| Argentina | Belgium | Canada | France | Germany | Israel | Italy | Luxembourg | Mexico | Morocco | Norway | South Africa | Spain | Switzerland | Tunisia.

Slides:



Advertisements
Similar presentations
Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.
Advertisements

PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR
Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.
The Gathering Cloud computing - Legal considerations David Goodbrand, Partner 28 February 2013 Aberdeen Edinburgh Glasgow.
Net Neutrality, What Else? Wim Nauwelaerts Partner Hunton & Williams.
Innovation through participation Attributes Release Working Group European data protection directive REFEDS meeting 22th Apr, 2012
EU Cross-Border Care Directive from the Primary Care perspective Results of a simulation Rita Baeten Gothenburg, 3 September 2012.
Global Information Systems
The European Union legal framework for clinical data access: The European Union legal framework for clinical data access: potential challenges and opportunities.
Lecture to Carleton University, Center for European Studies, December 1, 2010.
What if my organization conducts business across borders ? Your footnote Privacy and “Personal Information” have different meanings in different countries;
Anomalous Aspects of Transfer of Personal Data from the E.U. to the U.S. Stephen R. Bell Willkie Farr & Gallagher ABA Section of International Law New.
Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
DATA PROTECTION AND PATIENT CONFIDENTIALITY IN RESEARCH Nic Drew Data Protection Manager University Hospital of Wales   
Audiences NI Data Protection Workshop
Class 13 Internet Privacy Law European Privacy.
THE CHOICES WE MAKE THAT MATTER – International Data Privacy/Protection JILL L. UREY, ASSISTANT GENERAL COUNSEL MID-ATLANTIC CIO FORUM NOVEMBER 20, 2014.
Attorney at the Bars of Paris and Brussels Database exploitation & Data protection Thibault Verbiest Amsterdam 1 April 2005
 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.
Lawyer at the Brussels Bar Lecturer at the University of Strasbourg Assistant at the University of Brussels Data Protection & Electronic Communications.
Web 2.0 Presentation BUS 111 Michael Elliott.  Logos Skype.
Privacy Law for Network Administrators Steven Penney Faculty of Law University of New Brunswick.
CLOUD AND SECURITY: A LEGISLATOR'S PERSPECTIVE 6/7/2013.
LexisNexis Confidential EU Privacy Framework Michael Lamb LexisNexis Risk Solutions Vice President and Lead Counsel: Regulatory, Privacy & Policy May 19,
Case COMP/ – ENI (Abuse of Dominant Position) International Competition Law Dushanka Dovichinska 24 Nov 2010.
L, E & P ISSUES1 Follow up on PSP: The PSP is about QUALITY - numerous measures are used - with the obvious commitments to data collection. One of the.
The Data Protection Act 1998 The Eight Principles.
SIS- Schengen Information System The Office for personal data protection.
1 WFC 2015, Mexico Worldwide implementation of the PFMI Froukelien Wendt, Monetary and Capital Markets Department, IMF.
7-Oct-15 Threat on personal data Let the user be aware Privacy and protection.
The Eighth Asian Bioethics Conference Biotechnology, Culture, and Human Values in Asia and Beyond Confidentiality and Genetic data: Ethical and Legal Rights.
Unique in the crowd: The privacy bounds of human mobility Y.-A. de Montjoye, C. A. Hidalgo, M. Verleysen, and V. D. Blondel, Scientific reports, vol. 3,
Data Protection Compliance Professor Ian Walden Institute of Computer and Communications Law, Centre for Commercial Law Studies, Queen Mary, University.
IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.
The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;
Privacy by Design – Principles of Privacy-Aware Ubiquitous Systems Marc Langheinrich - Swiss Federal Institute of Technology, Zurich Whitney Hess.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. BUSINESS PLUG-IN B19 Global Information Systems.
Data protection and compliance in context 19 November 2007 Stewart Room Partner.
DG Information Society The EU and Data Retention Data Retention Meeting London, 14 May 2003 Philippe GERARD, DG Information Society The positions.
THE DATA PROTECTION ACT Data Protection Act 1998 DPA 1. Reasons2. People3. Principles 4. Exemptions 4 key points you need to learn/understand/revise.
Personal data processed in cloud infrastructures: main legal aspects Avv. Enrico Pelino Attorney at Law at Bologna Bar, Italy Senior Associate at ICTlegalconsulting.
Privacy and Data Protection in e-Communications Sector Legislation, Codes of Practice and Standards Privacy and Data Protection in e-Communications Sector.
Privacy, data protection and connected cars Lilian Edwards, Professor of Internet Law University of Strathclyde Researcher in Residence, Digital Catapult.
GCSE ICT Data and you: The Data Protection Act. Loyalty cards Many companies use loyalty cards to encourage consumers to use their shops and services.
Data protection—training materials [Name and details of speaker]
1 Vereniging van Compliance Officers The Compliance Function in Banks Amsterdam, 10 June 2004 Marc Pickeur CBFA CBFA.
Business Challenges in the evolution of HOME AUTOMATION (IoT)
M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 2– Freedom Movement for Workers Bilateral.
Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.
Regulation models addressing data protection issues in the EU concerning RFID technology Ioannis Iglezakis Assistant Professor in Computers & Law Faculty.
Pioneers in secure data storage devices. Users have become more accustomed to using multiple devices, are increasingly mobile, and are now used to storing.
Convention 108 and the EU framework: Differing while Converging
Surveillance around the world
Brussels Privacy Symposium on Identifiability
GDPR (General Data Protection Regulation)
Data Protection: EU & International
The Most Visited Countries
Buy real and fake drivers license, passport, ID cards,
International Regulatory Trends
Museums + Heritage webinar, 30 November 2017
The European Union General Data Protection Regulation (GDPR)
EU Directive 95/46/EC (Paragraph 2) “Whereas data-processing systems are designed to serve man; whereas they must Respect their fundamental rights.
AILA and AIDA Why? A presentation to the AILA Conference Michael Gill,
Employee Privacy and Privacy of Employee Information
SURVEILLANCE IN THE WORKPLACE: WHAT YOU SHOULD KNOW
Data transfers to non-EU countries under the new GDPR
Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.
The EDPS: competences and processing of personal data in EU funds
EU Data Protection Legislation
The EU General Data Protection Regulation
Presentation transcript:

| Argentina | Belgium | Canada | France | Germany | Israel | Italy | Luxembourg | Mexico | Morocco | Norway | South Africa | Spain | Switzerland | Tunisia | United Kingdom | USA HERE, THERE AND EVERYWHERE i.e. MOBILITY DATA UNDER EU LEGISLATION Raffaele ZALLONE

Four «freedoms» are at the basis of E.U.: free circulation of goods, services, capitals, people Directive 95/46/EC on protection of..personal data «and on the free movement of such data» HERE, THERE AND EVERYWHERE i.e. MOBILITY DATA UNDER EU LEGISLATION

Mobility data : ? ? ? No definition in the law Directive 2002/58/EC only defines “Location data” Location data is a static concept, while mobility data implies the concept of movement HERE, THERE AND EVERYWHERE i.e. MOBILITY DATA UNDER EU LEGISLATION

Mobility can be related to: - The physical movement of a person in space and time (e.g. credit card data, airline data) - The physical movement of a device (e.g: RFID’s, mobile phones, tablets, etc) univocally linked to a person - The movement of personal information on a network or within an IT infrastructure (e.g.: Internet browsing data, cloud computing) HERE, THERE AND EVERYWHERE i.e. MOBILITY DATA UNDER EU LEGISLATION

The data protection principles of EU Law: - Personal data must be processed for specific purposes and processed in a way compatible with such purposes (the purposes and the transaparency principles) - Personal data must be adequate, relevant and not excessive (quality principle) - Personal Data can be transferred only to countries providing adequate protection (location principle) HERE, THERE AND EVERYWHERE i.e. MOBILITY DATA UNDER EU LEGISLATION

Mobility Data in EU – W.P. Article 29 RFID’s: W.P. 105 of January 19, 2005 Location data in VAS: W.P. 115 of November 25, 2005 Geo-location services on smartphones: W.P. 185 of May 16, 2011 HERE, THERE AND EVERYWHERE i.e. MOBILITY DATA UNDER EU LEGISLATION

RFID’s : the data principles must be complied with Controllers must check that data being processed comply with quality principles If products are sold with imbedded RFID’s, at check out consumers must have the possibility to have them removed HERE, THERE AND EVERYWHERE i.e. MOBILITY DATA UNDER EU LEGISLATION

W.P. 115 ON LOCATION DATA First EU documento to address smartphones Traffic data: necessary to supply the services. No consent required Other data: consent required “when processing sensitive data” Open issue: is consent required when not processing sensitive data? HERE, THERE AND EVERYWHERE i.e. MOBILITY DATA UNDER EU LEGISLATION

W.P. 185 ON GEOLOCATION SERVICES OFFERED ON SMART MOBILE DEVICES Privacy risks: geo-location services: -may give “on intimate overview of habits and patterns” and -may reveal sensitive data when reveals “visits to hospital and/or religious places” -Allows constant monitoring, that could be done without informing the data subject -Risks of theft, burglary, physical aggression, stalking HERE, THERE AND EVERYWHERE i.e. MOBILITY DATA UNDER EU LEGISLATION

Controllers: application providers, telecom operators, developers of operating system Legitimate grounds for processing: informed consent, specific and updated, with emphasis on unexpected purposes (behavioral mktg) Data subject right Retention period HERE, THERE AND EVERYWHERE i.e. MOBILITY DATA UNDER EU LEGISLATION

From theory to practice ITALY Geo-location processing of buses allowed, even if potential control of bus drivers was possible (June 5, 2008) Geo-location processing on the part of Alpine Rescue organizations (Dec. 19, 2008) HERE, THERE AND EVERYWHERE i.e. MOBILITY DATA UNDER EU LEGISLATION

The Netherlands Tom-Tom navigation system – Dec Processed personal data and passed them to third parties (police, but also commercial parties) Tom-Tom has undertaken to require consent by Feb Only anonymous and aggregate data to third parties: no violation of Law HERE, THERE AND EVERYWHERE i.e. MOBILITY DATA UNDER EU LEGISLATION

CONCLUSIONS So far limited attention but interest raising Proposed EU Regulation calls for fines up to 2% of w/w turnover Things to do: - check processing in light of data protection principles - make sure a comprehensive notice is available to users - be specific in indicating purposes of processing - if notice is OK, then consent can be obtained through a conduct (e.g. use of the device) HERE, THERE AND EVERYWHERE i.e. MOBILITY DATA UNDER EU LEGISLATION

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.