{"title":"Fundamentals for a Child-Oriented Approach to Data Processing","authors":"J. Dolan","doi":"10.21552/edpl/2022/1/4","DOIUrl":"https://doi.org/10.21552/edpl/2022/1/4","url":null,"abstract":"","PeriodicalId":36819,"journal":{"name":"European Data Protection Law Review","volume":"15 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88251227","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Codes of conduct remain an underlit aspect of the EU’s General Data Protection Regulation (GDPR), which can be found in articles 40 and 41. Member States, supervisory authorities, the Board and the Commission shall encourage the drawing up of such codes ‘intended to contribute to the proper application of this Regulation’ (article 40(1) GDPR). In essence they shall ‘give operational meaning to the principles of data protection’, i.e. help to translate the abstract provisions of the GDPR into concrete obligations and procedures. The GDPR designs a system consisting of three types of codes, eachwith adifferent territorial reach. Article 40(5) and (6) describe ‘national codes of conduct’, which the European Data Protection Board (EDPB) hasmore clearly defined as ‘a codewhich covers processing activities contained in one Member State’. Article 40(7) sets out the possibility of a transnational code,which is ‘a codewhich covers processing activities in more than one Member State’. Finally, article 40(9) speaks of ‘codes having general validity’. Although this type of code is not further defined in the GDPR nor in guidance issued by the EDPB, it is implied that a code of this type can cover processing activities in all EU Member States – going one step further than transnational codes, which may apply in several but not necessarily all Member States. Intra-EU, this means that codes can not only specify the abstract principles of the GDPR for specific sectors, but that they can ‘help to bridge the harmonisation gaps that may exist between Member States in their application of data protection law’. However, codes have an important extra-EU function. The GDPR’s Chapter V sets out the rules for international data transfers, i.e. the transfer of personal data from the Union to recipients in third countries or to international organisations. These data flows have a dedicated chapter in the GDPR since the European legislator wants to safeguard that the level of protection of natural persons ensured in the EU is not undermined when the data leaves the EU’s territory. Chapter V of the GDPR is particularly notable because it constructs what Kuner describes as a threetiered structure. Adequacy decisions are placed at the top of the hierarchy, appropriate safeguards – including the use of codes of conduct – in the middle, and
{"title":"European Union ∙ EDPB Releases Final Version of ‘Guidelines 04/2021 on Codes of Conduct as Tools for Transfers’ – An Important Step with Some Rough Edges","authors":"C. Vander Maelen","doi":"10.21552/edpl/2022/3/9","DOIUrl":"https://doi.org/10.21552/edpl/2022/3/9","url":null,"abstract":"Codes of conduct remain an underlit aspect of the EU’s General Data Protection Regulation (GDPR), which can be found in articles 40 and 41. Member States, supervisory authorities, the Board and the Commission shall encourage the drawing up of such codes ‘intended to contribute to the proper application of this Regulation’ (article 40(1) GDPR). In essence they shall ‘give operational meaning to the principles of data protection’, i.e. help to translate the abstract provisions of the GDPR into concrete obligations and procedures. The GDPR designs a system consisting of three types of codes, eachwith adifferent territorial reach. Article 40(5) and (6) describe ‘national codes of conduct’, which the European Data Protection Board (EDPB) hasmore clearly defined as ‘a codewhich covers processing activities contained in one Member State’. Article 40(7) sets out the possibility of a transnational code,which is ‘a codewhich covers processing activities in more than one Member State’. Finally, article 40(9) speaks of ‘codes having general validity’. Although this type of code is not further defined in the GDPR nor in guidance issued by the EDPB, it is implied that a code of this type can cover processing activities in all EU Member States – going one step further than transnational codes, which may apply in several but not necessarily all Member States. Intra-EU, this means that codes can not only specify the abstract principles of the GDPR for specific sectors, but that they can ‘help to bridge the harmonisation gaps that may exist between Member States in their application of data protection law’. However, codes have an important extra-EU function. The GDPR’s Chapter V sets out the rules for international data transfers, i.e. the transfer of personal data from the Union to recipients in third countries or to international organisations. These data flows have a dedicated chapter in the GDPR since the European legislator wants to safeguard that the level of protection of natural persons ensured in the EU is not undermined when the data leaves the EU’s territory. Chapter V of the GDPR is particularly notable because it constructs what Kuner describes as a threetiered structure. Adequacy decisions are placed at the top of the hierarchy, appropriate safeguards – including the use of codes of conduct – in the middle, and","PeriodicalId":36819,"journal":{"name":"European Data Protection Law Review","volume":"23 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88282040","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Portugal ∙ The Portuguese DPA’s ‘To Do’ List for Unsolicited Marketing","authors":"G. Canto Moniz","doi":"10.21552/edpl/2022/2/16","DOIUrl":"https://doi.org/10.21552/edpl/2022/2/16","url":null,"abstract":"","PeriodicalId":36819,"journal":{"name":"European Data Protection Law Review","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87192011","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"European Union ∙ Commission Delegated Regulation (EU) 2022/30 Supplementing Directive 2014/53/EU on Radio Equipment: Strengthening Cybersecurity, Privacy and Personal Data Protection of Wireless Devices","authors":"P. Giorgio Chiara","doi":"10.21552/edpl/2022/1/15","DOIUrl":"https://doi.org/10.21552/edpl/2022/1/15","url":null,"abstract":"","PeriodicalId":36819,"journal":{"name":"European Data Protection Law Review","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88126588","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Lithuanian Supreme Administrative Court Undertakes a Legitimate Interests Assessment in a Seminal Case on Journalistic Expression","authors":"N. Bitiukova","doi":"10.21552/edpl/2022/1/19","DOIUrl":"https://doi.org/10.21552/edpl/2022/1/19","url":null,"abstract":"","PeriodicalId":36819,"journal":{"name":"European Data Protection Law Review","volume":"94 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86215140","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Increased Negotiation Power for the Data Subject: A Matter of Interpretation and Enforcement","authors":"D. Dimitrova","doi":"10.21552/edpl/2022/4/7","DOIUrl":"https://doi.org/10.21552/edpl/2022/4/7","url":null,"abstract":"","PeriodicalId":36819,"journal":{"name":"European Data Protection Law Review","volume":"26 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80081836","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Poland ∙ First Empirical Insights on Article 82 GDPR in National Courts","authors":"H. Bekisz, D. Dworniczak","doi":"10.21552/edpl/2022/4/12","DOIUrl":"https://doi.org/10.21552/edpl/2022/4/12","url":null,"abstract":"","PeriodicalId":36819,"journal":{"name":"European Data Protection Law Review","volume":"50 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75921119","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Police Body-Worn Cameras as a Tool for Achieving Police Reform","authors":"M. D. White, A. Malm","doi":"10.21552/edpl/2022/2/4","DOIUrl":"https://doi.org/10.21552/edpl/2022/2/4","url":null,"abstract":"","PeriodicalId":36819,"journal":{"name":"European Data Protection Law Review","volume":"9 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76343292","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"United Kingdom ∙ The Court of Appeals Judgment Concerning the Legality of the ‘Immigration Exception’ for Data Processing","authors":"L. Woods","doi":"10.21552/edpl/2022/1/20","DOIUrl":"https://doi.org/10.21552/edpl/2022/1/20","url":null,"abstract":"","PeriodicalId":36819,"journal":{"name":"European Data Protection Law Review","volume":"31 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79335482","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"All Talk, No Action? The Effect of the GDPR Accountability Principle on the EU Data Protection Paradigm","authors":"T. Karjalainen","doi":"10.21552/edpl/2022/1/6","DOIUrl":"https://doi.org/10.21552/edpl/2022/1/6","url":null,"abstract":"","PeriodicalId":36819,"journal":{"name":"European Data Protection Law Review","volume":"243 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73639410","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: