@online{Irion2022d,

title = {Repairing the EU Passenger Name Record Directive: the ECJ’s judgment in Ligue des droits humains (Case C-817/19)},

author = {Irion, K.},

url = {https://europeanlawblog.eu/2022/10/11/repairing-the-eu-passenger-name-record-directive-the-ecjs-judgment-in-ligue-des-droits-humains-case-c-817-19/},

year  = {2022},

date = {2022-10-24},

urldate = {2022-10-24},

abstract = {On 21 June 2022, the European Court of Justice (ECJ) handed down its judgment in Ligue des droits humains concerning the Directive 2016/681 on passenger name record data (PNR Directive). In Ligue des droits humains, the Court now ‘repairs’ the PNR Directive by means of a Charter-conforming interpretation and, without affecting its validity, significantly modifies the permissible scale and scope of the EU-wide security practice on passengers’ data. This post summarises how the ECJ assesses the validity of the PNR Directive in light of Articles 7, 8 and 52(1) of the Charter (the fundamental right to respect for private life, to protection of personal data, and the principle of proportionality, respectively). },

howpublished = {European Law Blog},

keywords = {},

pubstate = {published},

tppubtype = {online}

}

@techreport{nokey,

title = {Study on media plurality and diversity online},

author = {Parcu, P.L. and Brogi, E. and Verza, S. et. al. and Irion, K. and Fahy, R. and Idiz, D. and Meiring, A. and Seipp, T. and Poort, J. 

},

url = {https://www.ivir.nl/study-on-media-plurality-and-diversity-online/

https://data.europa.eu/doi/10.2759/529019},

doi = {10.2759/529019},

isbn = {978-92-76-51323-0},

year  = {2022},

date = {2022-09-16},

urldate = {2022-09-16},

publisher = {Publications Office of the European Union},

abstract = {The Study on Media Plurality and Diversity Online investigates the value of safeguarding media pluralism and diversity online, focusing on (i) the prominence and discoverability of general interest content and services, and on (ii) market plurality and the concentration of economic resources. With a focus on Europe, the project is funded by a tender from the European Commission to produce a study on Media Plurality and Diversity Online and involves four partner universities: CMPF (EUI); CiTiP (Centre for Information Technology and Intellectual Property) of KU Leuven; the Institute for Information Law of the University of Amsterdam (IViR/UvA); imec-SMIT-Vrije Universiteit Brussel. The purpose of the assignment was to describe, analyse and evaluate the existing regulatory and business practices in the two areas mentioned above, and finally to elaborate some policy recommendations. Data were collected from the database of the Media Pluralism Monitor (CMPF) and through desk research, online consultations and interviews with stakeholders. The contractor was able to call on a network of national experts across the Member States to support this work.},

note = {Report commissioned by European Commission, Directorate-General for Communications Networks, Content and Technology, written by Centre for Media Pluralism and Media Freedom (CMPF), European University Institute, CiTiP (Centre for Information Technology and Intellectual Property) of KU Leuven, Institute for Information Law of the University of Amsterdam (IViR/UvA), Vrije Universiteit Brussels (Studies in Media, Innovation and Technology, VUB- SMIT)},

keywords = {},

pubstate = {published},

tppubtype = {techreport}

}

@inbook{Irion2022c,

title = {§ 16 Digitaler Handel (Handels- und Kooperationsvertrag EU/GB Handbuch)},

author = {Irion, K. and Burri, M.},

editor = {G. K\"{u}bek, C.J. Tams, J.P. Terhechte},

url = {https://www.ivir.nl/i-16-digitaler-handel-irion-burri-2/},

isbn = {978-3-8487-7188-2 },

year  = {2022},

date = {2022-09-01},

urldate = {2022-09-01},

publisher = {Nomos},

keywords = {},

pubstate = {published},

tppubtype = {inbook}

}

@misc{Network2022,

title = {The Right to Lodge a Data Protection Complaint: Ok, But Then What? An empirical study of current practices under the GDPR},

author = {European Data Protection Scholars Network

},

editor = {Irion, K. and Ausloos, J.},

url = {https://www.ivir.nl/gdpr-complaint-study-2/},

year  = {2022},

date = {2022-07-12},

urldate = {2022-07-12},

abstract = {This study examines current Data Protection Authorities' (DPA) practices related to their obligation to facilitate the submission of complaints, granting special attention to the connection between this obligation and the right to an effective judicial remedy against DPAs. It combines legal analysis and the observation of DPA websites, together with insights obtained from the online public register of decisions adopted under the ʻone-stop-shopʼ mechanism. This study was commissioned by Access Now.},

keywords = {},

pubstate = {published},

tppubtype = {misc}

}

@proceedings{Irion2022b,

title = {Algorithms Off-limits? If digital trade law restricts access to source code of software then accountability will suffer},

author = {Irion, K.},

url = {https://www.ivir.nl/facct22-125-2/},

year  = {2022},

date = {2022-06-17},

urldate = {2022-06-17},

abstract = {Free trade agreements are increasingly used to construct an additional layer of protection for source code of software. This comes in the shape of a new prohibition for governments to require access to, or transfer of, source code of software, subject to certain exceptions. A clause on software source code is also part and parcel of an ambitious set of new rules on trade-related aspects of electronic commerce currently negotiated by 86 members of the World Trade Organization. Our understanding to date of how such a commitment inside trade law impacts on governments right to regulate digital technologies and the policy space that is allowed under trade law is limited. Access to software source code is for example necessary to meet regulatory and judicial needs in order to ensure that digital technologies are in conformity with individuals’ human rights and societal values. This article will analyze the implications of such a source code clause for current and future digital policies by governments that aim to ensure transparency, fairness and accountability of computer and machine learning algorithms.},

howpublished = {In 2022 ACM Conference on Fairness, Accountability, and Transparency (FAccT ’22), June 21\textendash24, 2022, Seoul, Republic of Korea. ACM, New York, NY, USA},

keywords = {},

pubstate = {published},

tppubtype = {proceedings}

}

@article{Rucz2022b,

title = {Contribution to the public consultation on the European Media Freedom Act},

author = {Rucz, M. and Irion, K. and Senftleben, M.},

url = {https://www.ivir.nl/position-paper-european-media-freedom-act-consultation-2/},

year  = {2022},

date = {2022-03-28},

urldate = {2022-03-28},

abstract = {The announcement of the European Media Freedom Act (EMFA) has provided an important impulse for the development of new legal rules seeking to safeguard and support a free and pluralistic media environment in the European Union (EU). As indicated by Commissioners Vv{e}ra Jourov  and Thierry Breton, the initiative is set to address a wide range of persisting challenges faced by European media outlets, including political and economic pressures, unjustified interference with editorial independence, failing business models supporting journalism and issues surrounding media pluralism. Considering the broad spectrum of concerns and the centrality of a pluralist media environment for the health of democracies, the European Commission’s commitment to the EMFA is commendable and urgent. With this submission, we would like to take the opportunity to respond to the European Commission’s public consultation on the EMFA.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@conference{Irion2022,

title = {The General Data Protection Regulation though the lens of digital sovereignty},

author = {Irion, K.},

url = {https://www.ivir.nl/irion-gdpr-and-digital-sovereignty-11mar22/},

year  = {2022},

date = {2022-03-28},

urldate = {2022-03-28},

booktitle = {EU CYBER DIRECT RESEARCH SEMINAR},

abstract = {This short contribution will present and discuss the European Union’s (EU) General Data Protection Regulation (GDPR) through the lens of ‘digital sovereignty. When high-ranking representatives of EU institutions endorsed digital sovereignty this has been interpreted as a signpost for a new-found assertiveness in EU digital policy. However, digital sovereignty is conceptually fuzzy and is used to animate a wide spectrum of geopolitical, normative, and industrial ambitions. In the context of the GDPR it makes sense to operationalize digital sovereignty as the ability of rules to assert authority in a global and interdependent digital ecosystem. Conceived this way, I will reflect on how the GDPR wields transnational capacity by design in the form of safeguards against inbound and outbound circumvention.},

keywords = {},

pubstate = {published},

tppubtype = {conference}

}

@article{Irion2021e,

title = {European audiovisual media policy in the age of global video on demand services: A case study of Netflix in the Netherlands},

author = {Idiz, D. R and Irion, K. and Ebbers, J. and Vliegenthart, R.},

url = {https://doi.org/10.1386/jdmp_00070_1https://www.ivir.nl/idiz-irion-vliegenhard-ebbers-2021-jdmp-2/},

doi = {10.1386/jdmp_00070_1},

year  = {2022},

date = {2022-01-25},

urldate = {2022-01-25},

journal = {Journal of Digital Media \& Policy},

volume = {12},

number = {3},

pages = {425-449},

abstract = {This article considers the provisions in the European Union’s revised Audiovisual Media Services Directive concerning video on demand (VOD) services and the effectiveness of supply-side cultural diversity regulations in achieving their purported policy goals of increased production and consumption of European works. Because the Netherlands is the ‘country of origin’ to several multinational VOD services, including Netflix, we conducted a case study of this specific national context. We examine the quota for and prominence of European works, as well as different forms of financial obligations. We find that the former two policy tools may require new strategies to effectively reach their objectives in a nonlinear context. Our evidence also indicates that the latter remains controversial in the domestic audiovisual industry, as stakeholder positions are dependent on the type(s) of production stimulated. Based on this, we argue that securing the independence of producers and ensuring VOD services are transparent with respect to performance data are essential to promoting source diversity and a sustainable value chain.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@techreport{nokey,

title = {Evaluatie PNR Wet},

author = {Irion, K. and Es, R. van and Meeren, K. van der and Dijkman, D.},

url = {https://www.ivir.nl/publicaties/download/evaluatie-pnr-wet-1.pdf

https://repository.wodc.nl/handle/20.500.12832/3118},

year  = {2021},

date = {2021-11-11},

abstract = {Op 18 juni 2019 is de Wet gebruik van passagiersgegevens voor de bestrijding van terroristische en ernstige misdrijven (PNR-wet) in werking getreden. Deze wet verplicht de luchtvaartmaatschappijen om passagiersgegevens van elke vlucht die in Nederland vertrekt of aankomt te verstrekken aan de Passagiersinformatie-eenheid Nederland (Pi-NL). De Pi-NL mag krachtens deze wet verzamelde passagiersgegevens uitsluitend verwerken voor het voorkomen, opsporen, onderzoeken en vervolgen van terroristische misdrijven en ernstige criminaliteit. Met de aanname van de PNR-wet voldoet de Nederlandse wetgever aan zijn plicht om de EU-richtlijn 2016/681 (PNR-richtlijn) te implementeren. Dit onderzoek vervult de verplichting uit artikel 25 van de PNR-wet dat twee jaar na de inwerkingtreding van de wet een evaluatie dient plaats te vinden van de doeltreffendheid en de effecten van deze wet in de praktijk. Deze evaluatie is ook gericht op de naleving van de privacywaarborgen en op de verwerking van passagiersgegevens van intra-EU-vluchten. De periode waarop deze evaluatie betrekking heeft, loopt van de inwerkingtreding van de wet op 18 juni 2019 tot 5 juli 2021},

note = {WODC Rapport 3181, geschreven door K. Irion, R. van Es (IViR), K. van der Meeren \& D. Dijkman (It's Public), november 2021},

keywords = {},

pubstate = {published},

tppubtype = {techreport}

}

@article{Irion2021e,

title = {Governing “European values” inside data flows: : interdisciplinary perspectives},

author = {Irion, K. and Kolk, A. and Buri, M. and Milan, S.},

url = {https://policyreview.info/european-values},

doi = {10.14763/2021.3.1582},

year  = {2021},

date = {2021-10-11},

urldate = {2021-10-11},

journal = {Internet Policy Review},

volume = {10},

number = {3},

abstract = {This editorial introduces ten research articles, which form part of this special issue, exploring the governance of “European values” inside data flows. Protecting fundamental human rights and critical public interests that undergird European societies in a global digital ecosystem poses complex challenges, especially because the United States and China are leading in novel technologies. We envision a research agenda calling upon different disciplines to further identify and understand European values that can adequately perform under conditions of transnational data flows.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Bod\'{o}2021b,

title = {Personal data ordering in context: the interaction of meso-level data governance regimes with macro frameworks},

author = {Bod\'{o}, B. and Irion, K. and Janssen, H. and Giannopoulou, A.},

url = {https://policyreview.info/articles/analysis/personal-data-ordering-context-interaction-meso-level-data-governance-regimes},

doi = {10.14763/2021.3.1581},

year  = {2021},

date = {2021-10-11},

urldate = {2021-10-11},

journal = {Internet Policy Review},

volume = {10},

number = {3},

abstract = {The technological infrastructures enabling the collection, processing, and trading of data have fuelled a rapid innovation of data governance models. We differentiate between macro, meso, and micro level models, which correspond to major political blocks; societal-, industry-, or community level systems, and individual approaches, respectively. We focus on meso-level models, which coalesce around: (1) organisations prioritising their own interests over interests of other stakeholders; (2) organisations offering technological and legal tools aiming to empower individuals; (3) community-based data intermediaries fostering collective rights and interests. In this article we assess these meso-level models, and discuss their interaction with the macro-level legal frameworks that have evolved in the US, the EU, and China. The legal landscape has largely remained inconsistent and fragmented, with enforcement struggling to keep up with the latest developments. We argue, first, that the success of meso-logics is largely defined by global economic competition, and, second, that these meso-logics may potentially put the EU’s macro-level framework with its mixed internal market and fundamental rights-oriented model under pressure. We conclude that, given the relative absence of a strong macro level-framework and an intensive competition of governance models at meso-level, it may be challenging to avoid compromises to the European macro framework. },

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@inbook{Irion2021bb,

title = {Panta Rhei: A European Perspective on Ensuring a High Level of Protection of Human Rights in a World in Which Everything Flows},

author = {Irion, K.},

editor = {Burri, M.},

url = {https://www.cambridge.org/core/books/big-data-and-global-trade-law/panta-rhei/B0E5D7851240E0D2F4562B3C6DFF3011},

doi = {https://doi.org/10.1017/9781108919234.015},

year  = {2021},

date = {2021-07-05},

booktitle = {Big Data and Global Trade Law},

publisher = {Cambridge University Press},

chapter = {11},

abstract = {Human rights do remain valid currency in how we approach planetary-scale computation and accompanying data flows. Today’s system of human rights protection, however, is highly dependent on domestic legal institutions, which unravel faster than the reconstruction of fitting transnational governance institutions. The chapter takes a critical look at the construction of the data flow metaphor as a policy concept inside international trade law. Subsequently, it explores how the respect for human rights ties in with national constitutionalism that becomes increasingly challenged by the transnational dynamic of digital era transactions. Lastly, the chapter turns to international trade law and why its ambitions to govern cross-border data flows will likely not advance efforts to generate respect for human rights. In conclusion, the chapter advocates for a rebalancing act that recognizes human rights inside international trade law.

},

keywords = {},

pubstate = {published},

tppubtype = {inbook}

}

@article{Bellanova2021,

title = {Toward a Critique of Algorithmic Violence},

author = {Bellanova, R. and Irion, K. and Lindskov Jacobsen, K. and Ragazzi, F. and Saugmann, R. and Suchman, L.},

doi = {https://doi.org/10.1093/ips/olab003},

year  = {2021},

date = {2021-03-29},

journal = {International Political Sociology},

volume = {15},

number = {1},

pages = {121\textendash150},

abstract = {Questions about how algorithms contribute to (in)security are under discussion across international political sociology. Building upon and adding to these debates, our collective discussion foregrounds questions about algorithmic violence. We argue that it is important to examine how algorithmic systems feed (into) specific forms of violence, and how they justify violent actions or redefine what forms of violence are deemed legitimate. Bringing together different disciplinary and conceptual vantage points, this collective discussion opens a conversation about algorithmic violence focusing both on its specific instances and on the challenges that arise in conceptualizing and studying it. Overall, the discussion converges on three areas of concern\textemdashthe violence undergirding the creation and feeding of data infrastructures; the translation processes at play in the use of computer/machine vision across diverse security practices; and the institutional governing of algorithmic violence, especially its organization, limitation, and legitimation.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@online{Irion2021b,

title = {Formal meeting (oral evidence session): Digital trade and data},

author = {Irion, K.},

url = {https://committees.parliament.uk/event/3859/formal-meeting-oral-evidence-session/},

year  = {2021},

date = {2021-03-12},

abstract = {Oral testimony on the UK House of Commons International Trade Committee. The Committee has launched an inquiry into digital trade and data. Digital trade refers to digitally enabled, or digitally delivered, trade in goods and services. Such trade involves the movement of data. 

The Committee’s inquiry will explore a range of issues, including:

• Digital trade and data provisions in Free Trade Agreements

• Concerns around the security and privacy of data

• The environmental impact of digital trade

• Relevant legal frameworks},

keywords = {},

pubstate = {published},

tppubtype = {online}

}

@inbook{Irion2021c,

title = {Front-running legislatures can foster AI that empowers users of digital technologies},

author = {Irion, K.},

editor = {Nadia El-Imam (ed.)},

url = {https://www.ivir.nl/ki-front-running-legislatures-can-foster-ai-that-empowers-users-of-digital-technologies-2/},

year  = {2021},

date = {2021-03-05},

pages = {114-15},

organization = {NGI Forward},

keywords = {},

pubstate = {published},

tppubtype = {inbook}

}

@misc{Irion2021,

title = {AI Regulation in the European Union and Trade Law: How can accountability of AI and a high level of consumer protection prevail over a trade law discipline on source code?, study commissioned by the Vzbv, Amsterdam: Institute for Information Law, 2021},

author = {Irion, K.},

url = {https://www.ivir.nl/irion_study_ai_and_trade_21-01-26-2/},

year  = {2021},

date = {2021-01-26},

abstract = {The Federation of German Consumer Organisations (Verbraucherzentrale Bun-desverband \textendash vzbv) has commissioned this study from the Institute for Information Law (IViR) at the University of Amsterdam, in order to shed light on the cross-border supply of AI technology and its impact on EU consumer rights. In the current negotiations on electronic commerce at the World Trade Organisation (WTO), the EU supports the introduction \textendash in the legal text \textendash of a clause which prohibits the participating countries to introduce \textendash in their national laws \textendash measures that require access to, or transfer of, the source code of software, with some exceptions. This is a cause for concern for experts and rights advocates, as such a clause \textendash if not carefully conditioned \textendash can prevent future EU regulation of AI that may be harmful to consumers. This study concludes that the source code clause within trade law indeed restricts the EU’s right to regulate in the field of AI governance in several important ways.},

keywords = {},

pubstate = {published},

tppubtype = {misc}

}

@article{Irion2020d,

title = {Panta rhei: A European Perspective on Ensuring a High-Level of Protection of Digital Human Rights in a World in Which Everything Flows},

author = {Irion, K.},

url = {https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3638864},

year  = {2020},

date = {2020-11-30},

journal = {Amsterdam Law School Research Paper No. 2020},

number = {38},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@online{Irion2020c,

title = {Schrems II and Surveillance: Third Countries’ National Security Powers in the Purview of EU Law, European Law Blog},

author = {Irion, K.},

url = {https://europeanlawblog.eu/2020/07/24/schrems-ii-and-surveillance-third-countries-national-security-powers-in-the-purview-of-eu-law/},

year  = {2020},

date = {2020-07-24},

abstract = {On 16 July 2020 the Court of Justice of the European Union (CJEU) composed as Grand Chamber delivered its landmark ruling Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems (case C-311/18, “Schrems II”). The focus of my commentary will be on the aspect that EU law on cross-border transfers of personal data to a third country is not deferential to national security powers of that third country. This judgment is remarkable provided that electronic surveillance conducted by Member States’ intelligence authorities for the purpose of national security is off limits for EU law and that exceptions in international agreement are fairly regularly made for national security. This contribution will deal with the embedded assessment of a third country’s national security powers under the General Data Protection Regulation (Regulation (EU) 2016/679, GDPR) and will address the criticism that a third country is held to stricter standards than a Member State of the Union.},

keywords = {},

pubstate = {published},

tppubtype = {online}

}

@article{Irion2020bb,

title = {Pitching trade against privacy: reconciling EU governance of personal data flows with external trade},

author = {Irion, K. and Yakovleva, S. },

doi = {https://doi.org/10.1093/idpl/ipaa003},

year  = {2020},

date = {2020-04-01},

journal = {International Data Privacy Law},

volume = {10},

number = {3},

pages = {201-221},

abstract = {This article positions EU’s external governance of personal data flows against the backdrop of the international controversy on digital trade versus strict privacy laws. Now that the EU has defined its position on horizontal provisions on cross-border data flows and personal data protection, it is both timely and essential to reassess its strategy on the international transfers of personal data in the purview of its future trade agreements. For its own normative approach and regulatory autonomy, the EU has a pivotal role to play in shaping the interface between trade and privacy before the ‘free trade leviathan’ can restrict the policy choices not only of individual states but also of the EU itself. Our contribution aims to break through the present compartmentalization of privacy scholarship and trade lawyers because it situates personal data flows in both disciplines.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@techreport{Irion2020b,

title = {Prospective Policy Study on Artificial Intelligence and EU Trade Policy},

author = {Irion, K. and Williams, J.},

url = {https://www.ivir.nl/ivir_policy-paper_ai-study_online/

https://www.ivir.nl/ivir_artificial-intelligence-and-eu-trade-policy-2/},

year  = {2020},

date = {2020-01-21},

abstract = {Artificial intelligence is poised to be 21st century’s most transformative general purpose technology that mankind ever availed itself of. Artificial intelligence is a catch-all for technologies that can carry out complex processes fairly independently by learning from data. In the form of popular digital services and products, applied artificial intelligence is seeping into our daily lives, for example, as personal digital assistants or as autopiloting of self-driving cars. This is just the beginning of a development over the course of which artificial intelligence will generate transformative products and services that will alter world trade patterns. Artificial intelligence holds enormous promise for our information civilization if we get the governance of artificial intelligence right. 



What makes artificial intelligence even more fascinating is that the technology can be deployed fairly location-independent. Cross-border trade in digital services which incorporate applied artificial intelligence into their software architecture is ever increasing. That brings artificial intelligence within the purview of international trade law, such as the General Agreement on Trade in Services (GATS) and ongoing negotiations at the World Trade Organization (WTO) on trade related aspects of electronic commerce. The Dutch Ministry of Foreign Affairs commissioned this study to generate knowledge about the interface between international trade law and European norms and values in the use of artificial intelligence.},

keywords = {},

pubstate = {published},

tppubtype = {techreport}

}

@article{https://doi.org/10.1017/aju.2019.81,

title = {Toward Compatibility of the EU Trade Policy with the General Data Protection Regulation},

author = {Yakovleva, S. and Irion, K.},

url = {https://www.cambridge.org/core/journals/american-journal-of-international-law/article/toward-compatibility-of-the-eu-trade-policy-with-the-general-data-protection-regulation/04D5070244733CAEFDAA14C533BAFF7E/share/b44381ff85510e8580104599385baab8c1e3179e},

doi = {https://doi.org/10.1017/aju.2019.81},

year  = {2020},

date = {2020-01-09},

journal = {AJIL Unbound},

volume = {114},

pages = {10-14},

abstract = {The European Union’s (EU) negotiating position on cross-border data flows, which the EU has recently included in its proposal for the World Trade Organization (WTO) talks on e-commerce, not only enshrines the protection of privacy and personal data as fundamental rights, but also creates a broad exception for a Member’s restrictions on cross-border transfers of personal data. This essay argues that maintaining such a strong position in trade negotiations is essential for the EU to preserve the internal compatibility of its legal system when it comes to the right to protection of personal data under the EU Charter of Fundamental Rights and the recently adopted General Data Protection Regulation (GDPR).},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@online{Brodolini2019,

title = {Fundamental rights review of EU data collection instruments and programmes},

author = {Fondazione Giacomo Brodolini and Irion, K. },

url = {http://www.fondazionebrodolini.it/sites/default/files/final_report_0.pdf},

year  = {2019},

date = {2019-12-04},

abstract = {This report is the result of a Pilot Project requested by the European Parliament, managed by the Commission and carried out by a group of independent experts. The scope of the project was to establish and support an independent experts’ group to carry out a fundamental rights review of existing EU legislation and instruments  in the Area of Freedom, Security and Justice (AFSJ) that involve the collection, retention, storage or transfer of personal data. One outcome of the project is a database of AFSJ legislation and instruments with individual fundamental rights assessments (at http://brodolini.mbs.it/). The final report concludes that that fundamental rights safeguards need to be more consistently considered and applied in the AFSJ. The conclusions highlight five broad issues for further consideration: ambiguous definitions and open terms; law enforcement access to migration databases; the expansion of centralised databases; data retention periods; and information rights and duties.},

note = {Final report},

keywords = {},

pubstate = {published},

tppubtype = {online}

}

@techreport{Irion2019b,

title = {The independence of media regulatory authorities in Europe},

author = {Irion, K. and Delinavelli, G. and Coutinho, M.F. and Fahy, R. and Jusi\'{c}, T. and Klimkiewicz, B. and Llorens, C. and Rozgonyi, K. and Svensson, S. and Kersevan Smokvina, T. and Til, G. van},

editor = {Capello, M.},

url = {https://rm.coe.int/the-independence-of-media-regulatory-authorities-in-europe/168097e504},

year  = {2019},

date = {2019-10-01},

publisher = {European Audiovisual Observatory},

note = {Capello, M. (ed.), IRIS Special 2019-1, European Audiovisual Observatory, Strasbourg},

keywords = {},

pubstate = {published},

tppubtype = {techreport}

}

@article{Irion2019,

title = {Third Annual Detlev F. Vagts Roundtable on Transnational Law: Data Protection in a Global World},

author = {Irion, K.},

url = {https://www.cambridge.org/core/services/aop-cambridge-core/content/view/4DAD3CA357D2483729CD38B52ED6A612/S027250371900123Xa.pdf/remarks_by_kristina_irion.pdf},

doi = {https://doi.org/10.1017/amp.2019.123},

year  = {2019},

date = {2019-04-11},

journal = {Proceedings of the Annual Meeting - American Society of International Law},

volume = {112},

pages = {220-226},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Borgesius2019b,

title = {Online politieke microtargeting: Een zegen of een vloek voor de democratie?},

author = {Zuiderveen Borgesius, F. and M\"{o}ller, J. and Dobber, T. and Kruikemeier, S. and Irion, K. and Stapel, S. and Fahy, R. and Bod\'{o}, B. and Vreese, C.H. de},

url = {https://www.ivir.nl/publicaties/download/NJB_2019.pdf},

year  = {2019},

date = {2019-03-19},

journal = {Nederlands Juristenblad (NJB)},

volume = {2019},

number = {10},

pages = {528-669},

abstract = {Voor online politieke microtargeting wordt het online-gedrag van mensen in kaart gebracht en worden de verzamelde gegevens gebruikt om mensen gerichte politieke advertenties te tonen. Microtargeting is vanuit de VS komen overwaaien naar Europa en heeft voor- en nadelen voor de democratie. Microtargeting kan politieke partijen helpen om mensen effectief te bereiken en kan politieke betrokkenheid stimuleren. Maar microtargeting kan ook een bedreiging vormen voor de democratie. Zo kan een politieke partij zich verschillend voordoen aan verschillende mensen. Bovendien bedreigt het verzamelen van persoonsgegevens onze privacy. Dit artikel brengt de beloftes en bedreigingen van microtargeting voor de democratie in kaart en schetst mogelijkheden voor beleidsmakers om het gebruik van microtargeting te reguleren.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@inbook{Oostveen2018,

title = {The Golden Age of Personal Data: How to Regulate an Enabling Fundamental Right?},

author = {Oostveen, M. and Irion, K.},

url = {https://link.springer.com/chapter/10.1007/978-3-662-57646-5_2},

year  = {2018},

date = {2018-11-20},

publisher = {In: Bakhoum M., Conde Gallego B., Mackenrodt MO., Surblyt\.{e}-Namavi\v{c}ien\.{e} G. (eds) Personal Data in Competition, Consumer Protection and Intellectual Property Law. MPI Studies on Intellectual Property and Competition Law, vol 28. Springer, Berlin, Heidelberg},

abstract = {New technologies, purposes and applications to process individuals’ personal data are being developed on a massive scale. But we have not only entered the ‘golden age of personal data’ in terms of its exploitation: ours is also the ‘golden age of personal data’ in terms of regulation of its use. Understood as an enabling right, the architecture of EU data protection law is capable of protecting against many of the negative short- and long-term effects of contemporary data processing. Against the backdrop of big data applications, we evaluate how the implementation of privacy and data protection rules protect against the short- and long-term effects of contemporary data processing. We conclude that from the perspective of protecting individual fundamental rights and freedoms, it would be worthwhile to explore alternative (legal) approaches instead of relying on EU data protection law alone to cope with contemporary data processing.},

keywords = {},

pubstate = {published},

tppubtype = {inbook}

}

@book{Jusi\'{c}2018,

title = {Media Constrained by Context: International Assistance and the Transition to Democratic Media in the Western Balkans},

author = {Jusi\'{c}, T. and Irion, K.},

url = {http://ceupress.com/book/media-constrained-context},

isbn = {978-963-386-259-9},

year  = {2018},

date = {2018-10-31},

publisher = {Budapest/ New York: CEU Press, 2018},

abstract = {This book compares the results of twenty years of international media assistance in the five countries of the western Balkans. It asks what happens to imported models when they are applied to newly evolving media systems in societies in transition. Albania, Bosnia-Herzegovina, Kosovo, Macedonia, and Serbia undertook a range of media reforms to conform with accession requirements of the European Union and the standards of the Council of Europe, among others. The essays explore the nexus between the democratic transformation of the media and international media assistance in these countries. The cross-national analysis concludes that the effects of international assistance are highly constrained by local contexts. In hindsight it becomes clear that escalating media assistance does not necessarily improve outcomes.},

keywords = {},

pubstate = {published},

tppubtype = {book}

}

@inbook{Irion2018c,

title = {The right to protection of personal data: the new posterchild of European Union citizenship?},

author = {Irion, K. and Granger, M.-P.},

url = {https://www.ivir.nl/publicaties/download/The-right-to-protection-of-personal-data-prepub.pdf},

doi = {10.4337/9781788113441.00019},

year  = {2018},

date = {2018-10-31},

publisher = {Edward Elgar Publishing},

abstract = {In this chapter we argue that the right to data protection is the posterchild of EU citizenship in the digital era. We start by providing a brief overview of the gradual construction of the right to personal data protection in the EU. We then identify a range of actors who have played a particular role in the building process, including EU citizens themselves. Next, we review the current legal ‘architecture’ of the right to the protection of personal data and discuss whether it could serve as a model for the future development of EU citizenship, notwithstanding remaining challenges at the level of national implementation and public and private compliance with EU rules. Finally, we reflect on the future of the right to data protection, and its contribution to the development of EU citizenship as a legal regime.},

note = {See also: https://www.elgaronline.com/view/edcoll/9781788113434/9781788113434.xml},

keywords = {},

pubstate = {published},

tppubtype = {inbook}

}

@article{Williams2018,

title = {Dream of Californication: welcome to the Californian Consumer Privacy Act},

author = {Williams, J. and Irion, K. },

url = {https://policyreview.info/articles/news/dream-californication-welcome-californian-consumer-privacy-act/1351},

year  = {2018},

date = {2018-10-16},

journal = {Internet Policy Review},

volume = {2018},

abstract = {The California Consumer Privacy Act (CCPA), slated to enter into force on 1 January 2020, borrows some cutting edge ideas from the EU and others’ privacy regimes while also experimenting with new approaches to data privacy. Importantly, the CCPA envisages an online advertisement market in which business are prevented from “getting high on information,” 1 breaches are promptly notified, and consumers are autonomous participants with the ability to sell their data at will. Where the CCPA breaks new ground is in protecting consumers from retaliation for opting out of the sale of their data. Thus, if it lives up to its potential, the CCPA could catalyse a permanent restructuring of the online data mining business. Our contribution will shed light on the new CCPA and offer some observations in comparing it with EU’s General Data Protection Regulation (GDPR).},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@techreport{Coche2018d,

title = {How independent are you really? Updating the INDIREG methodology for future assessments of media regulators' independence: Workshop report},

author = {Coche, E. and Irion, K.},

url = {https://www.ivir.nl/publicaties/download/INDIREG-workshop-report.pdf},

year  = {2018},

date = {2018-07-13},

keywords = {},

pubstate = {published},

tppubtype = {techreport}

}

@collection{Irion2018b,

title = {Public Security Exception in the Area of non-personal Data in the European Union, Briefing Requested by the IMCO committee Policy, European Parliament, Brussels, April 2018},

author = {Irion, K.},

url = {http://www.europarl.europa.eu/RegData/etudes/BRIE/2018/618986/IPOL_BRI(2018)618986_EN.pdf},

year  = {2018},

date = {2018-04-16},

journal = {Briefing requested by the IMCO committee},

number = {PE 618.986},

abstract = {Mid-September last year the European Commission presented a proposal for a new regulation on the free flow of non-personal data in the European Union. The free movement of data in the digital single market has been called the fifth freedom complementing the existing freedoms on movement of goods, services, capital and people. The proposed regulation seeks to remove unjustified data localisation measures that fall in the scope of EU law. Often this will amount to cutting bureaucratic red tape in the private sector, such as for example removing a domestic obligation to maintain a full copy of bookkeeping on premise of an organisation in a given Member State. Member States can justify an activity that contravenes this proposal on grounds of public security - an exception this briefing is tasked with analyzing.

The briefing concludes that the fifth freedom would have a moderate impact for the European data economy. The author offers concrete guidance to the EU legislator how to improve the draft regulation in order to preserve the freedom of contract. The public security exception foreseen could be too narrow because it precludes member states to take measures that can be justified on grounds of public policy or the protection of health and life of humans, animals or plants. Drawing on the analogy with fire safety regulations in the member states it would be too early to preclude that in the future we will need local mirrors and handles. Locality continues to matter for example in the Internet of Things environment because as individuals we live in a physical place.},

howpublished = {PE 618.986},

keywords = {},

pubstate = {published},

tppubtype = {collection}

}

@periodical{Irion2018,

title = {Mitbestimmung des Betriebsrats bei der Einrichtung einer Facebook-Seite},

author = {Irion, K. and Kohte, W.},

url = {https://www.degruyter.com/view/j/juru.2018.2018.issue-3/juru-2018-0019/juru-2018-0019.xml?format=INT},

doi = {https://doi.org/10.1515/juru-2018-0019},

year  = {2018},

date = {2018-03-20},

journal = {Juristische Rundschau},

volume = {2018},

number = {3},

keywords = {},

pubstate = {published},

tppubtype = {periodical}

}

@article{Borgesius2018,

title = {Online Political Microtargeting: Promises and Threats for Democracy},

author = {Zuiderveen Borgesius, F. and M\"{o}ller, J. and Kruikemeier, S. and Fahy, R. and Irion, K. and Dobber, T. and Bod\'{o}, B. and Vreese, C.H. de},

url = {https://www.ivir.nl/publicaties/download/UtrechtLawReview.pdf},

year  = {2018},

date = {2018-02-13},

journal = {Utrecht Law Review},

volume = {14},

number = {1},

pages = {82-96},

abstract = {Online political microtargeting involves monitoring people’s online behaviour, and using the collected data, sometimes enriched with other data, to show people-targeted political advertisements. Online political microtargeting is widely used in the US; Europe may not be far behind. This paper maps microtargeting’s promises and threats to democracy. For example, microtargeting promises to optimise the match between the electorate’s concerns and political campaigns, and to boost campaign engagement and political participation. But online microtargeting could also threaten democracy. For instance, a political party could, misleadingly, present itself as a different one-issue party to different individuals. And data collection for microtargeting raises privacy concerns. We sketch possibilities for policymakers if they seek to regulate online political microtargeting. We discuss which measures would be possible, while complying with the right to freedom of expression under the European Convention on Human Rights.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@misc{Bartl2017,

title = {The Japan EU Economic Partnership Agreement: Flows of Personal Data to the Land of the Rising Sun},

author = {Bartl, M. and Irion, K.},

url = {https://www.ivir.nl/publicaties/download/Transfer-of-personal-data-to-the-land-of-the-rising-sun-FINAL.pdf},

year  = {2017},

date = {2017-10-25},

abstract = {At the EU-Japan Summit in July this year the European Union (EU) and Japan have achieved a political agreement in principle on the content of the Japan EU Economic Partnership Agreement. For Japan including data flows in the trade deal with the EU has been an important political goal besides mutual recognition of their privacy laws. The EU is currently not favorably disposed to allow data flows provisions into trade deals. Building a ‘state of the art’ digital economy between Japan and the EU is certainly possible in conformity with their data privacy laws and the classical trade law disciplines.

Our brief unpacks how flows of personal data will governed in the relationship between Japan and the EU. As a point of departure we look at the extent to which the prospective trade deal between the two economies would already cover data flows, including personal data. Next, we will take a look at the prospects for a regulatory handshake between Japan and EU providing for mutual recognition of data privacy and flows of personal data. The brief concludes with findings and recommendations on the future directions of Japan EU Economic Partnership Agreement.},

howpublished = {Online},

keywords = {},

pubstate = {published},

tppubtype = {misc}

}

@misc{Irion2017d,

title = {The independence and functioning of the regulatory authority for electronic media in Serbia, Study commissioned by the Council of Europe, Amsterdam/Brussels/Budapest/Belgrade, 2017.},

author = {Irion, K. and Ledger, M. and Svensson, S.},

url = {https://www.ivir.nl/rem-report-indiregmethodology-nov17-final-3/},

year  = {2017},

date = {2017-10-16},

abstract = {This study carries out an independent assessment of the Regulatory Authority for Electronic Media (REM) of Serbia. The scope of the study is to apply the INDIREG methodology to the REM and provide contextual interpretation of the results with policy recommendations. This study has been commissioned by the Council of Europe, on the request of REM, in the framework of the Project “Reinforcing Judicial Expertise on Freedom of Expression and the Media in South-East Europe (JUFREX)”.



REM, seated in Belgrade, is caught and operates in a challenging context: media markets in Serbia are highly saturated and government grants are awarded to selective private media. There is low upfront compliance with programme and advertisements rules as well as an overall squeeze on quality content and the accountability function of the media. Lacking the optimal support of the parliament and being sidelined by the Ministry on Culture and Information can damage the effective functioning of the independent regulator. REM in this situation appears to retreat to overly formalistic (law-abiding) activities without necessarily being effective in regulating the Serbian electronic and audiovisual media. Many stakeholders from the media sector do not perceive of REM as an authority pointing to a lack of enforcement or the deflection of responsibility which has undermined its public credibility. The study concludes with a set of recommendation how to address these challenges.},

keywords = {},

pubstate = {published},

tppubtype = {misc}

}

@techreport{Irion2017b,

title = {A Roadmap to Enhancing User Control via Privacy Dashboards},

author = {Irion, K. and Yakovleva, S. and van Hoboken, J. and Thompson, M.},

url = {https://www.ivir.nl/publicaties/download/PrivacyBridgesUserControls2017.pdf},

year  = {2017},

date = {2017-09-26},

abstract = {This report presents and draws on multidisciplinary insights into what characterises effective user control over the collection and use of personal data. User controls arise from the interplay of a number of conditions. These are partly technical but also connected to different aspects of user behaviour, the intricacies of design, as well as the internal and external incentives in privacy governance that exist today. Our review of the state of research underscores that devising effective user controls require close collaboration between different disciplines, clear regulatory guidance and scientifically-backed assessments. },

note = {Amsterdam / Hong Kong: IViR, 2017.},

keywords = {},

pubstate = {published},

tppubtype = {techreport}

}

@misc{Borgesius2017b,

title = {An Assessment of the Commission's Proposal on Privacy and Electronic Communications},

author = {Zuiderveen Borgesius, F. and van Hoboken, J. and Fahy, R. and Irion, K. and Rozendaal, M.},

url = {https://www.ivir.nl/publicaties/download/IPOL_STU2017583152_EN.pdf},

doi = {10.2861/614076},

isbn = {9789284611010},

year  = {2017},

date = {2017-06-15},

abstract = {This study, commissioned by the European Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs at the request of the LIBE Committee, appraises the European Commission’s proposal for an ePrivacy Regulation. The study assesses whether the proposal would ensure that the right to the protection of personal data, the right to respect for private life and communications, and related rights enjoy a high standard of protection. The study also highlights the proposal’s potential benefits and drawbacks more generally.},

keywords = {},

pubstate = {published},

tppubtype = {misc}

}

@article{Bod\'{o}2017,

title = {Tackling the Alggorithmic Control Crisis - the Technical, Legal, and Ethical Challenges of Research into Algorithmic Agents},

author = {Bod\'{o}, B. and Helberger, N. and Irion, K. and Zuiderveen Borgesius, F. and M\"{o}ller, J. and Velde, B. van de and Bol, N. and Es, B. van and Vreese, C.H. de},

url = {https://www.ivir.nl/publicaties/download/YJLT_2017.pdf},

year  = {2017},

date = {2017-06-07},

journal = {Yale Journal of Law \& Technology},

volume = {19},

pages = {133-180},

abstract = {Algorithmic agents permeate every instant of our online existence. Based on our digital profiles built from the massive surveillance of our digital existence, algorithmic agents rank search results, filter our emails, hide and show news items on social networks feeds, try to guess what products we might buy next for ourselves and for others, what movies we want to watch, and when we might be pregnant. Algorithmic agents select, filter, and recommend products, information, and people; they increasingly customize our physical environments, including the temperature and the mood. Increasingly, algorithmic agents don’t just select from the range of human created alternatives, but also they create. Burgeoning algorithmic agents are capable of providing us with content made just for us, and engage with us through one-of-a-kind, personalized interactions. Studying these algorithmic agents presents a host of methodological, ethical, and logistical challenges.

The objectives of our paper are two-fold. The first aim is to describe one possible approach to researching the individual and societal effects of algorithmic recommenders, and to share our experiences with the academic community. The second is to contribute to a more fundamental discussion about the ethical and legal issues of “tracking the trackers”, as well as the costs and trade-offs involved. Our paper will contribute to the discussion on the relative merits, costs and benefits of different approaches to ethically and legally sound research on algorithmic governance. We will argue that besides shedding light on how users interact with algorithmic agents, we also need to be able to understand how different methods of monitoring our algorithmically controlled digital environments compare to each other in terms of costs and benefits. We conclude our article with a number of concrete suggestions for how to address the practical, ethical and legal

challenges of researching algorithms and their effects on users and society.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Irion2017b,

title = {The Weeping Angels are back, and they attack our privacy via smart TVs},

author = {Irion, K. and Helberger, N.},

url = {https://policyreview.info/articles/news/weeping-angels-are-back-and-they-attack-our-privacy-smart-tvs/451},

year  = {2017},

date = {2017-03-10},

note = {Blogpost at Internet Policy Review: Journal of internet regulation},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Irion2017,

title = {Smart TV and the online media sector: User privacy in view of changing market realities},

author = {Irion, K. and Helberger, N.},

url = {https://www.ivir.nl/publicaties/download/Smart-TV-and-the-Online-media-sector-prepub.pdf},

doi = {http://dx.doi.org/10.1016/j.telpol.2016.12.013},

year  = {2017},

date = {2017-01-03},

journal = {Telecommunications Policy},

volume = {41},

number = {3},

pages = {170-184},

abstract = {Smart TV and online media enable precise monitoring of online media consumption, which also forms the basis for personalised recommendations. This new practice challenges EU policy in two respects. Firstly, the legality of monitoring individual media consumption and using personal data of users is primarily addressed under data protection law. Secondly, tracking of viewing behaviour and personalisation of media content can also affect individuals’ freedom to receive information, as well as the realisation of media policy objectives such as media freedom and pluralism, implications that so far are not reflected in media law and policy, or only marginally. This article addresses the increasing reliance on personal data and personalised services in the audiovisual and online media sector and queries the appropriateness of the legal status quo in light of implementation and enforcement actions in Germany and the Netherlands. The analysis concludes with a call for media policy makers and regulators to pay more attention to the issue of ‘smart surveillance’ of media users, and develops a number of concrete recommendations on how to accommodate the specific privacy concerns of media users.},

note = {See also: http://www.sciencedirect.com/science/article/pii/S0308596116302865},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@conference{Oostveen2016b,

title = {The Golden Age of Personal Data: How to Regulate an Enabling Fundamental Right?},

author = {Oostveen, M. and Irion, K.},

editor = {Bakhoum and Conde Gallego and Mackenordt and Surblyte},

year  = {2016},

date = {2016-12-15},

booktitle = {Personal Data in Competition, Consumer Protection and IP Law - Towards a Holistic Approach? },

publisher = {Springer},

series = {Amsterdam Law School Research Paper No. 2016-68},

abstract = {New technologies, purposes and applications to process individual’s personal data are developed on a massive scale. But we have not only entered the ‘golden age of personal data’ in terms of its exploitation: ours is also the ‘golden age of personal data’ in terms of regulation of its use. In this contribution, we explain how regulating the processing of an individual’s personal data can be a proxy of intervention, which directly or indirectly could benefit other individual rights and freedoms. Understood as an enabling right, the architecture of EU data protection law is capable of protecting against many of the negative short- and long-term effects of contemporary data processing. The new General Data Protection Regulation certainly strengthens aspects of this core architecture but certain regulatory innovations to cope with technological advancements and the data-driven economy appear less capably of yielding broad protection for individuals fundamental rights and freedoms. We conclude that from the perspective of protecting individual fundamental rights and freedoms, it would be worthwhile to explore alternative (legal) approaches of individual protection in contemporary data processing.},

keywords = {},

pubstate = {published},

tppubtype = {conference}

}

@article{Irion2016b,

title = {Trade and privacy: Complicated bed fellows? How to achieve data protection-proof free trade agreements},

author = {Irion, K.},

url = {https://www.ivir.nl/publicaties/download/EP_panel_trade_and_privacy_speaking_notes-1.pdf},

year  = {2016},

date = {2016-10-18},

note = {Speaking notes for a panel debate hosted by MEP Viviane Reding at the European Parliament on 12 October 2016.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{Moeller2016,

title = {Shrinking core? Exploring the differential agenda setting power of traditional and personalized news},

author = {M\"{o}ller, J. and Helberger, N. and Trilling, D. and Irion, K. and Vreese, C.H. de},

url = {http://www.emeraldinsight.com/doi/pdfplus/10.1108/info-05-2016-0020},

doi = {http://dx.doi.org/10.1108/info-05-2016-0020},

year  = {2016},

date = {2016-09-27},

journal = {info},

volume = {18},

number = {6},

pages = {26-41},

abstract = {A shared issue agenda provides democracies with a set of topics that structure the

public debate. The advent of personalized news media that use smart algorithms to tailor the

news offer to the user challenges the established way of setting the agenda of such a common

core of issues. This paper tests the effects of personalized news use on perceived importance

of these issues in the common core. In particular we study whether personalized news use

leads to a concentration at the top of the issue agenda or to a more diverse issue agenda with

a long tail of topics. Based on a cross-sectional survey of a representative population sample

(N=1556), we find that personalized news use does not lead to a small common core in which

few topics are discussed extensively, yet there is a relationship between personalized news

use and a preference for less discussed topics. This is a result of a specific user profile of

personalized news users: younger, more educated news users are more interested in topics at

the fringes of the common core and also make more use of personalized news offers. The

results are discussed in the light of media diversity and recent advances in public sphere

research.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@techreport{,

title = {Trade and privacy: complicated bedfellows? How to achieve data protection-proof free trade agreements},

author = {Irion, K. and Yakovleva, S. and Bartl, M.},

url = {https://www.ivir.nl/publicaties/download/trade_and_privacy.pdf},

year  = {2016},

date = {2016-07-14},

abstract = {Study commissioned by the European Consumer Organisation/Bureau Europ\'{e}en des Unions de Consommateurs (BEUC), Center for Digital Democracy (CDD), The Transatlantic Consumer Dialogue (TACD) and European Digital Rights (EDRi), 13 July 2016, Amsterdam.



The results of the study were widely covered in the Dutch and European media:



‘Privacy onvoldoende gewaarborgd in handelsverdragen EU‘, nu.nl, 13 juli 2016



‘EU stelt privacy burgers onvoldoende veilig‘, Digital Telegraaf, 13 juli 2016



‘EU stelt privacy burgers onvoldoende veilig‘, Einhovens Dagblad, 13 juli 2016



Monika Ermert, ‘Transatlantischer Zoff: Digitaler Datenschutz oder digitaler Protektionismus?‘, 16 July 2016, heise.de



L\'{e}a Auffret, ‘Why privacy safeguards in trade deals need urgent improvement‘, 20 October 2016, beuc.eu},

keywords = {},

pubstate = {published},

tppubtype = {techreport}

}

@article{,

title = {The Best of Both Worlds? Free Trade in Services and EU Law on Privacy and Data Protection},

author = {Yakovleva, S. and Irion, K.},

url = {http://www.ivir.nl/irion_yakovleva-2016-the-best-of-both-worlds/},

year  = {2016},

date = {2016-06-24},

journal = {European Data Protection Law Review},

number = {2},

pages = {191-208.},

abstract = {

	The article focuses on the interplay between European Union (EU) law on privacy and data protection and international trade law, in particular the General Agreement on Trade in Services (GATS) and the WTO dispute settlement system. The argument distinguishes between the effects of international trade law in the EU legal order on the one hand, and, on the other hand, how EU data protection law would fare in a hypothetical challenge under the GATS. The contribution will apply international trade law and the general exception in GATS Article XIV to typical requirements stemming from EU data protection law, especially on transfers of personal data to third countries. The article enumerates the specific legal risks for defending EU law on privacy and data protection and explains the practical implications of its hypothetical challenge under the GATS. These insights could be useful for the EU’s negotiators of the future bi- or multilateral free trade agreements, notably the Transatlantic Trade and Investment Partnership and the Trade in Services Agreement.

},

note = {

	Prepublication version of the article.

},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@misc{,

title = {The Reform of the e-Privacy Directive: How to get it right?},

author = {Irion, K.},

url = {http://www.ivir.nl/publicaties/download/1758.pdf},

year  = {2016},

date = {2016-04-08},

note = {

	Presentation delivered at the public conference organized by the Greens/EFA, 6 April 2016, European Parliament, Brussels.

},

keywords = {},

pubstate = {published},

tppubtype = {presentation}

}

@techreport{,

title = {Smart TV and data protection - Introduction},

author = {N.A.N.M.  van Eijk and K.  Irion and T.  McGonagle},

url = {http://www.ivir.nl/publicaties/download/1742.pdf},

year  = {2016},

date = {2016-03-10},

abstract = {

	The structure of this study is built around the following questions:


	- What is smart TV?


	- How does smart TV compare with other forms of audiovisual media?


	- What regulatory frameworks govern smart TV?


	- What guidance can be found in selected country-specific case studies?


	- What are the dangers associated with the collection, storage and processing of private user information by commercial parties?


	- How are relevant regulatory frameworks likely to evolve?



	Samsung have warned owners of their smart TVs that the system\’s voice recognition could actually be recording and sharing their private conversations. This “bad buzz” comes at a time when Brussels is in the process of adopting new legislation - the General Data Protection Regulation (GDPR) - aimed at protecting us from abuse and misuse of our private data and consumer behaviour big data collected by smart equipment such as television sets. The European Audiovisual Observatory, part of the Council of Europe in Strasbourg, is keeping track of these developments and has published this IRIS Special report entitled "Smart TV and data protection".


	


	This is a joint publication by the Observatory and partner institution, the Dutch Institute for Information Law (IViR in Amsterdam). It inspired an expert workshop organised in Strasbourg December 2015, which looked at “the grey areas between media regulation and data protection”.

},

note = {

	IRIS Special, European Audvisual Observatory, Strasbourg 2016.


	ISBN 9789287182395.


	See here for more information and ability to purchase publication.

},

keywords = {},

pubstate = {published},

tppubtype = {techreport}

}

@inbook{,

title = {A special regard: The Court of Justice and the fundamental rights to privacy and data protection},

author = {Irion, K.},

editor = {Faber},

url = {http://www.ivir.nl/irion_a-special-regard_chapterfinal/},

year  = {2016},

date = {2016-02-25},

publisher = {Nomos},

abstract = {The frequency with which the Court of Justice of the European Union (CJEU) rules on the interpretations of the rights to privacy and data protection in European Union (EU) law is constantly accelerating. The increasing case-load can certainly be attributed to the contemporary relevance of these issues in a data-driven society which leads to more cases being referred to the CJEU. However, contrary to earlier case-law, which had a rather limited effect, the recent CJEU decisions have gained prominence for their principle contribution to EU law. In 2014, the Court issued a landmark ruling in the case \emph{Digital Rights Ireland and Seitlinger v Minister for Communications, Marine and Natural Resources} which catapulted EU citizens’ privacy and data protection rights from the margins of EU law to the center stage. Already in 2015, in the case \emph{Maximillian Schrems v Data Protection Commissioner}, the Court has had another occasion to review EU legislation for its compliance with the rights to privacy and data protection under the EU Charter. The invalidation of the EU-U.S. Safe Harbour agreement by the Court has been stirring a global resonance in addition to receiving ample and arguably controversial coverage in international news.

This contribution looks at how the fundamental rights to privacy and data protection are protected in the EU legal order. It primarily assesses the CJEU’s case-law’s trajectory in this field as well as the impact of its decision practice in EU law. Hereby I discuss whether the CJEU holds a particular regard for the rights to privacy and data protection since the Charter of Fundamental Rights of the EU (CFR) was accorded binding legal value in 2009.5 Particular focus is given to the discussion of the two judgments in 2014 and 2015 cited above with which the Court underscored its determination to effectively protect these fundamental rights in the scope of EU law.},

note = {

	In: Festschrift f\"{u}r Wolfhard Kohte, Faber et al (eds.), Baden-Baden: Nomos, forthcoming 2016.

},

keywords = {},

pubstate = {published},

tppubtype = {inbook}

}

@techreport{,

title = {Comparative study of best European practices of online content regulation: Law and policy of online content regulation, in particular defamation online, in the light of Albanian legislative proposals},

author = {P.  Cavaliere and D.  Pavli and K.  Irion},

url = {http://www.ivir.nl/publicaties/download/1683.pdf},

year  = {2015},

date = {2015-11-10},

note = {

	Study commissioned by the Council of Europe, Amsterdam/Edinburgh/Tirana, August 2015.

},

keywords = {},

pubstate = {published},

tppubtype = {techreport}

}

@article{,

title = {Cloud services made in Europe after Snowden and Schrems},

author = {K.  Irion},

url = {http://policyreview.info/articles/news/cloud-services-made-europe-after-snowden-and-schrems/377},

year  = {2015},

date = {2015-10-27},

note = {

	Comment in Internet Policy Review, 23 October 2015.

},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{,

title = {Your Digital Home is No Longer Your Castle: How Cloud Computing Transforms the (Legal) Relationship between Individuals and Their Personal Records},

author = {Irion, K.},

url = {http://www.ivir.nl/publicaties/download/1584.pdf},

doi = {10.1093/ijlit/eav015},

year  = {2015},

date = {2015-09-29},

journal = {International Journal of Law and Information Technology},

volume = {23},

number = {4},

pages = {348-371.},

abstract = {In line with the overall trend individuals’ personal affairs, too, are composed of digital records to an increasing amount. At about the same time, the era of local storage in end user equipment is about to give way to remote computing where data resides on third party equipment (cloud computing). Once information, and even the most personal one, is no longer stored on personal equipment the relationship between individual users and their digital assets belonging to them is becoming increasingly abstract.

	This contribution focuses on the implications of cloud computing for individuals’ unpublicized digital records. The question to be answered is whether - taken together - the progressing virtualization and the disruption of physical control produce a backslide for individual positions of rights. The paper introduces the legal treatment of users’ digital personal records and how a technical transformation in combination with disparate legal protection and prevailing commercial practices are bound to impact the distribution of rights and obligations.

},

note = {(2015) International Journal of Law and Information Technology 23(4): 348-371, DOI: 10.1093/ijlit/eav015, available at http://ijlit.oxfordjournals.org/content/23/4/348.abstract},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{,

title = {Guest editorial: New intermediaries in the hyperconnected society},

author = {Morganti, L. and Renda, A. and Irion, K.},

url = {http://www.emeraldinsight.com/doi/full/10.1108/info-07-2015-0038},

year  = {2015},

date = {2015-09-01},

journal = {Info},

number = {6},

pages = {3-7.},

note = {

	DOI: \<a href="http://dx.doi.org/10.1108/info-07-2015-0038"\>http://dx.doi.org/10.1108/info-07-2015-0038\</a\>

},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{,

title = {Annotatie bij Hof van Justitie EU 8 april 2014 (Digital Rights Ireland / Ierse Ministers en Attorney General)},

author = {Irion, K. and Granger, M.-P. and Eskens, S.},

url = {https://www.ivir.nl/publicaties/download/Annotatie_Mediaforum_2015_3.pdf},

year  = {2015},

date = {2015-04-17},

urldate = {2015-04-17},

journal = {Mediaforum},

volume = {27},

number = {3},

pages = {112-118},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{,

title = {Venture into the future of privacy},

author = {K.  Irion},

url = {http://www.ivir.nl/publicaties/download/1526.pdf},

year  = {2015},

date = {2015-03-26},

journal = {ELSA Synergy Magazine},

number = {57},

pages = {28-31.},

abstract = {

	At the time of writing I am at the Computer Privacy and Data Protection Conference, for insiders just CPDP 2015, one of several mega-events with more than 1,000 participants from governments, European Union (EU) institutions, corporations, civil society and privacy advocates, and plenty of lawyers and academics just like me. This is emblematic of the transformation privacy and data protection have undergone from a somewhat dull area of law to a very visible cutting-edge legal expertise.

},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@article{,

title = {The Court of Justice and the Data Retention Directive in Digital Rights Ireland},

author = {K.  Irion},

url = {http://www.ivir.nl/publicaties/download/1456.pdf},

year  = {2015},

date = {2015-01-15},

journal = {European Law Review},

number = {6},

pages = {835-850.},

abstract = {

	In Digital Rights Ireland, the Court of Justice invalidated the 2006 Data Retention Directive, which required private providers to retain for a considerable period electronic communication metadata for law enforcement purposes. In this landmark ruling, the EU judiciary introduced a strict scrutiny test for EU legislative acts that interfere seriously with important rights protected by the Charter of Fundamental Rights and the European Convention on Human Rights\—in this case, the rights to privacy and data protection\—and applied a rigorous assessment of the proportionality of the measure under the Charter, criticising numerous aspects of the Directive. This article presents and analyses the judgment, discussing its implications for constitutional review and constitutionalism in the European Union, and the substantive and procedural constraints that it imposes on EU and national data retention schemes. It concludes by reflecting on the ruling\’s impact on European integration and data related policies.

},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@techreport{,

title = {The Independence and Functioning of the Audiovisual Media Authority in Albania},

author = {M.  Ledger and S.  Svensson and E.  Fejzulla and K.  Irion},

url = {http://www.indireg.eu/wp-content/uploads/AMA/Indireg-AMA-Report-Nov11.pdf},

year  = {2014},

date = {2014-11-27},

address = {Amsterdam/Brussels/Budapest/Tirana},

note = {

	Study commissioned by the Council of Europe, October 2014.

},

keywords = {},

pubstate = {published},

tppubtype = {techreport}

}

@article{,

title = {International Assistance and Media Democratization in the Western Balkans: A Cross-National Comparison},

author = {K.  Irion},

url = {http://www.db-thueringen.de/servlets/DerivateServlet/Derivate-31141/GMJ8_Irion_Jusic_final.pdf},

year  = {2014},

date = {2014-11-21},

journal = {Global Media Journal German Edition},

number = {2},

abstract = {

	International media assistance programs accompanied the democratic media transition in Albania, Bosnia and Herzegovina, Kosovo, Macedonia and Serbia with varying intensity. These countries untertook a range of media reforms to conform with accession requirements of the European Union (EU) and the standards of the Council of Europe, among others. This article explores the nexus between the democratic transformation of the media and international media assistance (IMA) as constrained by the local political conditions in the five countries of the Western Balkans. It aims to enhance the understanding of conditions and factors that influence media institution building in the region and evaluates the role of international assistance programs and conditionality mechanisms herein.



	The cross-national analysis concludes that the effects of IMA are highly constrained by the local context. A decade of IMA of varying intensity is not sufficient to construct media institutions when, in order to function properly, they have to outperform their local context. From today\’s vantage point it becomes obvious, that in the short-term scaling-up IMA does not necessarily improve outcomes. The experiences in the region suggest that imported solutions have not been sufficiently cognitive of all aspects of local conditions and international strategies have tended to be rather schematic and have lacked strategic approaches to promote media policy stability, credible media reform and implementation. To a certain extent, the loss of IMA effectiveness is also self-inflicted.

},

note = {

	Pre-publication version also available at SSRN.

},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

@misc{,

title = {Cultural diversity in the digital age: EU competences, policies and regulations for diverse audiovisual and online content},

author = {Irion, K.},

url = {http://www.ivir.nl/publicaties/download/1441.pdf},

year  = {2014},

date = {2014-11-21},

abstract = {

	Cultural diversity is a multifaceted concept that differs from the notion of media pluralism. However, the two concepts share important concerns particularly as regards content production, content distribution and access to content. This chapter considers the EU’s role in contributing to diverse audiovisual and online content and assesses its limits.


	Although a signatory of the UNESCO Convention on the Protection and Promotion of the Diversity of Cultural Expressions, the ability of the EU to foster cultural diversity in the digital environment is confined on account of its constrained competences in the field of audiovisual media and online content. Notwithstanding, the EU develops a number of substantive policies that benefit the creation and circulation of cultural content either in an explicit or in an implicit manner. Following a value-chain approach, this chapter discusses the complementary role of various EU sectoral regulations towards this aim. The analysis focuses on the Audiovisual Media Services (AVMS) Directive (Directive 2007/65/EC \textendash 2010/13/EU) and various aspects of the EU regulatory framework for electronic communications, particularly in relation to non-discriminatory access to bottlenecks in the distribution infrastructure and online platforms.


	The chapter advances the argument that existing EU policies have an important role to play for ensuring the free circulation of, and access to, cultural content. At the same time, aside from the cultural quotas in the above mentioned AVMS Directive, EU activity is less prominent in the field of content production. The analysis concludes by stressing the complexity of promoting cultural diversity in light of both cultural content supply and demand considerations. It also emphasises the importance of emerging policy issues, in particular net neutrality and findability.

},

note = {

	Pre-publication.\<br /\>

	In: E. Psychogiopoulou (ed.), \<em\>Cultural Governance and the European Union\</em\>, Houndmills and New York: Palgrave MacMillan 2015 in press.\<br /\>

	Also available at SSRN: \<a href="http://ssrn.com/abstract=2529044" target="_blank"\>http://ssrn.com/abstract=2529044\</a\>

},

keywords = {},

pubstate = {published},

tppubtype = {misc}

}

@misc{Irion2014,

title = {Accountability unchained: Bulk Data Retention, Preemptive Surveillance, and Transatlantic Data Protection},

author = {Irion, K.},

url = {https://www.ivir.nl/accountability-unchained-kristina-irion_final/},

year  = {2014},

date = {2014-11-21},

abstract = {The innovations on which today’s Internet proliferated have been a major gift from its founders and the US government to the world. Ever since the rise of the Internet it has attracted utopian ideas of a free and borderless cyberspace, a men-made global commons that serves an international community of users. First commercialization and now the prevalence of state surveillance have significantly depreciated the utopist patina. Internet’s borderless nature which was once heralded to rise above the nation state has actually enabled some states to rise above their borders when engaging in mass surveillance that affects users on a global scale. International human rights law and emerging Internet governance principles have not been authoritative enough to protect users’ privacy and the confidentiality of communications.



More or less openly, Western democracies embarked on the path of mass surveillance with the aim to fight crime and defend national security. This chapter’s focus is on the safeguards and accountability of mass surveillance in Europe and the US and how this affects transatlantic relations. It queries whether national systems of checks and balances are still adequate in relation to the growth and the globalization of surveillance capabilities. Lacking safeguards and accountability at the national level can exacerbate in the context of transnational surveillance. It can lead to asymmetries between countries which are precisely at the core of the transatlantic rift over mass surveillance. The chapter concludes with a brief review of proposals how to reduce them.

},

note = {In: M. Rotenberg, J. Horwitz \& J. Scott, eds., Visons of Privacy in a Modern Age, New York: New Press, 2015. 

Chapter also available in Chinese: https://www.amazon.cn/%E5%9B%BE%E4%B9%A6/dp/B074JYGR3B



},

keywords = {},

pubstate = {published},

tppubtype = {misc}

}

@misc{,

title = {Follow the Money! Ownership \& Financial Transparency should be a Media Policy Standard},

author = {K.  Irion},

url = {http://www.ivir.nl/publicaties/download/1356.pdf},

year  = {2014},

date = {2014-05-08},

note = {

	Blogpost on LSE Media Policy Project, published on 30 April 2014.

},

keywords = {},

pubstate = {published},

tppubtype = {misc}

}

@techreport{,

title = {International Assistance and Media Democratization in the Western Balkans: A Cross-National Comparison},

author = {T.  Jusi\'{c} and K.  Irion},

url = {http://www.ivir.nl/publicaties/download/International_Assistance.pdf},

year  = {2014},

date = {2014-04-24},

number = {1},

publisher = {Analitika - Center for Social Research},

address = {Sarajevo},

series = {Working Paper Series on International Media Assistance in the Western Balkans},

note = {

	Working paper

},

keywords = {},

pubstate = {published},

tppubtype = {techreport}

}

@misc{,

title = {Delegation to independent regulatory authorities in the media sector: A paradigm shift through the lens of regulatory theory},

author = {K.  Irion},

url = {http://www.ivir.nl/publicaties/download/Radu_2013.pdf},

year  = {2014},

date = {2014-01-09},

booktitle = {The Independence of the Media and Its Regulatory Agencies. Shedding New Light on Formal and Actual },

pages = {15-54},

publisher = {Intellect},

address = {Bristol UK/ Chicago USA},

keywords = {},

pubstate = {published},

tppubtype = {misc}

}

@misc{,

title = {Measuring independence: Approaches, limitations, and a new ranking tool},

author = {K.  Irion},

url = {http://www.ivir.nl/publicaties/download/Ledger_2013.pdf},

year  = {2014},

date = {2014-01-09},

booktitle = {The Independence of the Media and Its Regulatory Agencies. Shedding New Light on Formal and Actual },

pages = {139-184},

publisher = {Intellect},

address = {Bristol UK / Chicago USA},

keywords = {},

pubstate = {published},

tppubtype = {misc}

}

@book{,

title = {The Independence of the Media and Its Regulatory Agencies: Shedding New Light on Formal and Actual Independence Against the National Context},

author = {W.  Schulz and P.  Valcke and K.  Irion},

url = {http://www.ivir.nl/publicaties/download/1140.pdf},

year  = {2014},

date = {2014-01-07},

pages = {390},

publisher = {Intellect},

address = {Bristol UK / Chicago USA},

series = {European Communication Research and Education Association (ECREA)},

abstract = {Media independence is vital for democracies, and so is the independence of the regulatory bodies governing it. \emph{The Independence of the Media and its Regulatory Agencies }explores the complex relationship between media governance and independence of media regulatory authorities within Europe, which form part of the wider framework in which media\’s independence may flourish or fade. Based on research in more than forty countries, the contributions analyse the independence of regulators and draw links between social, financial, and legal frameworks. The contributing authors offer theoretical perspectives that combine law and public policy; review research methods; and offer a set of case studies that explore how the national socio-political context influences local institutions. As a whole, the book offers an accessible and relevant account of research into regulatory independence as applied to the audiovisual media sector in Europe.},

note = {The book is based on research carried out in the context of the INDIREG and MEDIADEM projects.


	More information about the book: http://www.ecrea.eu/publications/bookseries


	See here the front and back cover of the book.},

keywords = {},

pubstate = {published},

tppubtype = {book}

}

@misc{,

title = {The Governance of Network and Information Security in the European Union: The European Public-Private Partnership for Resilience (EP3R)},

author = {K.  Irion},

url = {http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2075916},

year  = {2014},

date = {2014-01-02},

booktitle = {The Secure Information Society, Gaycken, Krueger, Nickolay (eds.)},

pages = {83-116},

publisher = {Springer},

address = {Berlin},

note = {

	prepublication

},

keywords = {},

pubstate = {published},

tppubtype = {misc}

}

@techreport{,

title = {Online Personal Data Processing and the EU Data Protection Reform. CEPS Digital Form Task Force Report},

author = {G.  Luchetta and K.  Irion},

url = {http://www.ivir.nl/publicaties/download/TFR_Data_Protection.pdf},

isbn = {9789461383020},

year  = {2014},

date = {2014-01-01},

pages = {97.},

publisher = {Center for European Policy Studies},

address = {Brussels},

keywords = {},

pubstate = {published},

tppubtype = {techreport}

}