practices and international collaboration concerning the points of intersection between freedom of expression and privacy. Research on safeguarding the principle of freedom of expression in Internet policy across a range of issues will continue to be part of UNESCO's normative mandate and technical advice to stakeholders."--Publisher's description