Data Protection & Privacy in the Information Age COMNET – Legal Frameworks for ICTs Malta 2013 Dr Antonio Ghio Dr Jeanine Rizzo.

Slides:



Advertisements
Similar presentations
Re-use of PSI Data Protection Issues Cécile de Terwangne Professor at the Law Faculty, Research Director at CRIDS University of Namur (Belgium) 2 nd LAPSI.
Advertisements

Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.
PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR
European CommissionDirectorate-General Justice, Freedom and Security Data Protection 1 Conference on Cross Border Data Flows & Privacy October 15-16, 2007.
DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.
HIPSSAPROJECT Support for Harmonization of the ICT Policies in Sub-Sahara Africa Meeting with Data Protection Law Stakeholders 28/29 th August, 2013 PRESENTATION.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
Convention for the protection of individual with regard to automatic processing of personal data “The purpose of this convention is to secure in the territory.
22 April 2014, Cavalieri Hotel, St. Julians, Malta Data protection and Privacy Laws Dr Oleksandr (Alex) Pastukhov Senior Lecturer Dept. of Information.
Protection of Personal Data, Historical context In 1982, Iceland signed the Council of Europe Convention nr. 108 from 1981 for the Protection.
The Data Protection (Jersey) Law 2005.
Data Protection.
Signature (unit, name, etc.) Introduction to biometrics from a legal perspective Yue Liu Mar NRCCL, UIO.
DATA PROTECTION and Research University Research Ethics Committee – David Cauchi Office of the Data Protection Commissioner.
What does the Data Protection Act do? It sets standards which must be satisfied when obtaining, recording, holding, using, disclosing or disposing of.
ILONA GAVRONSKA GROUP IL-41 INTERNATIONAL LAW DEPARTMENT KYIV NATIONAL ACADEMY OF SCIENCES OF UKRAINE KYIV UNIVERSITY OF LAW.
Attorney at the Bars of Paris and Brussels Database exploitation & Data protection Thibault Verbiest Amsterdam 1 April 2005
Data Protection Overview
 The Data Protection Act 1998 is an Act of Parliament which defines UK law on the processing of data on identifiable living people and it is the main.
Lawyer at the Brussels Bar Lecturer at the University of Strasbourg Assistant at the University of Brussels Data Protection & Electronic Communications.
European data protection and privacy regulations Johny GASSER Orange Business Services – Consulting & Solutions Integration International Cyber Center.
Monitoring of the internet: between the need of security, the interests of the economy and protection of the private life Hugo Lança Beja - Portugal.
LexisNexis Confidential EU Privacy Framework Michael Lamb LexisNexis Risk Solutions Vice President and Lead Counsel: Regulatory, Privacy & Policy May 19,
The Data Protection Act 1998 The Eight Principles.
Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.
INTERNATIONAL E-DISCOVERY: WHEN CULTURES COLLIDE Alvin F. Lindsay Hogan & Hartson LLP.
Ioannis Iglezakis Data Protection. Definition of Data Protection The legal protection of individuals with regard to automatic processing of personal information.
Data Protection Principles as Basic Foundation for Data Protection in EU/EEA Introduction to Data Protection Theory Seminar - AFIN Stephen.
DATA PROTECTION ACT INTRODUCTION The Data Protection Act 1998 came into force on the 1 st March It is more far reaching than its predecessor,
Data Protection Principles as Basic Foundation for Data Protection in EU/EEA Introduction to Data Protection Theory Seminar - AFIN Stephen.
Sharing Information Legally Lindsay Ould London Borough of Lewisham.
Presented by Ms. Teki Akuetteh LLM (IT and Telecom Law) 16/07/2013Data Protection Act, 2012: A call for Action1.
Protection of Personal Information Act An Analysis on the impact.
Clark Holt Limited (Co. No ), Hardwick House, Prospect Place, Swindon, SN1 3LJ Authorised and regulated by the Solicitors Regulation.
TRANSBORDER DATA FLOWS INA MEIRING. THE PROTECTION OF PERSONAL INFORMATION ACT (“POPI”) > 'personal information' means information relating to an identifiable,
Data Protection Laws in the European Union John Armstrong CMS Cameron McKenna.
Students’ Unions 2011 Data Protection and Students’ Unions Mairead O’Reilly 19 July 2011.
Personal Data Protection
Processing for archiving purposes in the GDPR
Luca De Matteis Justice counsellor (criminal law, data protection)
Issues of personal data protection in scientific research
General Data Protection Regulation (GDPR)
General Data Protection Regulation
GDPR Overview Gydeline – October 2017
General Data Protection Regulation: Turning the black into white
GDPR Overview GDPR - General Data Protection Regulations
GDPR Overview Gydeline – October 2017
EU Directive 95/46/EC (Paragraph 2) “Whereas data-processing systems are designed to serve man; whereas they must Respect their fundamental rights.
Data Protection & Freedom of Information- An Introduction
GENERAL DATA PROTECTION REGULATION (GDPR)
The General Data Protection Regulation (GDPR)
Protecting Assignee Data Throughout the Supply Chain
New Data Protection Legislation
State of the privacy union
G.D.P.R General Data Protection Regulations
GDPR Overview and Use Cases.
Data Protection principles
Relocation CARNIVAL come one…come all
Report on data protection legislation Case of Romania
IMPLICATIONS OF GDPR ROBERT BELL.
GDPR Workshop MEU Symposium Prague 2018
Information Handling Research Student Induction Day
PERSONAL INFORMATION BILL
Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.
Welcome IITA Inbound Insider Webinar: An Introduction to GDPR
Public Privacy: juridical & ethical perspective
Legal Basis: CRITERIA FOR MAKING DATA PROCESSING LEGITIMATE
Dr Elizabeth Lomas The General Data Protection Regulation (GDPR): Changing the data protection landscape Dr Elizabeth Lomas
General Data Protection Regulation (GDPR)
General Data Protection Regulation
Presentation transcript:

Data Protection & Privacy in the Information Age COMNET – Legal Frameworks for ICTs Malta 2013 Dr Antonio Ghio Dr Jeanine Rizzo

The Right to Privacy Everything is Information Protecting the information which belongs to ourselves Privacy as a Fundamental Human Right - Article 8 of ECHR Informational Self-Determination - the 1970 Law of Hesse The 1973 Law of Sweden

Data Protection Legislation Technology affords the means to amass, correlate and manipulate personal information The absence of legislative safeguards may allow abuse of this information Safeguarding the individuals right to privacy

Essential Features have obligations Data Controllers have obligations have rights Individuals have rights

What is Personal Data? Any Information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity

The Actors Data Subjects A person who alone or jointly with others determines the purposes and means of the processing of personal data A natural person to whom the personal data relates Data Controller Data Processor A person who processes personal data on behalf of a controller

Processing Any operation or set of operations which is taken in regard to personal data, whether or not it occurs by automatic means collection recording organization storage adaptation alteration retrieval gathering erasure use disclosure dissemination alignment combination blocking destruction

Sensitive Personal Data Personal data that reveals race or ethnic origin, political opinions, religious or philosophical beliefs, membership of a trade union, health, or sex life

Data Protection Principles - Fair And Lawful Processing - In accordance with good practice - Personal Data only collected for specific, explicitly stated and legitimate purposes - Not be processed for any purpose that is incompatible with that for which the information is collected - Processing adequate and relevant in relation to the purposes of processing - No more Personal Data is processed than is necessary and is not kept for a period longer than necessary - Correct and up to date - All reasonable measures are taken to complete, correct, block or erase data to the extent that such data is incomplete or incorrect

Criteria for Processing - when data subject has unambiguously given his consent - necessary for the performance of a contract - necessary for compliance with a legal obligation of the controller - to protect the vital interests of the data subject - necessary for the performance of an activity that is carried out in the public interest or in the exercise of official authority vested in the controller or in a third party to whom the data is disclosed

Consent Processing always permitted if the data subject has given consent to the processing General consent to any and all conceivable processing that the controller may wish to perform is not sufficient Consent need not normally be explicit. (If the data subject by way of his or her actions accepts certain processing, it is likely that the data subject will be deemed to have given consent) The data subject is normally entitled to revoke consent at any time Any freely given specific and informed indication of the wishes of the data subject by which he signifies his agreement to personal data relating to him being processed

Privacy in the 21 st Century Is Privacy DEAD?

Google Streetview

iPhone Location Data

Biometrics

A law reflecting the past

Technology Neutrality?

Informational Self-Determination Applying accepted principles within new technological frameworks Applying accepted data protection principles within new technological frameworks Technological Neutrality Legal Certainty

New Proposed DP Regulations Right to be Forgotten

Grazzi!