{"title":"Erratum to: Reflections on the murky legal practices of political micro-targeting from a GDPR perspective","authors":"C. B. Casagran, Mathias Vermeulen","doi":"10.1093/idpl/ipab019","DOIUrl":"https://doi.org/10.1093/idpl/ipab019","url":null,"abstract":"","PeriodicalId":51749,"journal":{"name":"International Data Privacy Law","volume":"106 1","pages":""},"PeriodicalIF":2.1,"publicationDate":"2021-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80894705","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"EU data protection under the TCA: the UK adequacy decision and the twin GDPRs","authors":"Anastasia Choromidou","doi":"10.1093/idpl/ipab021","DOIUrl":"https://doi.org/10.1093/idpl/ipab021","url":null,"abstract":"","PeriodicalId":51749,"journal":{"name":"International Data Privacy Law","volume":"79 1","pages":""},"PeriodicalIF":2.1,"publicationDate":"2021-10-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85922621","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Cobwebs of control: the two imaginations of the data controller in EU law","authors":"Michèle Finck","doi":"10.1093/idpl/ipab017","DOIUrl":"https://doi.org/10.1093/idpl/ipab017","url":null,"abstract":"","PeriodicalId":51749,"journal":{"name":"International Data Privacy Law","volume":"67 1","pages":""},"PeriodicalIF":2.1,"publicationDate":"2021-08-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82265751","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Reflections on the murky legal practices of political micro-targeting from a GDPR perspective","authors":"Cristina Blasi Casagran, Mathias Vermeulen","doi":"10.1093/idpl/ipab018","DOIUrl":"https://doi.org/10.1093/idpl/ipab018","url":null,"abstract":"","PeriodicalId":51749,"journal":{"name":"International Data Privacy Law","volume":"23 5","pages":""},"PeriodicalIF":2.1,"publicationDate":"2021-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72406758","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
•Provisions in many data protection laws require a legal basis, or at the very least safeguards, for significant, solely automated decisions; Article 22 of the GDPR is the most notable. •Little attention has been paid to Article 22 in light of decision-making processes with multiple stages, potentially both manual and automated, and which together might impact upon decision subjects in different ways. •Using stylised examples grounded in real-world systems, we raise five distinct complications relating to interpreting Article 22 in the context of such multi-stage profiling systems. •These are: the potential for selective automation on subsets of data subjects despite generally adequate human input; the ambiguity around where to locate the decision itself; whether ‘significance’ should be interpreted in terms of any potential effects or only selectively in terms of realised effects; the potential for upstream automation processes to foreclose downstream outcomes despite human input; and that a focus on the final step may distract from the status and importance of upstream processes. •We argue that the nature of these challenges will make it difficult for courts or regulators to distil a set of clear, fair and consistent interpretations for many realistic contexts.
{"title":"Is That Your Final Decision? Multi-Stage Profiling, Selective Effects, and Article 22 of the GDPR","authors":"Reuben Binns, Michael Veale","doi":"10.31235/osf.io/7mq6z","DOIUrl":"https://doi.org/10.31235/osf.io/7mq6z","url":null,"abstract":"•Provisions in many data protection laws require a legal basis, or at the very least safeguards, for significant, solely automated decisions; Article 22 of the GDPR is the most notable. •Little attention has been paid to Article 22 in light of decision-making processes with multiple stages, potentially both manual and automated, and which together might impact upon decision subjects in different ways. •Using stylised examples grounded in real-world systems, we raise five distinct complications relating to interpreting Article 22 in the context of such multi-stage profiling systems. •These are: the potential for selective automation on subsets of data subjects despite generally adequate human input; the ambiguity around where to locate the decision itself; whether ‘significance’ should be interpreted in terms of any potential effects or only selectively in terms of realised effects; the potential for upstream automation processes to foreclose downstream outcomes despite human input; and that a focus on the final step may distract from the status and importance of upstream processes. •We argue that the nature of these challenges will make it difficult for courts or regulators to distil a set of clear, fair and consistent interpretations for many realistic contexts.","PeriodicalId":51749,"journal":{"name":"International Data Privacy Law","volume":"38 1","pages":""},"PeriodicalIF":2.1,"publicationDate":"2021-08-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72885708","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Breach of security vs personal data breach: effect on EU data subject notification requirements","authors":"Rogers Alunge","doi":"10.1093/idpl/ipaa021","DOIUrl":"https://doi.org/10.1093/idpl/ipaa021","url":null,"abstract":"","PeriodicalId":51749,"journal":{"name":"International Data Privacy Law","volume":"1 1","pages":""},"PeriodicalIF":2.1,"publicationDate":"2021-08-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86528519","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Problems with controller-based responsibility in EU data protection law","authors":"Benjamin Wong","doi":"10.1093/idpl/ipab014","DOIUrl":"https://doi.org/10.1093/idpl/ipab014","url":null,"abstract":"","PeriodicalId":51749,"journal":{"name":"International Data Privacy Law","volume":"36 1","pages":""},"PeriodicalIF":2.1,"publicationDate":"2021-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87989767","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Opening remarks given at the online conference on the GDPR and international organizations held on 26 February 2021: I am delighted to take part in this online conference. It reminds me of some things I did during my time as the European Data Protection Supervisor (EDPS) and also of an event 4 years ago at UN Headquarters in New York, organized by the IAPP (International Association of Privacy Professionals), and UN Global Pulse, an initiative of the Secretary General of the United Nations to use big data and artificial intelligence for sustainable development, humanitarian action, and global peace. During that event on ‘Data Ethics’, we spent a full day on how ‘responsible data processing’ and ‘data privacy’ could be made an integral part of any such activities by international organizations (IOs), in the countries involved and at global level. In other words, the relevance of today’s event is obvious to me and it also raises interesting legal issues and practical challenges, which we will be discussing today.
在2021年2月26日举行的《通用数据保护条例》与国际组织在线会议上的致辞:我很高兴参加这次在线会议。这让我想起了我在担任欧洲数据保护主管(EDPS)期间所做的一些事情,也让我想起了4年前在纽约联合国总部举办的一场活动,该活动由国际隐私专业人员协会(IAPP)和联合国全球脉动(UN Global Pulse)组织,后者是联合国秘书长发起的一项倡议,旨在利用大数据和人工智能促进可持续发展、人道主义行动和全球和平。在关于“数据道德”的活动中,我们花了一整天的时间讨论如何让“负责任的数据处理”和“数据隐私”成为国际组织(IOs)在相关国家和全球范围内开展的此类活动的组成部分。换句话说,今天事件的相关性对我来说是显而易见的,它也提出了有趣的法律问题和实际挑战,这是我们今天将要讨论的。
{"title":"Data protection and international organizations: a dialogue between EU law and international law","authors":"P. Hustinx","doi":"10.1093/IDPL/IPAB015","DOIUrl":"https://doi.org/10.1093/IDPL/IPAB015","url":null,"abstract":"Opening remarks given at the online conference on the GDPR and international organizations held on 26 February 2021: I am delighted to take part in this online conference. It reminds me of some things I did during my time as the European Data Protection Supervisor (EDPS) and also of an event 4 years ago at UN Headquarters in New York, organized by the IAPP (International Association of Privacy Professionals), and UN Global Pulse, an initiative of the Secretary General of the United Nations to use big data and artificial intelligence for sustainable development, humanitarian action, and global peace. During that event on ‘Data Ethics’, we spent a full day on how ‘responsible data processing’ and ‘data privacy’ could be made an integral part of any such activities by international organizations (IOs), in the countries involved and at global level. In other words, the relevance of today’s event is obvious to me and it also raises interesting legal issues and practical challenges, which we will be discussing today.","PeriodicalId":51749,"journal":{"name":"International Data Privacy Law","volume":"27 1","pages":""},"PeriodicalIF":2.1,"publicationDate":"2021-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81500929","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A certain standard of protection for international transfers of personal data under the GDPR","authors":"Zuzanna Gulczyńska","doi":"10.1093/IDPL/IPAB013","DOIUrl":"https://doi.org/10.1093/IDPL/IPAB013","url":null,"abstract":"","PeriodicalId":51749,"journal":{"name":"International Data Privacy Law","volume":"17 1","pages":""},"PeriodicalIF":2.1,"publicationDate":"2021-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83618375","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: