How might the GDPR evolve? A question of politics, pace and punishment

IF 3.3 3区社会学 Q1 LAW Computer Law & Security Review Pub Date : 2024-08-17 DOI:10.1016/j.clsr.2024.106033

Gerard Buckley , Tristan Caulfield , Ingolf Becker

{"title":"How might the GDPR evolve? A question of politics, pace and punishment","authors":"Gerard Buckley , Tristan Caulfield , Ingolf Becker","doi":"10.1016/j.clsr.2024.106033","DOIUrl":null,"url":null,"abstract":"<div><p>The digital age has made personal data more valuable and less private. This paper explores the future of the European Union’s General Data Protection Regulation (GDPR) by imagining a range of challenging scenarios and how it might handle them. We analyse United States’, Chinese and European approaches (self-regulation, state control, arms-length regulators) and identify four key drivers shaping the future regulatory landscape: econopolitics, enforcement capacity, societal trust, and speed of technological development. These scenarios lead us to envision six resultant versions of GDPR, ranging from laxer protection than now to models empowering individuals and regulators. While our analysis suggests a minor update to the status quo GDPR is the most likely outcome, we argue a more robust implementation is necessary. This would entail meaningful penalties for non-compliance, harmonised enforcement, a positive case to counter the regulation-stifles-innovation narrative, defence of cross-border data rights, and proactive guidelines to address emerging technologies. Strengthening the GDPR’s effectiveness is crucial to ensure the digital age empowers individuals, not just information technology corporations and governments.</p></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":"54 ","pages":"Article 106033"},"PeriodicalIF":3.3000,"publicationDate":"2024-08-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0267364924000992/pdfft?md5=0e110841ca9f0647a9535293139f5c91&pid=1-s2.0-S0267364924000992-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Law & Security Review","FirstCategoryId":"90","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0267364924000992","RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"LAW","Score":null,"Total":0}

引用次数: 0

Abstract

The digital age has made personal data more valuable and less private. This paper explores the future of the European Union’s General Data Protection Regulation (GDPR) by imagining a range of challenging scenarios and how it might handle them. We analyse United States’, Chinese and European approaches (self-regulation, state control, arms-length regulators) and identify four key drivers shaping the future regulatory landscape: econopolitics, enforcement capacity, societal trust, and speed of technological development. These scenarios lead us to envision six resultant versions of GDPR, ranging from laxer protection than now to models empowering individuals and regulators. While our analysis suggests a minor update to the status quo GDPR is the most likely outcome, we argue a more robust implementation is necessary. This would entail meaningful penalties for non-compliance, harmonised enforcement, a positive case to counter the regulation-stifles-innovation narrative, defence of cross-border data rights, and proactive guidelines to address emerging technologies. Strengthening the GDPR’s effectiveness is crucial to ensure the digital age empowers individuals, not just information technology corporations and governments.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

GDPR 如何演变？政治、速度和惩罚问题

数字时代使个人数据变得更有价值，也更不私密。本文通过想象一系列具有挑战性的情景以及欧盟可能如何处理这些情景，探讨了欧盟《一般数据保护条例》（GDPR）的未来。我们分析了美国、中国和欧洲的方法（自我监管、国家控制、独立监管机构），并确定了塑造未来监管格局的四个关键驱动因素：经济政治、执法能力、社会信任和技术发展速度。这些情景让我们设想了 GDPR 的六种结果版本，从比现在更宽松的保护到赋予个人和监管机构权力的模式。虽然我们的分析表明，对 GDPR 现状进行小幅更新是最有可能的结果，但我们认为有必要进行更有力的实施。这就需要对违规行为进行有意义的处罚、统一执法、以正面案例反驳 "监管扼杀创新 "的说法、捍卫跨境数据权利，以及制定积极的指导方针来应对新兴技术。加强 GDPR 的有效性对于确保数字时代赋予个人而不仅仅是信息技术公司和政府权力至关重要。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Computer Law & Security Review LAW-

CiteScore

5.60

自引率

10.30%

发文量

审稿时长

67 days

期刊介绍： CLSR publishes refereed academic and practitioner papers on topics such as Web 2.0, IT security, Identity management, ID cards, RFID, interference with privacy, Internet law, telecoms regulation, online broadcasting, intellectual property, software law, e-commerce, outsourcing, data protection, EU policy, freedom of information, computer security and many other topics. In addition it provides a regular update on European Union developments, national news from more than 20 jurisdictions in both Europe and the Pacific Rim. It is looking for papers within the subject area that display good quality legal analysis and new lines of legal thought or policy development that go beyond mere description of the subject area, however accurate that may be.