Keyword: Privacy

A systematic literature review of security and privacy by design principles, norms, and strategies for digital technologies external link

Del-Real, C., Busser, E. de & Berg, B. van den
International Review of Law, Computers & Technology, vol. 39, iss. : 3, pp: 374-405, 2025

Abstract

This paper offers a comparative systematic literature review of the key principles, norms, and strategies associated with Security by Design (SbD) and Privacy by Design (PbD). Both frameworks are grounded in the idea that security and privacy should be integral components of digital technologies from the very beginning of the design process. Following PRISMA guidelines, we reviewed 82 documents sourced from databases such as the ACM Digital Library, EBSCO Library, IEEE Xplore, ProQuest, Scopus, and Web of Science. Our analysis reveals that SbD and PbD share four fundamental principles: prevention/proactiveness, embeddedness, user-centricity, and transparency. The review also highlights the solid regulatory foundation of PbD, particularly under the General Data Protection Regulation (GDPR), compared to the emerging regulatory context for SbD. Additionally, we explore a range of strategies, from organizational cultural changes to technical interventions, that illustrate the nuanced approaches taken to implement these paradigms. We conclude by discussing the broader implications of these findings and suggesting directions for future research, aiming to contribute to the development of technologies that are both secure and respectful of privacy, while also advocating for integrated frameworks that enhance digital trust.

Privacy, Software design

RIS

Save .RIS

Bibtex

Save .bib

Dun & Bradstreet: A Pyrrhic Victory for the Contestation of AI under the GDPR external link

Metikoš, L.
The Law, Ethics & Policy of AI Blog, 2025

Abstract

The CJEU’s ruling in Dun & Bradstreet clarifies how the GDPR’s ‘right to an explanation’ should enable individuals to contest AI-based decision-making. It states that explanations need to be understandable while also respecting trade secrets and privacy concerns in a balanced manner. However, the Court excludes the disclosure of in-depth technical information and also introduces a burdensome balancing procedure. These requirements both strengthen and weaken the ability of individuals to independently assess impactful AI systems, leading to a pyrrhic victory for contestation.

Artificial intelligence, GDPR, Privacy

RIS

Save .RIS

Bibtex

Save .bib

De Commissie Persoonsgegevens Amsterdam: adviesmodel voor complexe gegevensverwerkingen door overheden? download

Janssen, H.
Privacy & Informatie, iss. : 1, pp: 1-2, 2025

Personal data, Privacy

RIS

Save .RIS

Bibtex

Save .bib

The Right to an Explanation in Practice: Insights from Case Law for the GDPR and the AI Act external link

Metikoš, L. & Ausloos, J.
Law, Innovation, and Technology , pp: 1-36, 2025

Abstract

The right to an explanation under the GDPR has been much discussed in legal-doctrinal scholarship. This paper expands upon this academic discourse, by providing insights into what questions the application of the right to an explanation has raised in legal practice. By looking at cases brought before various judicial bodies and data protection authorities across the European Union, we discuss questions regarding the scope, content, and balancing exercise of the right to an explanation. We argue, moreover, that these questions also raise important interpretative issues regarding the right to an explanation under the AI Act. Similar to the GDPR, the AI Act's right to an explanation leaves many legal questions unanswered. Therefore, the insights from the already established case law under the GDPR, can help us to understand better how the AI Act's right to an explanation should be understood in practice.

AI Act, case law, GDPR, Privacy

RIS

Save .RIS

Bibtex

Save .bib

Annotatie bij EHRM 9 maart 2023 (LB / Hongarije) download

Dommering, E.
Nederlandse Jurisprudentie, iss. : 15, num: 144, pp: 3352-3354, 2024

Abstract

Openbaar maken persoonsgegevens wegens belastingschuld. Bescherming persoonlijke data. Belang van toetsing in individuele gevallen. Margin of appreciation. Schending van art. 8 EVRM. Grote Kamer.

Human rights, Privacy

RIS

Save .RIS

Bibtex

Save .bib

The Right to Root: Constructing a Claim to Control Devices from the Right to Privacy download

van Daalen, O.
JIPITEC, vol. 14, iss. : 4, pp: 580-593, 2023

Abstract

Empowering people with digital tools has been an enduring ideal throughout the history of computing. In some of the earlier visions, this was not only a matter of making life easier, it was also a matter of people gaining control over their digital tools. One solution to this problem which has been suggested is to provide users with a manual override to gain full control over a device, something called gaining 'root' - hence the 'Right to Root'. Yet, there are no policymakers who have seriously treated this as a possibility. For people pushing this right at a policy level, it would therefore be helpful to know whether this Right to Root can be constructed from human rights. In this article, I explore the European human rights-based arguments for a Right to Root, focusing on the right to privacy under the European Convention for Human Rights and the Charter of Fundamental Rights. I first discuss the origins of this ideal of gaining control over your own devices. I then show how users over the years have gained less control and how the RIght to Root could enable them to regain control. I then explore how the Right to Root could be constructed from the right to privacy under the Convention and the Charter, by understanding it as a way to protect the values of autonomy, self-determination and seclusion. I conclude that a Right to Root can be grounded in the human right to privacy, but that further research is necessary to balance it with other interests, such as cybersecurity, traffic safety, health and intellectual property.

Privacy

RIS

Save .RIS

Bibtex

Save .bib

Annotatie bij Hoge Raad 15 september 2023 download

Dommering, E.
Nederlandse Jurisprudentie, iss. : 1, num: 6, pp: 195-196, 2024

AVG, Privacy

RIS

Save .RIS

Bibtex

Save .bib

Annotatie bij Hof van Justitie van de Europese Gemeenschappen 4 mei 2023 (F.F. / Österreichische Datenschutzbehörde) download

Dommering, E.
Nederlandse Jurisprudentie, iss. : 1, num: 1, pp: 8-10, 2024

Inzagerecht, Personal data, Privacy

RIS

Save .RIS

Bibtex

Save .bib

Annotatie Hof van Justitie van de EU 28 april 2022 (Meta Platforms Ireland / Bundesverband der Verbraucherzentralen und Verbraucherverbände) download

Dommering, E.
Nederlandse Jurisprudentie, iss. : 21, num: 194, pp: 3621-3623, 2023

Facebook, Personal data, Privacy

RIS

Save .RIS

Bibtex

Save .bib

Gemeentelijke grip op private sensorgegevens: Juridisch kader voor het gemeentelijke handelingsperspectief bij de verwerking van private sensorgegevens in de openbare ruimte download

Janssen, H., Verboeket, L.W., Meiring, A., van Hoboken, J., van Eechoud, M., van den Brink, J.E., Ortlep, R. & Bodó, B.
2023

handhaving, Privacy, sensoren, Surveillance

RIS

Save .RIS

Bibtex

Save .bib