Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy, Data Protection and Lex Informatica -- lecture 6 Dr. Lee A. Bygrave, 27.2.2006.

Published byJosephine Blankenship Modified over 9 years ago

Similar presentations

Presentation on theme: "Privacy, Data Protection and Lex Informatica -- lecture 6 Dr. Lee A. Bygrave, 27.2.2006."— Presentation transcript:

1 Privacy, Data Protection and Lex Informatica -- lecture 6 Dr. Lee A. Bygrave, 27.2.2006

2 Lecture overview Core principles of data protection laws –Information quality –Data subject participation and control –Disclosure limitation –Information security –Sensitivity –Other new principles? Monitoring and enforcement mechanisms

3 Information quality DPD Art 6(1)(c), 6(1)(d)) –Multi-facetted; variation in terminology –key criteria: validity, relevance, completeness –variation in terms of stringency of monitoring requirements –insufficient focus on quality of information systems?

4 Data subject participation and control –duties of information/orientation (DPD Art 10-11) –NB special rule in Norwegian and Icelandic laws with respect to profile use and video surveillance –duties to collect data directly from data subject –duties of consent (DPD Art 7 & 8) –opt-in vs opt-out issue; explicit vs implicit consent –access and rectification rights (DPD Art 12) –NB access to logic in automated decisions –rights to object to direct marketing and automated decision making (DPD Art 14 & 15)

5 Disclosure limitation Minimum rule: data should not be disclosed except with consent of data subject or by authority of law Not separate principle in DPD but o/wise important (see, eg, OECD Guidelines – “use limitation” principle)

6 Information security DPD Art 17 –Does Art 17 encourage usage of PETs? –Cf special rule on wartime planning in Danish law

7 Sensitivity DPD Art 8 –A principle in its own right? –A practicable principle? –Not strongly manifested in all jurisdictions, particularly those o/side Europe (but this is changing a little)

8 Other principles? Anonymity? Automated decision making?

9 Monitoring/enforcement Monitoring and enforcement mechanisms –Data Protection Authorities (DPAs) –Licensing / notification schemes –Role of judiciary and quasi-judicial bodies?

10 Data Protection Authorities Main requirements (see DPD Art 28; CoE Convention Additional Protocol Art 1): –functional independence –variety of tasks with broad discretionary powers –reporting, monitoring, complaints handling, rule development, enforcement; intervention –must be more than mere ombudsmen (?) Increasing need for cross-jurisdictional expertise (DPD Art 28(6))

11 Licensing/notification schemes Licensing = prior approval req’d from DPA Notification = prior notification req’d Rationales: Ex ante control Transparency Contact between controllers and DPAs Learning / sensory mechanisms

12 Licensing/notification (2) Balance under DPD (Arts 18-20) –notification = main rule; licensing = exception (recital 54) Cf earlier regimes (eg Norway, Sweden, France) –exemption from notification if internal data protection officer appointed (Art 18(2)) Problems with licensing Divergence in EU/EEA eg, Norway vs Sweden

Download ppt "Privacy, Data Protection and Lex Informatica -- lecture 6 Dr. Lee A. Bygrave, 27.2.2006."

Similar presentations

Re-use of PSI Data Protection Issues Cécile de Terwangne Professor at the Law Faculty, Research Director at CRIDS University of Namur (Belgium) 2 nd LAPSI.

Re-use of PSI Data Protection Issues Cécile de Terwangne Professor at the Law Faculty, Research Director at CRIDS University of Namur (Belgium) 2 nd LAPSI.
PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR

PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR
1 IS THERE A FUNDAMENTAL RIGHT TO FORGET? Bruxelles – 20 May 2009.

1 IS THERE A FUNDAMENTAL RIGHT TO FORGET? Bruxelles – 20 May 2009.
Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.

Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.
DATA PROTECTION and Research University Research Ethics Committee – 30.05.2008 David Cauchi David Cauchi Office of the Commissioner for Data Protection.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi David Cauchi Office of the Commissioner for Data Protection.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
CHARTERED SECRETARIES AUSTRALIA New Privacy Laws 6 June 2013.

CHARTERED SECRETARIES AUSTRALIA New Privacy Laws 6 June 2013.
DATA PROTECTION and Research University Research Ethics Committee – 08.05.2006 David Cauchi Office of the Data Protection Commissioner.

DATA PROTECTION and Research University Research Ethics Committee – David Cauchi Office of the Data Protection Commissioner.
On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.

On Privacy-aware Information Lifecycle Management (ILM) in Enterprises: Setting the Context Marco Casassa Mont Hewlett-Packard.
Data Protection and Ethics Committees in Social Science Research

Data Protection and Ethics Committees in Social Science Research
Www.oaic.gov.au Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.

Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
Europol’s tailor-made data protection framework

Europol’s tailor-made data protection framework
Legal European Aspects of Digital Rights Management © Abdullah Sherbini 2006 بسم الله الرحمن الرحيم.

Legal European Aspects of Digital Rights Management © Abdullah Sherbini 2006 بسم الله الرحمن الرحيم.
Data Protection Data Protection Acts 1988 & 2003 Directive 95/46/EC Privacy.

Data Protection Data Protection Acts 1988 & 2003 Directive 95/46/EC Privacy.
Transborder dataflows Flow of information across national borders Much of this data involves personal information.

Transborder dataflows Flow of information across national borders Much of this data involves personal information.
Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.

Data Protection: International. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
From European to international standards on data protection (1/2)

From European to international standards on data protection (1/2)
Class 13 Internet Privacy Law European Privacy.

Class 13 Internet Privacy Law European Privacy.
The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.

The ICO and the DPA Ken Macdonald Assistant Commissioner Information Commissioner’s Office ScotStat Public Sector Analysts Network 30 th September 2010.

Similar presentations

Ads by Google