Keyword: Privacy

The Right to Root: Constructing a Claim to Control Devices from the Right to Privacy download

van Daalen, O.
JIPITEC, vol. 14, iss. : 4, pp: 580-593, 2023

Abstract

Empowering people with digital tools has been an enduring ideal throughout the history of computing. In some of the earlier visions, this was not only a matter of making life easier, it was also a matter of people gaining control over their digital tools. One solution to this problem which has been suggested is to provide users with a manual override to gain full control over a device, something called gaining 'root' - hence the 'Right to Root'. Yet, there are no policymakers who have seriously treated this as a possibility. For people pushing this right at a policy level, it would therefore be helpful to know whether this Right to Root can be constructed from human rights. In this article, I explore the European human rights-based arguments for a Right to Root, focusing on the right to privacy under the European Convention for Human Rights and the Charter of Fundamental Rights. I first discuss the origins of this ideal of gaining control over your own devices. I then show how users over the years have gained less control and how the RIght to Root could enable them to regain control. I then explore how the Right to Root could be constructed from the right to privacy under the Convention and the Charter, by understanding it as a way to protect the values of autonomy, self-determination and seclusion. I conclude that a Right to Root can be grounded in the human right to privacy, but that further research is necessary to balance it with other interests, such as cybersecurity, traffic safety, health and intellectual property.

Privacy

Bibtex

Article{nokey, title = {The Right to Root: Constructing a Claim to Control Devices from the Right to Privacy}, author = {van Daalen, O.}, url = {https://www.ivir.nl/publications/the-right-to-root-constructing-a-claim-to-control-devices-from-the-right-to-privacy/jipitec_2023_4/}, year = {2023}, date = {2023-12-12}, journal = {JIPITEC}, volume = {14}, issue = {4}, pages = {580-593}, abstract = {Empowering people with digital tools has been an enduring ideal throughout the history of computing. In some of the earlier visions, this was not only a matter of making life easier, it was also a matter of people gaining control over their digital tools. One solution to this problem which has been suggested is to provide users with a manual override to gain full control over a device, something called gaining \'root\' - hence the \'Right to Root\'. Yet, there are no policymakers who have seriously treated this as a possibility. For people pushing this right at a policy level, it would therefore be helpful to know whether this Right to Root can be constructed from human rights. In this article, I explore the European human rights-based arguments for a Right to Root, focusing on the right to privacy under the European Convention for Human Rights and the Charter of Fundamental Rights. I first discuss the origins of this ideal of gaining control over your own devices. I then show how users over the years have gained less control and how the RIght to Root could enable them to regain control. I then explore how the Right to Root could be constructed from the right to privacy under the Convention and the Charter, by understanding it as a way to protect the values of autonomy, self-determination and seclusion. I conclude that a Right to Root can be grounded in the human right to privacy, but that further research is necessary to balance it with other interests, such as cybersecurity, traffic safety, health and intellectual property.}, keywords = {Privacy}, }

Annotatie bij Hoge Raad 15 september 2023 download

Dommering, E.
Nederlandse Jurisprudentie, iss. : 1, num: 6, pp: 195-196, 2024

AVG, Privacy

Bibtex

Case note{nokey, title = {Annotatie bij Hoge Raad 15 september 2023}, author = {Dommering, E.}, url = {https://www.ivir.nl/publications/annotatie-bij-hoge-raad-15-september-2023/annotatie_nj_2024_6/}, year = {2024}, date = {2024-02-01}, journal = {Nederlandse Jurisprudentie}, issue = {1}, number = {6}, keywords = {AVG, Privacy}, }

Annotatie bij Hof van Justitie van de Europese Gemeenschappen 4 mei 2023 (F.F. / Österreichische Datenschutzbehörde) download

Dommering, E.
Nederlandse Jurisprudentie, iss. : 1, num: 1, pp: 8-10, 2024

Inzagerecht, Persoonsgegevens, Privacy

Bibtex

Case note{nokey, title = {Annotatie bij Hof van Justitie van de Europese Gemeenschappen 4 mei 2023 (F.F. / Österreichische Datenschutzbehörde)}, author = {Dommering, E.}, url = {https://www.ivir.nl/publications/annotatie-bij-hof-van-justitie-van-de-europese-gemeenschappen-4-mei-2023-f-f-osterreichische-datenschutzbehorde/annotatie_nj_2024_1/}, year = {2024}, date = {2024-02-01}, journal = {Nederlandse Jurisprudentie}, issue = {1}, number = {1}, keywords = {Inzagerecht, Persoonsgegevens, Privacy}, }

Annotatie Hof van Justitie van de EU 28 april 2022 (Meta Platforms Ireland / Bundesverband der Verbraucherzentralen und Verbraucherverbände) download

Dommering, E.
Nederlandse Jurisprudentie, iss. : 21, num: 194, pp: 3621-3623, 2023

Facebook, Persoonsgegevens, Privacy

Bibtex

Case note{nokey, title = {Annotatie Hof van Justitie van de EU 28 april 2022 (Meta Platforms Ireland / Bundesverband der Verbraucherzentralen und Verbraucherverbände)}, author = {Dommering, E.}, url = {https://www.ivir.nl/publications/annotatie-hof-van-justitie-van-de-eu-28-april-2022-meta-platforms-ireland-bundesverband-der-verbraucherzentralen-und-verbraucherverbande/annotatie_nj_2023_194/}, year = {2023}, date = {2023-07-11}, journal = {Nederlandse Jurisprudentie}, issue = {21}, number = {194}, keywords = {Facebook, Persoonsgegevens, Privacy}, }

Gemeentelijke grip op private sensorgegevens: Juridisch kader voor het gemeentelijke handelingsperspectief bij de verwerking van private sensorgegevens in de openbare ruimte download

Janssen, H., Verboeket, L.W., Meiring, A., van Hoboken, J., van Eechoud, M., van den Brink, J.E., Ortlep, R. & Bodó, B.
2023

handhaving, Privacy, sensoren, Surveillance

Bibtex

Report{nokey, title = {Gemeentelijke grip op private sensorgegevens: Juridisch kader voor het gemeentelijke handelingsperspectief bij de verwerking van private sensorgegevens in de openbare ruimte}, author = {Janssen, H. and Verboeket, L.W. and Meiring, A. and van Hoboken, J. and van Eechoud, M. and van den Brink, J.E. and Ortlep, R. and Bodó, B.}, url = {https://www.ivir.nl/publications/gemeentelijke-grip-op-private-sensorgegevens-juridisch-kader-voor-het-gemeentelijke-handelingsperspectief-bij-de-verwerking-van-private-sensorgegevens-in-de-openbare-ruimte/gemeentelijke_grip_op_private_sensorgegevens/}, year = {2023}, date = {2023-06-30}, keywords = {handhaving, Privacy, sensoren, Surveillance}, }

Personal Data Stores and the GDPR’s lawful grounds for processing personal data

Janssen, H., Cobbe, J., Norval, C. & Singh, J.
2019

Abstract

Personal Data Stores (‘PDSs’) entail users having a (physical or virtual) device within which they themselves can, in theory, capture, aggregate, and control the access to and the transfer of personal data. Their aim is to empower users in relation to their personal data, strengthening their opportunities for data protection, privacy, and/or to facilitate trade and monetisation. As PDS technologies develop, it is important to consider their role in relation to issues of data protection. The General Data Protection Regulation requires that the processing of user data be predicated on one of its defined lawful bases, whereby the Regulation does not favour any one basis over another. We explore how PDS architectures relate to these lawful bases, and observe that they tend to favour the bases that require direct user involvement. This paper considers issues that the envisaged architectural choices surrounding the lawful grounds may entail.

Data protection, decentralisation, lawful grounds for processing, personal data stores, Privacy, Transparency

Bibtex

Conference paper{nokey, title = {Personal Data Stores and the GDPR’s lawful grounds for processing personal data}, author = {Janssen, H. and Cobbe, J. and Norval, C. and Singh, J.}, doi = {https://doi.org/10.5281/zenodo.3234902}, year = {2019}, date = {2019-05-29}, abstract = {Personal Data Stores (‘PDSs’) entail users having a (physical or virtual) device within which they themselves can, in theory, capture, aggregate, and control the access to and the transfer of personal data. Their aim is to empower users in relation to their personal data, strengthening their opportunities for data protection, privacy, and/or to facilitate trade and monetisation. As PDS technologies develop, it is important to consider their role in relation to issues of data protection. The General Data Protection Regulation requires that the processing of user data be predicated on one of its defined lawful bases, whereby the Regulation does not favour any one basis over another. We explore how PDS architectures relate to these lawful bases, and observe that they tend to favour the bases that require direct user involvement. This paper considers issues that the envisaged architectural choices surrounding the lawful grounds may entail.}, keywords = {Data protection, decentralisation, lawful grounds for processing, personal data stores, Privacy, Transparency}, }

The right to encryption: Privacy as preventing unlawful access external link

van Daalen, O.
Computer Law & Security Review, vol. 49, 2023

Abstract

Encryption technologies are a fundamental building block of modern digital infrastructure, but plans to curb these technologies continue to spring up. Even in the European Union, where their application is by now firmly embedded in legislation, lawmakers are again calling for measures which would impact these technologies. One of the most important arguments in this debate are human rights, most notably the rights to privacy and to freedom of expression. And although some authors have in the past explored how encryption technologies support human rights, this connection is not yet firmly grounded in an analysis of European human rights case law. This contribution aims to fill this gap, developing a framework for assessing restrictions of encryption technologies under the rights to privacy and freedom of expression as protected under the European Convention of Human Rights (the Convention) and the Charter of Fundamental rights in the European Union (the Charter). In the first section, the relevant function of encryption technologies, restricting access to information (called confidentiality), is discussed. In the second section, an overview of some governmental policies and practices impacting these technologies is provided. This continues with a discussion of the case law on the rights to privacy, data protection and freedom of expression, arguing that these rights are not only about ensuring lawful access by governments to protected information, but also about preventing unlawful access by others. And because encryption technologies are an important technology to reduce the risk of this unlawful access, it is then proposed that this risk is central to the assessment of governance measures in the field of encryption technologies. The article concludes by recommending that states perform an in-depth assessement of this when proposing new measures, and that courts when reviewing them also place the risk of unlawful access central to the analysis of interference and proportionality.

communications confidentiality, encryption, Freedom of expression, Human rights, Privacy, unlawful access

Bibtex

Article{nokey, title = {The right to encryption: Privacy as preventing unlawful access}, author = {van Daalen, O.}, url = {https://www.sciencedirect.com/science/article/pii/S0267364923000146}, doi = {https://doi.org/10.1016/j.clsr.2023.105804}, year = {2023}, date = {2023-05-23}, journal = {Computer Law & Security Review}, volume = {49}, pages = {}, abstract = {Encryption technologies are a fundamental building block of modern digital infrastructure, but plans to curb these technologies continue to spring up. Even in the European Union, where their application is by now firmly embedded in legislation, lawmakers are again calling for measures which would impact these technologies. One of the most important arguments in this debate are human rights, most notably the rights to privacy and to freedom of expression. And although some authors have in the past explored how encryption technologies support human rights, this connection is not yet firmly grounded in an analysis of European human rights case law. This contribution aims to fill this gap, developing a framework for assessing restrictions of encryption technologies under the rights to privacy and freedom of expression as protected under the European Convention of Human Rights (the Convention) and the Charter of Fundamental rights in the European Union (the Charter). In the first section, the relevant function of encryption technologies, restricting access to information (called confidentiality), is discussed. In the second section, an overview of some governmental policies and practices impacting these technologies is provided. This continues with a discussion of the case law on the rights to privacy, data protection and freedom of expression, arguing that these rights are not only about ensuring lawful access by governments to protected information, but also about preventing unlawful access by others. And because encryption technologies are an important technology to reduce the risk of this unlawful access, it is then proposed that this risk is central to the assessment of governance measures in the field of encryption technologies. The article concludes by recommending that states perform an in-depth assessement of this when proposing new measures, and that courts when reviewing them also place the risk of unlawful access central to the analysis of interference and proportionality.}, keywords = {communications confidentiality, encryption, Freedom of expression, Human rights, Privacy, unlawful access}, }

Fundamental rights assessment of the framework for detection orders under the CSAM proposal download

van Daalen, O.
2023

CSAM, Data protection, Freedom of expression, Privacy

Bibtex

Report{nokey, title = {Fundamental rights assessment of the framework for detection orders under the CSAM proposal}, author = {van Daalen, O.}, url = {https://www.ivir.nl/publications/fundamental-rights-assessment-of-the-framework-for-detection-orders-under-the-csam-proposal/csamreport/}, year = {2023}, date = {2023-04-22}, keywords = {CSAM, Data protection, Freedom of expression, Privacy}, }

Shielding citizens? Understanding the impact of political advertisement transparency information

Dobber, T., Kruikemeier, S., Helberger, N. & Goodman, E.
New Media & Society, 2023

Abstract

Online targeted advertising leverages an information asymmetry between the advertiser and the recipient. Policymakers in the European Union and the United States aim to decrease this asymmetry by requiring information transparency information alongside political advertisements, in the hope of activating citizens’ persuasion knowledge. However, the proposed regulations all present different directions with regard to the required content of transparency information. Consequently, not all proposed interventions will be (equally) effective. Moreover, there is a chance that transparent information has additional consequences, such as increasing privacy concerns or decreasing advertising effectiveness. Using an online experiment (N = 1331), this study addresses these challenges and finds that two regulatory interventions (DSA and HAA) increase persuasion knowledge, while the chance of raising privacy concerns or lowering advertisement effectiveness is present but slim. Results suggest transparency information interventions have some promise, but at the same time underline the limitations of user-facing transparency interventions.

information disclosures, online advertising, persuasion knowledge, political attitudes, Privacy, Transparency

Bibtex

Article{nokey, title = {Shielding citizens? Understanding the impact of political advertisement transparency information}, author = {Dobber, T. and Kruikemeier, S. and Helberger, N. and Goodman, E.}, doi = {https://doi.org/10.1177/14614448231157640}, year = {2023}, date = {2023-04-21}, journal = {New Media & Society}, abstract = {Online targeted advertising leverages an information asymmetry between the advertiser and the recipient. Policymakers in the European Union and the United States aim to decrease this asymmetry by requiring information transparency information alongside political advertisements, in the hope of activating citizens’ persuasion knowledge. However, the proposed regulations all present different directions with regard to the required content of transparency information. Consequently, not all proposed interventions will be (equally) effective. Moreover, there is a chance that transparent information has additional consequences, such as increasing privacy concerns or decreasing advertising effectiveness. Using an online experiment (N = 1331), this study addresses these challenges and finds that two regulatory interventions (DSA and HAA) increase persuasion knowledge, while the chance of raising privacy concerns or lowering advertisement effectiveness is present but slim. Results suggest transparency information interventions have some promise, but at the same time underline the limitations of user-facing transparency interventions.}, keywords = {information disclosures, online advertising, persuasion knowledge, political attitudes, Privacy, Transparency}, }

Annotatie bij Hoge Raad 25 februari 2022 (Google) download

Dommering, E.
Nederlandse Jurisprudentie, iss. : 37/38/39, num: 259, pp: 4708-4709, 2022

Abstract

Privacyrecht. Algemene Verordening Gegevensbescherming (AVG); verzoek verwijdering zoekresultaten; gevoelige persoonsgegevens (art. 10 AVG); maatstaf. Proceskosten in AVG-zaken; doeltreffende voorziening (art. 79 AVG en art. 47 Handvest Grondrechten EU).

Annotaties, AVG, Privacy, zoekresultaten

Bibtex

Article{nokey, title = {Annotatie bij Hoge Raad 25 februari 2022 (Google)}, author = {Dommering, E.}, url = {https://www.ivir.nl/publications/annotatie-bij-hoge-raad-25-februari-2022-google/annotatie_nj_2022_259/}, year = {2022}, date = {2022-11-28}, journal = {Nederlandse Jurisprudentie}, issue = {37/38/39}, number = {259}, abstract = {Privacyrecht. Algemene Verordening Gegevensbescherming (AVG); verzoek verwijdering zoekresultaten; gevoelige persoonsgegevens (art. 10 AVG); maatstaf. Proceskosten in AVG-zaken; doeltreffende voorziening (art. 79 AVG en art. 47 Handvest Grondrechten EU).}, keywords = {Annotaties, AVG, Privacy, zoekresultaten}, }