Grondrechten
Voorhoof, D.; McGonagle, T.
Freedom of expression, the Media and Journalists: Case-law of the European Court of Human Rights Book
2022, ISBN: 9789287184351, (IRIS Themes, vol. III, 7th edition, European Audiovisual Observatory, Strasbourg).
@book{nokey,
title = {Freedom of expression, the Media and Journalists: Case-law of the European Court of Human Rights},
author = {Voorhoof, D. and McGonagle, T.},
url = {https://rm.coe.int/iris-themes-vol-iii-7th-edition-april-2022-final-/1680a65f50},
isbn = { 9789287184351},
year = {2022},
date = {2022-08-26},
abstract = {This e-book provides valuable insights into the European Court of Human Rights’ extensive case-law on freedom of expression and media and journalistic freedoms. The first six editions of the e-book (2013, 2015, 2016, 2017, 2020 and 2021) have proved hugely successful. The new seventh edition summarises over 360 judgments or decisions by the Court and provides hyperlinks to the full text of each of the summarised judgments or decisions (via HUDOC, the Court's online case-law database).},
note = {IRIS Themes, vol. III, 7th edition, European Audiovisual Observatory, Strasbourg},
keywords = {},
pubstate = {published},
tppubtype = {book}
}
This e-book provides valuable insights into the European Court of Human Rights’ extensive case-law on freedom of expression and media and journalistic freedoms. The first six editions of the e-book (2013, 2015, 2016, 2017, 2020 and 2021) have proved hugely successful. The new seventh edition summarises over 360 judgments or decisions by the Court and provides hyperlinks to the full text of each of the summarised judgments or decisions (via HUDOC, the Court's online case-law database).
Hins, A.
Opinie: Staatspropaganda en uitingsvrijheid Journal Article
In: Mediaforum, vol. 34, iss. 2, pp. 45, 2022.
@article{nokey,
title = {Opinie: Staatspropaganda en uitingsvrijheid},
author = {Hins, A.},
url = {https://www.ivir.nl/opinie_mediaforum_2022_2/},
year = {2022},
date = {2022-08-25},
journal = {Mediaforum},
volume = {34},
issue = {2},
pages = {45},
abstract = {Op 10 januari 2022 is de Europese Commissie een openbare raadpleging gestart inzake een nieuwe verordening op basis van art. 114 VWEU, genaamd ‘Europese wet inzake mediavrijheid. ’ Deze opinie bepleit om in de te toekomstige verordening vast te leggen dat publieke mediadiensten binnen de EU onafhankelijk moeten functioneren van de politieke macht. Het aanleggen van dezelfde criteria voor het doorgeven van programma’s die elders zijn uitgezonden is echter onevenredig.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Op 10 januari 2022 is de Europese Commissie een openbare raadpleging gestart inzake een nieuwe verordening op basis van art. 114 VWEU, genaamd ‘Europese wet inzake mediavrijheid. ’ Deze opinie bepleit om in de te toekomstige verordening vast te leggen dat publieke mediadiensten binnen de EU onafhankelijk moeten functioneren van de politieke macht. Het aanleggen van dezelfde criteria voor het doorgeven van programma’s die elders zijn uitgezonden is echter onevenredig.
Giannopoulou, A.
Allocating Control in Decentralised Identity Management Journal Article
In: European Review of Digital Administration & Law - Erdal, vol. 2021, iss. 2, pp. 75-87, 2022.
@article{nokey,
title = {Allocating Control in Decentralised Identity Management},
author = {Giannopoulou, A.},
url = {https://www.ivir.nl/erdal_2021_2/},
doi = {10.53136/97912599475299},
year = {2022},
date = {2022-07-21},
urldate = {2022-07-21},
journal = {European Review of Digital Administration \& Law - Erdal},
volume = {2021},
issue = {2},
pages = {75-87},
abstract = {Creating legal identity in the digital space involves the challenging task of addressing the datarelated responsibilities and obligations for data governance and data protection (by design and by default) to name a few. Substantially, it also requires the datafication of legal identity which means transposing all its properties and foundational traits inits corresponding data expressions and relations. As (digital) legal identity evolves from the fringes of purely technology-related challenges towards the legal and socio-technical, state institutions \textendashsovereignly responsible for delivering digital legal identities to citizens\textendash are acknowledging the polyvalent, non-monolithic, and relational characters of identitiesand they explore appropriate architectures. This paper sets out to explore the institutional turn towards decentralized digital identities. The claims surrounding these digital identities raise high hopes for the cross border digital identity provisioning being data protection and privacy compliant, technologically secure, and user-centric. This paper attempts to explore how the relevant accountable actors \textendashas recognized through the data protection normative framework\textendash are formed around the technological identity infrastructure.We highlight and examine the conflict between the European proposals on the provision of digital identity infrastructures through decentralized architectures and the concepts of data controllership in the GDPR.
},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Creating legal identity in the digital space involves the challenging task of addressing the datarelated responsibilities and obligations for data governance and data protection (by design and by default) to name a few. Substantially, it also requires the datafication of legal identity which means transposing all its properties and foundational traits inits corresponding data expressions and relations. As (digital) legal identity evolves from the fringes of purely technology-related challenges towards the legal and socio-technical, state institutions –sovereignly responsible for delivering digital legal identities to citizens– are acknowledging the polyvalent, non-monolithic, and relational characters of identitiesand they explore appropriate architectures. This paper sets out to explore the institutional turn towards decentralized digital identities. The claims surrounding these digital identities raise high hopes for the cross border digital identity provisioning being data protection and privacy compliant, technologically secure, and user-centric. This paper attempts to explore how the relevant accountable actors –as recognized through the data protection normative framework– are formed around the technological identity infrastructure.We highlight and examine the conflict between the European proposals on the provision of digital identity infrastructures through decentralized architectures and the concepts of data controllership in the GDPR.
McGonagle, T.
Another string to the bow of media freedom: An analysis of the Communiqués of the OSCE Representative on Freedom of the Media (2014 – 2022) Technical Report
2022, (Study commissioned by the OSCE Representative on Freedom of the Media, OSCE, Vienna).
@techreport{nokey,
title = {Another string to the bow of media freedom: An analysis of the Communiqu\'{e}s of the OSCE Representative on Freedom of the Media (2014 \textendash 2022)},
author = {McGonagle, T.},
url = {https://www.ivir.nl/nl/another_string_to_the_bow_of_media_freedom/},
year = {2022},
date = {2022-07-21},
abstract = {Since 2014, the OSCE Representative on Freedom of the Media has issued 20 communiqu\'{e}s on a range of different themes relating to freedom of expression and information; media and internet freedom; and the safety and freedoms of journalists and other (media) actors. They were introduced as a new form of output that would have more depth and impact than regular
press releases or statements. This study provides an analysis of this corpus of communiqu\'{e}s. It examines their aims, instruments and formats used by the Representative to make political interventions and develop standpoints. The thematic analysis is grouped into the following rough categories: 1) enduring threats to freedom of the media and freedom of expression; 2) emerging threats to freedom of the media and freedom of expression; and 3) signature themes of the Office of the Representative. The signature themes are open journalism and safety of female journalists online \textendash the focuses of two recent flagship projects by the Office of the Representative. The picture that emerges from the analysis is one of complementary focuses and consistent approaches. Nevertheless, the conclusions offer a few modest recommendations to make future communiqu\'{e}s more distinctly recognisable as such and to further enhance the consistency across the growing corpus of communiqu\'{e}s.},
note = {Study commissioned by the OSCE Representative on Freedom of the Media, OSCE, Vienna},
keywords = {},
pubstate = {published},
tppubtype = {techreport}
}
Since 2014, the OSCE Representative on Freedom of the Media has issued 20 communiqués on a range of different themes relating to freedom of expression and information; media and internet freedom; and the safety and freedoms of journalists and other (media) actors. They were introduced as a new form of output that would have more depth and impact than regular
press releases or statements. This study provides an analysis of this corpus of communiqués. It examines their aims, instruments and formats used by the Representative to make political interventions and develop standpoints. The thematic analysis is grouped into the following rough categories: 1) enduring threats to freedom of the media and freedom of expression; 2) emerging threats to freedom of the media and freedom of expression; and 3) signature themes of the Office of the Representative. The signature themes are open journalism and safety of female journalists online – the focuses of two recent flagship projects by the Office of the Representative. The picture that emerges from the analysis is one of complementary focuses and consistent approaches. Nevertheless, the conclusions offer a few modest recommendations to make future communiqués more distinctly recognisable as such and to further enhance the consistency across the growing corpus of communiqués.
press releases or statements. This study provides an analysis of this corpus of communiqués. It examines their aims, instruments and formats used by the Representative to make political interventions and develop standpoints. The thematic analysis is grouped into the following rough categories: 1) enduring threats to freedom of the media and freedom of expression; 2) emerging threats to freedom of the media and freedom of expression; and 3) signature themes of the Office of the Representative. The signature themes are open journalism and safety of female journalists online – the focuses of two recent flagship projects by the Office of the Representative. The picture that emerges from the analysis is one of complementary focuses and consistent approaches. Nevertheless, the conclusions offer a few modest recommendations to make future communiqués more distinctly recognisable as such and to further enhance the consistency across the growing corpus of communiqués.
van Daalen, O.
In defense of offense: information security research under the right to science Journal Article
In: Computer Law & Security Review, vol. 46, 2022.
@article{nokey,
title = {In defense of offense: information security research under the right to science},
author = {van Daalen, O.},
doi = {10.1016/j.clsr.2022.105706},
year = {2022},
date = {2022-07-12},
journal = {Computer Law \& Security Review},
volume = {46},
abstract = {Information security is something you do, not something you have. It's a recurring process of finding weaknesses and fixing them, only for the next weakness to be discovered, and fixed, and so on. Yet, European Union rules in this field are not built around this cycle of making and breaking: doing offensive information security research is not always legal, and doubts about its legality can have a chilling effect. At the same time, the results of such research are sometimes not used to allow others to take defensive measures, but instead are used to attack. In this article, I review whether states have an obligation under the right to science and the right to communications freedom to develop governance which addresses these two issues. I first discuss the characteristics of this cycle of making and breaking. I then discuss the rules in the European Union with regard to this cycle. Then I discuss how the right to science and the right to communications freedom under the European Convention for Human Rights , the EU Charter of Fundamental Rights and the International Covenant on Economic, Social and Cultural Rights apply to this domain. I then conclude that states must recognise a right to research information security vulnerabilities, but that this right comes with a duty of researchers to disclose their findings in a way which strengthens information security.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Information security is something you do, not something you have. It's a recurring process of finding weaknesses and fixing them, only for the next weakness to be discovered, and fixed, and so on. Yet, European Union rules in this field are not built around this cycle of making and breaking: doing offensive information security research is not always legal, and doubts about its legality can have a chilling effect. At the same time, the results of such research are sometimes not used to allow others to take defensive measures, but instead are used to attack. In this article, I review whether states have an obligation under the right to science and the right to communications freedom to develop governance which addresses these two issues. I first discuss the characteristics of this cycle of making and breaking. I then discuss the rules in the European Union with regard to this cycle. Then I discuss how the right to science and the right to communications freedom under the European Convention for Human Rights , the EU Charter of Fundamental Rights and the International Covenant on Economic, Social and Cultural Rights apply to this domain. I then conclude that states must recognise a right to research information security vulnerabilities, but that this right comes with a duty of researchers to disclose their findings in a way which strengthens information security.
Mil, J. van; Quintais, J.
A Matter of (Joint) control? Virtual assistants and the general data protection regulation Journal Article
In: Computer Law & Security Review, vol. 45, 2022.
@article{nokey,
title = {A Matter of (Joint) control? Virtual assistants and the general data protection regulation},
author = {Mil, J. van and Quintais, J.},
doi = {https://doi.org/10.1016/j.clsr.2022.105689},
year = {2022},
date = {2022-06-16},
journal = {Computer Law \& Security Review},
volume = {45},
abstract = {This article provides an overview and critical examination of the rules for determining who qualifies as controller or joint controller under the General Data Protection Regulation. Using Google Assistant \textendash an artificial intelligence-driven virtual assistant \textendash as a case study, we argue that these rules are overreaching and difficult to apply in the present-day information society and Internet of Things environments. First, as a consequence of recent developments in case law and supervisory guidance, these rules lead to a complex and ambiguous test to determine (joint) control. Second, due to advances in technological applications and business models, it is increasingly challenging to apply such rules to contemporary processing operations. In particular, as illustrated by the Google Assistant, individuals will likely be qualified as joint controllers, together with Google and also third-party developers, for at least the collection and possible transmission of other individuals’ personal data via the virtual assistant. Third, we identify follow-on issues relating to the apportionment of responsibilities between joint controllers and the effective and complete protection of data subjects. We conclude by questioning whether the framework for determining who qualifies as controller or joint controller is future-proof and normatively desirable.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
This article provides an overview and critical examination of the rules for determining who qualifies as controller or joint controller under the General Data Protection Regulation. Using Google Assistant – an artificial intelligence-driven virtual assistant – as a case study, we argue that these rules are overreaching and difficult to apply in the present-day information society and Internet of Things environments. First, as a consequence of recent developments in case law and supervisory guidance, these rules lead to a complex and ambiguous test to determine (joint) control. Second, due to advances in technological applications and business models, it is increasingly challenging to apply such rules to contemporary processing operations. In particular, as illustrated by the Google Assistant, individuals will likely be qualified as joint controllers, together with Google and also third-party developers, for at least the collection and possible transmission of other individuals’ personal data via the virtual assistant. Third, we identify follow-on issues relating to the apportionment of responsibilities between joint controllers and the effective and complete protection of data subjects. We conclude by questioning whether the framework for determining who qualifies as controller or joint controller is future-proof and normatively desirable.
Janssen, H.; Seng Ah Lee, M.; Singh, J.; Cobbe, J.
Defining the scope of AI ADM system risk assessment Book Chapter
In: Research handbook on EU data protection law, E. Kosta, R. Leenes & I. Kamara (ed.), Chapter 16, pp. 405-434, Edgar Elgar Publishing, 2022.
@inbook{nokey,
title = {Defining the scope of AI ADM system risk assessment},
author = {Janssen, H. and Seng Ah Lee, M. and Singh, J. and Cobbe, J.},
year = {2022},
date = {2022-06-16},
booktitle = {Research handbook on EU data protection law, E. Kosta, R. Leenes \& I. Kamara (ed.)},
pages = {405-434},
publisher = {Edgar Elgar Publishing},
chapter = {16},
keywords = {},
pubstate = {published},
tppubtype = {inbook}
}
Leerssen, P.
Annotatie bij Rb Noord-Holland 6 oktober 2021 (Kamerlid / LinkedIn Ierland & LinkedIn Nederland) Journal Article
In: Computerrecht, iss. 3, no. 97, pp. 228-230, 2022.
@article{nokey,
title = {Annotatie bij Rb Noord-Holland 6 oktober 2021 (Kamerlid / LinkedIn Ierland \& LinkedIn Nederland)},
author = {Leerssen, P.},
url = {https://www.ivir.nl/annotatie_computerrecht_2022_97/},
year = {2022},
date = {2022-06-16},
journal = {Computerrecht},
number = {97},
issue = {3},
pages = {228-230},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Dommering, E.
Naar een algemeen transparantiebeginsel? : Bespreking van het preadvies van A.W.G.J. Buijze voor de VAR 2022 Journal Article
In: Nederlands Tijdschrift voor Bestuursrecht, iss. 5, no. 141, pp. 265-271, 2022.
@article{nokey,
title = {Naar een algemeen transparantiebeginsel? : Bespreking van het preadvies van A.W.G.J. Buijze voor de VAR 2022},
author = {Dommering, E.},
url = {https://www.ivir.nl/ntb_2022_5_141/},
year = {2022},
date = {2022-06-07},
urldate = {2022-06-07},
journal = {Nederlands Tijdschrift voor Bestuursrecht},
number = {141},
issue = {5},
pages = {265-271},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Quintais, J.
Between Filters and Fundamental Rights: How the Court of Justice saved Article 17 in C-401/19 - Poland v. Parliament and Council Journal Article
In: Verfassungsblog, 2022.
@article{nokey,
title = {Between Filters and Fundamental Rights: How the Court of Justice saved Article 17 in C-401/19 - Poland v. Parliament and Council},
author = {Quintais, J.},
url = {https://verfassungsblog.de/filters-poland/?s=09},
year = {2022},
date = {2022-05-16},
journal = {Verfassungsblog},
abstract = {On 26 April 2022, the Court of Justice of the EU (CJEU or Court) delivered its much awaited judgement in Case C-401/19 \textendash Poland v Parliament and Council. The case focuses on the validity of Article 17 of the Copyright in the Digital Single Market Directive (CDSMD) in light of fundamental rights. The judgment marks the climax of a turbulent journey in the area of copyright law, with potential implications for the future of platform regulation and content moderation in EU law.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
On 26 April 2022, the Court of Justice of the EU (CJEU or Court) delivered its much awaited judgement in Case C-401/19 – Poland v Parliament and Council. The case focuses on the validity of Article 17 of the Copyright in the Digital Single Market Directive (CDSMD) in light of fundamental rights. The judgment marks the climax of a turbulent journey in the area of copyright law, with potential implications for the future of platform regulation and content moderation in EU law.
Quintais, J.
Article 17 survives, but freedom of expression safeguards are key: C-401/19 – Poland v Parliament and Council Journal Article
In: Kluwer Copyright Blog, 2022.
@article{nokey,
title = {Article 17 survives, but freedom of expression safeguards are key: C-401/19 \textendash Poland v Parliament and Council},
author = {Quintais, J.},
url = {http://copyrightblog.kluweriplaw.com/2022/04/26/article-17-survives-but-freedom-of-expression-safeguards-are-key-c-401-19-poland-v-parliament-and-council/},
year = {2022},
date = {2022-05-02},
urldate = {2022-05-02},
journal = {Kluwer Copyright Blog},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Alberdingk Thijm, Chr. A.
Knock Knock Who's There? Tussenpersonen, persoonsgegevens en de kunst van het juiste evenwicht Journal Article
In: Ars Aequi, iss. april, pp. 279-288, 2022.
@article{nokey,
title = {Knock Knock Who's There? Tussenpersonen, persoonsgegevens en de kunst van het juiste evenwicht},
author = {Alberdingk Thijm, Chr. A.},
url = {https://www.ivir.nl/nl/aa_2022/},
year = {2022},
date = {2022-04-08},
journal = {Ars Aequi},
issue = {april},
pages = {279-288},
abstract = {Wat te doen als je op Twitter door een anoniem profiel voor rotte vis wordt uitgemaakt? Het Nederlandse recht biedt verschillende mogelijkheden om identificerende gegevens te verkrijgen van internettussenpersonen. Maar hoe wordt de afweging met de bescherming van de persoonsgegevens van de anonymus gemaakt? Hoe verhoudt het recht op een doeltreffende voorziening in rechte zich tot het gegevensbeschermingsrecht? Het Hof van Justitie schrijft voor dat bij botsende
fundamentele rechten het ‘juiste evenwicht’ moet worden gevonden. Dat blijkt de Nederlandse rechter nog niet zo eenvoudig te vinden, zo wordt duidelijk bij de bespreking van het Dutch FilmWorks-arrest in dit artikel.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Wat te doen als je op Twitter door een anoniem profiel voor rotte vis wordt uitgemaakt? Het Nederlandse recht biedt verschillende mogelijkheden om identificerende gegevens te verkrijgen van internettussenpersonen. Maar hoe wordt de afweging met de bescherming van de persoonsgegevens van de anonymus gemaakt? Hoe verhoudt het recht op een doeltreffende voorziening in rechte zich tot het gegevensbeschermingsrecht? Het Hof van Justitie schrijft voor dat bij botsende
fundamentele rechten het ‘juiste evenwicht’ moet worden gevonden. Dat blijkt de Nederlandse rechter nog niet zo eenvoudig te vinden, zo wordt duidelijk bij de bespreking van het Dutch FilmWorks-arrest in dit artikel.
fundamentele rechten het ‘juiste evenwicht’ moet worden gevonden. Dat blijkt de Nederlandse rechter nog niet zo eenvoudig te vinden, zo wordt duidelijk bij de bespreking van het Dutch FilmWorks-arrest in dit artikel.
Hins, A.
Grondrechten voor de vijand Journal Article
In: De Hofvijver, vol. 12, iss. 129, 2022.
@article{nokey,
title = {Grondrechten voor de vijand},
author = {Hins, A.},
url = {https://www.montesquieu-instituut.nl/id/vlrjjfj3ptw8/nieuws/grondrechthttps://www.ivir.nl/hofvijver-28-maart-2022-opinie-grondrechten-voor-de-vijand/},
year = {2022},
date = {2022-03-28},
journal = {De Hofvijver},
volume = {12},
issue = {129},
abstract = {Op 1 maart 2022 besloot de Raad van de Europese Unie tot een algemeen verbod op het doorgeven van de Russische propagandazenders RT (Russia Today) en Sputnik. In deze opinie wordt het standpunt ingenomen dat desinformatie moet worden bestreden, maar dat het middel van censuur erger is dan de kwaal.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Op 1 maart 2022 besloot de Raad van de Europese Unie tot een algemeen verbod op het doorgeven van de Russische propagandazenders RT (Russia Today) en Sputnik. In deze opinie wordt het standpunt ingenomen dat desinformatie moet worden bestreden, maar dat het middel van censuur erger is dan de kwaal.
van Eechoud, M.; Schumacher, L.D.
Data na de dood: Zwevend tussen contract en gegevensbescherming Journal Article
In: Nederlands Juristenblad (NJB), iss. 6, no. 355, pp. 396-405, 2022.
@article{nokey,
title = {Data na de dood: Zwevend tussen contract en gegevensbescherming},
author = {van Eechoud, M. and Schumacher, L.D.},
url = {https://www.ivir.nl/publicaties/download/NJB_2022_355.pdf},
year = {2022},
date = {2022-02-14},
journal = {Nederlands Juristenblad (NJB)},
number = {355},
issue = {6},
pages = {396-405},
abstract = {Mensen zijn zich nog weinig bewust van wat de implicaties van overlijden zijn voor het digitale bezit dat ze nalaten, terwijl iedereen hier steeds meer van heeft. Opvattingen verschillen over de mate waarin erfgenamen toegang moeten krijgen; er is nog weinig bekend over (veranderende) maatschappelijke opvattingen daarover. Omdat digitale communicatie geregeerd wordt door standaardovereenkomsten met aanbieders van informatiediensten, wordt ook de positie van erfgenamen daar primair door bepaald. Tegelijkertijd hebben veel aanbieders nog geen doordacht ‘overlijdensbeleid’ en daarbij passende voorwaarden en tools. Het lijkt tijd dat de (Europese) wetgever daar wat aan gaat veranderen. Om op kortere termijn te zorgen voor meer rechtszekerheid, zou de Nederlandse wetgever in ieder geval enkele specifieke plichten en rechten uit de AVG van toepassing kunnen verklaren op de persoonsgegevens van overleden gebruikers van informatiediensten.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Mensen zijn zich nog weinig bewust van wat de implicaties van overlijden zijn voor het digitale bezit dat ze nalaten, terwijl iedereen hier steeds meer van heeft. Opvattingen verschillen over de mate waarin erfgenamen toegang moeten krijgen; er is nog weinig bekend over (veranderende) maatschappelijke opvattingen daarover. Omdat digitale communicatie geregeerd wordt door standaardovereenkomsten met aanbieders van informatiediensten, wordt ook de positie van erfgenamen daar primair door bepaald. Tegelijkertijd hebben veel aanbieders nog geen doordacht ‘overlijdensbeleid’ en daarbij passende voorwaarden en tools. Het lijkt tijd dat de (Europese) wetgever daar wat aan gaat veranderen. Om op kortere termijn te zorgen voor meer rechtszekerheid, zou de Nederlandse wetgever in ieder geval enkele specifieke plichten en rechten uit de AVG van toepassing kunnen verklaren op de persoonsgegevens van overleden gebruikers van informatiediensten.
Fahy, R.; Dobber, T.; Zuiderveen Borgesius, F.; Shires, J.
Microtargeted propaganda by foreign actors: An interdisciplinary exploration Journal Article
In: Maastricht Journal of European and Comparative Law, pp. 856-877, 2022, (MJ, vol. 28, nr. 6, 2021).
@article{nokey,
title = {Microtargeted propaganda by foreign actors: An interdisciplinary exploration},
author = {Fahy, R. and Dobber, T. and Zuiderveen Borgesius, F. and Shires, J.},
url = {https://www.ivir.nl/publicaties/download/MaastrichtJournalofEuropeanandComparativeLaw_2021_6.pdf},
doi = {10.1177/1023263X211042471},
year = {2022},
date = {2022-01-25},
urldate = {2021-12-31},
journal = {Maastricht Journal of European and Comparative Law},
pages = {856-877},
abstract = {This article discusses a problem that has received scant attention in literature: microtargeted propaganda by foreign actors. Microtargeting involves collecting information about people, and using that information to show them targeted political advertisements. Such microtargeting enables advertisers to target ads to specific groups of people, for instance people who visit certain websites, forums, or Facebook groups. This article focuses on one type of microtargeting: microtargeting by foreign actors. For example, Russia has targeted certain groups in the US with ads, aiming to sow discord. Foreign actors could also try to influence European elections, for instance by advertising in favour of a certain political party. Foreign propaganda possibilities existed before microtargeting. This article explores two questions. In what ways, if any, is microtargeted propaganda by foreign actors different from other foreign propaganda? What could lawmakers in Europe do to mitigate the risks of microtargeted propaganda?},
note = {MJ, vol. 28, nr. 6, 2021},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
This article discusses a problem that has received scant attention in literature: microtargeted propaganda by foreign actors. Microtargeting involves collecting information about people, and using that information to show them targeted political advertisements. Such microtargeting enables advertisers to target ads to specific groups of people, for instance people who visit certain websites, forums, or Facebook groups. This article focuses on one type of microtargeting: microtargeting by foreign actors. For example, Russia has targeted certain groups in the US with ads, aiming to sow discord. Foreign actors could also try to influence European elections, for instance by advertising in favour of a certain political party. Foreign propaganda possibilities existed before microtargeting. This article explores two questions. In what ways, if any, is microtargeted propaganda by foreign actors different from other foreign propaganda? What could lawmakers in Europe do to mitigate the risks of microtargeted propaganda?
Appelman, N.; Fahy, R.; van Hoboken, J.
Social Welfare, Risk Profiling and Fundamental Rights: The Case of SyRI in the Netherlands Journal Article
In: JIPITEC, vol. 12, no. 4, pp. 257-271, 2021.
@article{nokey,
title = {Social Welfare, Risk Profiling and Fundamental Rights: The Case of SyRI in the Netherlands},
author = {Appelman, N. and Fahy, R. and van Hoboken, J.},
url = {https://www.ivir.nl/publicaties/download/jipitec_2021_4.pdf
https://www.jipitec.eu/issues/jipitec-12-4-2021/5407},
year = {2021},
date = {2021-12-16},
journal = {JIPITEC},
volume = {12},
number = {4},
pages = {257-271},
abstract = {This article discusses the use of automated decisioning-making (ADM) systems by public administrative bodies, particularly systems designed to combat social-welfare fraud, from a European fundamental rights law perspective. The article begins by outlining the emerging fundamental rights issues in relation to ADM systems used by public administrative bodies. Building upon this, the article critically analyses a recent landmark judgment from the Netherlands and uses this as a case study for discussion of the application of fundamental rights law to ADM systems by public authorities more generally. In the so-called SyRI judgment, the District Court of The Hague held that a controversial automated welfare-fraud detection system (SyRI), which allows the linking and analysing of data from an array of government agencies to generate fraud-risk reports on people, violated the right to private life, guaranteed under Article 8 of the European Convention on Human Rights (ECHR). The Court held that SyRI was insufficiently transparent, and contained insufficient safeguards, to protect the right to privacy, in violation of Article 8 ECHR. This was one of the first times an ADM system being used by welfare authorities has been halted on the basis of Article 8 ECHR. The article critically analyses the SyRI judgment from a fundamental rights perspective, including by examining how the Court brought principles contained in the General Data Protection Regulation within the rubric of Article 8 ECHR as well as the importance the Court attaches to the principle of transparency under Article 8 ECHR. Finally, the article discusses how the Dutch government responded to the judgment. and discusses proposed new legislation, which is arguably more invasive, with the article concluding with some lessons that can be drawn for the broader policy and legal debate on ADM systems used by public authorities. implications.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
This article discusses the use of automated decisioning-making (ADM) systems by public administrative bodies, particularly systems designed to combat social-welfare fraud, from a European fundamental rights law perspective. The article begins by outlining the emerging fundamental rights issues in relation to ADM systems used by public administrative bodies. Building upon this, the article critically analyses a recent landmark judgment from the Netherlands and uses this as a case study for discussion of the application of fundamental rights law to ADM systems by public authorities more generally. In the so-called SyRI judgment, the District Court of The Hague held that a controversial automated welfare-fraud detection system (SyRI), which allows the linking and analysing of data from an array of government agencies to generate fraud-risk reports on people, violated the right to private life, guaranteed under Article 8 of the European Convention on Human Rights (ECHR). The Court held that SyRI was insufficiently transparent, and contained insufficient safeguards, to protect the right to privacy, in violation of Article 8 ECHR. This was one of the first times an ADM system being used by welfare authorities has been halted on the basis of Article 8 ECHR. The article critically analyses the SyRI judgment from a fundamental rights perspective, including by examining how the Court brought principles contained in the General Data Protection Regulation within the rubric of Article 8 ECHR as well as the importance the Court attaches to the principle of transparency under Article 8 ECHR. Finally, the article discusses how the Dutch government responded to the judgment. and discusses proposed new legislation, which is arguably more invasive, with the article concluding with some lessons that can be drawn for the broader policy and legal debate on ADM systems used by public authorities. implications.
Dommering, E.
In: Nederlandse Jurisprudentie, no. 49, pp. 6225-6237, 2021.
@article{nokey,
title = {Annotatie bij EHRM 25 mei 2021 (Big Brother Watch e.a. / Verenigd Koninkrijk) en Hof van Justitie EU 6 oktober 2020 (La Quadrature du Net e.a. / Premier ministre e.a.)},
author = {Dommering, E.},
url = {https://www.ivir.nl/publicaties/download/Annotatie_NJ_2021_362.pdf},
year = {2021},
date = {2021-12-07},
journal = {Nederlandse Jurisprudentie},
number = {49},
pages = {6225-6237},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Hins, A.
Annotatie bij Rb. Noord-Holland 6 oktober 2021 (Van Haga / LinkedIn) Journal Article
In: Mediaforum, vol. 33, no. 6, pp. 206-208, 2021.
@article{nokey,
title = {Annotatie bij Rb. Noord-Holland 6 oktober 2021 (Van Haga / LinkedIn)},
author = {Hins, A.},
url = {https://www.ivir.nl/publicaties/download/Annotatie_Mf_2021_6.pdf},
year = {2021},
date = {2021-12-02},
journal = {Mediaforum},
volume = {33},
number = {6},
pages = {206-208},
abstract = {Het Tweede Kamerlid Van Haga heeft op zijn LinkedIn profielpagina berichten geplaatst waarin hij de gevaren van het coronavirus in twijfel trok. Het bedrijf LinkedIn heeft eerst een paar van deze berichten verwijderd en daarna het account van Van Haga helemaal be\"{e}indigd. In het kort geding ging het onder meer om de vraag in hoeverre Van Haga beschermd wordt door de vrijheid van meningsuiting.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Het Tweede Kamerlid Van Haga heeft op zijn LinkedIn profielpagina berichten geplaatst waarin hij de gevaren van het coronavirus in twijfel trok. Het bedrijf LinkedIn heeft eerst een paar van deze berichten verwijderd en daarna het account van Van Haga helemaal beëindigd. In het kort geding ging het onder meer om de vraag in hoeverre Van Haga beschermd wordt door de vrijheid van meningsuiting.
Senftleben, M.; van Gompel, S.; Helmond, A.; Schumacher, L.D.; Ausloos, J.; van Hoboken, J.; Quintais, J.
Webharvesting Technical Report
2021, (Onderzoek in opdracht van het Wetenschappelijk Onderzoek- en Documentatiecentrum (WODC), 20 september 2021, WODC rapport 3142.).
@techreport{nokey,
title = {Webharvesting},
author = {Senftleben, M. and van Gompel, S. and Helmond, A. and Schumacher, L.D. and Ausloos, J. and van Hoboken, J. and Quintais, J.},
url = {https://www.ivir.nl/publicaties/download/Webharvesting_WODC.pdf},
year = {2021},
date = {2021-11-25},
urldate = {2021-11-25},
abstract = {Aan het volgende onderzoeksrapport ligt de doelstelling ten grondslag om te inventariseren wat juridisch, beleidsmatig en technisch nodig is om webharvesting mogelijk te maken, onder meer in de vorm van een zogenaamde nationale “domeincrawl”: het systematische kopi\"{e}ren en archiveren van webpagina’s die een afspiegeling vormen van de Nederlandse sociale, culturele, economische, juridische, politieke en wetenschappelijke geschiedenis online.},
note = {Onderzoek in opdracht van het Wetenschappelijk Onderzoek- en Documentatiecentrum (WODC), 20 september 2021, WODC rapport 3142.},
keywords = {},
pubstate = {published},
tppubtype = {techreport}
}
Aan het volgende onderzoeksrapport ligt de doelstelling ten grondslag om te inventariseren wat juridisch, beleidsmatig en technisch nodig is om webharvesting mogelijk te maken, onder meer in de vorm van een zogenaamde nationale “domeincrawl”: het systematische kopiëren en archiveren van webpagina’s die een afspiegeling vormen van de Nederlandse sociale, culturele, economische, juridische, politieke en wetenschappelijke geschiedenis online.
Dommering, E.
Het coronabeleid is onconstitutioneel Journal Article
In: Nederlands Juristenblad (NJB), no. 41, pp. 3396-3398, 2021.
@article{nokey,
title = {Het coronabeleid is onconstitutioneel},
author = {Dommering, E.},
url = {https://www.ivir.nl/publicaties/download/NJB_Opinie_2021.pdf},
year = {2021},
date = {2021-11-25},
journal = {Nederlands Juristenblad (NJB)},
number = {41},
pages = {3396-3398},
abstract = {De Staat is verplicht om in te grijpen bij het uitbreken van een pandemie van een gevaarlijke ziekte en moet dan maatregelen treffen om deze zoveel mogelijk in te dammen. Maar daarbij hoort een ingewikkelde afweging van conflicterende fundamentele rechten, belangen en redelijkerwijze van de ingreep te verwachten gevolgen. Deze noodzakelijke grondrechtelijke toetsing was, is en blijft maar achterwege bij de coronamaat-regelen die in Nederland uitgevaardigd worden.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
De Staat is verplicht om in te grijpen bij het uitbreken van een pandemie van een gevaarlijke ziekte en moet dan maatregelen treffen om deze zoveel mogelijk in te dammen. Maar daarbij hoort een ingewikkelde afweging van conflicterende fundamentele rechten, belangen en redelijkerwijze van de ingreep te verwachten gevolgen. Deze noodzakelijke grondrechtelijke toetsing was, is en blijft maar achterwege bij de coronamaat-regelen die in Nederland uitgevaardigd worden.
Fahy, R.; Helberger, N.; Appelman, N.
The perils of legally defining disinformation Journal Article
In: Internet Policy Review, vol. 10, no. 4, 2021.
@article{nokey,
title = {The perils of legally defining disinformation},
author = {Fahy, R. and Helberger, N. and Appelman, N.},
url = {https://www.ivir.nl/publicaties/download/InternetPolicyReview_2021.pdf},
doi = {10.14763/2021.4.1584},
year = {2021},
date = {2021-11-12},
journal = {Internet Policy Review},
volume = {10},
number = {4},
abstract = {EU policy considers disinformation to be harmful content, rather than illegal content. However, EU member states have recently been making disinformation illegal. This article discusses the definitions that form the basis of EU disinformation policy, and analyses national legislation in EU member states applicable to the definitions of disinformation, in light of freedom of expression and the proposed Digital Services Act. The article discusses the perils of defining disinformation in EU legislation, and including provisions on online platforms being required to remove illegal content, which may end up being applicable to overbroad national laws criminalising false news and false information.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
EU policy considers disinformation to be harmful content, rather than illegal content. However, EU member states have recently been making disinformation illegal. This article discusses the definitions that form the basis of EU disinformation policy, and analyses national legislation in EU member states applicable to the definitions of disinformation, in light of freedom of expression and the proposed Digital Services Act. The article discusses the perils of defining disinformation in EU legislation, and including provisions on online platforms being required to remove illegal content, which may end up being applicable to overbroad national laws criminalising false news and false information.
Irion, K.; Es, R. van; Meeren, K. van der; Dijkman, D.
Evaluatie PNR Wet Technical Report
2021, (WODC Rapport 3181, geschreven door K. Irion, R. van Es (IViR), K. van der Meeren & D. Dijkman (It's Public), november 2021).
@techreport{nokey,
title = {Evaluatie PNR Wet},
author = {Irion, K. and Es, R. van and Meeren, K. van der and Dijkman, D.},
url = {https://www.ivir.nl/publicaties/download/evaluatie-pnr-wet-1.pdf
https://repository.wodc.nl/handle/20.500.12832/3118},
year = {2021},
date = {2021-11-11},
abstract = {Op 18 juni 2019 is de Wet gebruik van passagiersgegevens voor de bestrijding van terroristische en ernstige misdrijven (PNR-wet) in werking getreden. Deze wet verplicht de luchtvaartmaatschappijen om passagiersgegevens van elke vlucht die in Nederland vertrekt of aankomt te verstrekken aan de Passagiersinformatie-eenheid Nederland (Pi-NL). De Pi-NL mag krachtens deze wet verzamelde passagiersgegevens uitsluitend verwerken voor het voorkomen, opsporen, onderzoeken en vervolgen van terroristische misdrijven en ernstige criminaliteit. Met de aanname van de PNR-wet voldoet de Nederlandse wetgever aan zijn plicht om de EU-richtlijn 2016/681 (PNR-richtlijn) te implementeren. Dit onderzoek vervult de verplichting uit artikel 25 van de PNR-wet dat twee jaar na de inwerkingtreding van de wet een evaluatie dient plaats te vinden van de doeltreffendheid en de effecten van deze wet in de praktijk. Deze evaluatie is ook gericht op de naleving van de privacywaarborgen en op de verwerking van passagiersgegevens van intra-EU-vluchten. De periode waarop deze evaluatie betrekking heeft, loopt van de inwerkingtreding van de wet op 18 juni 2019 tot 5 juli 2021},
note = {WODC Rapport 3181, geschreven door K. Irion, R. van Es (IViR), K. van der Meeren \& D. Dijkman (It's Public), november 2021},
keywords = {},
pubstate = {published},
tppubtype = {techreport}
}
Op 18 juni 2019 is de Wet gebruik van passagiersgegevens voor de bestrijding van terroristische en ernstige misdrijven (PNR-wet) in werking getreden. Deze wet verplicht de luchtvaartmaatschappijen om passagiersgegevens van elke vlucht die in Nederland vertrekt of aankomt te verstrekken aan de Passagiersinformatie-eenheid Nederland (Pi-NL). De Pi-NL mag krachtens deze wet verzamelde passagiersgegevens uitsluitend verwerken voor het voorkomen, opsporen, onderzoeken en vervolgen van terroristische misdrijven en ernstige criminaliteit. Met de aanname van de PNR-wet voldoet de Nederlandse wetgever aan zijn plicht om de EU-richtlijn 2016/681 (PNR-richtlijn) te implementeren. Dit onderzoek vervult de verplichting uit artikel 25 van de PNR-wet dat twee jaar na de inwerkingtreding van de wet een evaluatie dient plaats te vinden van de doeltreffendheid en de effecten van deze wet in de praktijk. Deze evaluatie is ook gericht op de naleving van de privacywaarborgen en op de verwerking van passagiersgegevens van intra-EU-vluchten. De periode waarop deze evaluatie betrekking heeft, loopt van de inwerkingtreding van de wet op 18 juni 2019 tot 5 juli 2021
Janssen, H.
Persoonlijke PIMS: privacyfort of luchtkasteel? Journal Article
In: Privacy & Informatie, no. 5, pp. 214-225, 2021.
@article{Janssen2021c,
title = {Persoonlijke PIMS: privacyfort of luchtkasteel?},
author = {Janssen, H.},
year = {2021},
date = {2021-10-28},
journal = {Privacy \& Informatie},
number = {5},
pages = {214-225},
abstract = {Persoonsgegevens worden thans veelal op ondoorzichtige wijze, buiten de controle van de betrokkenen verwerkt. Persoonlijke informatiebeheersystemen (PIMS) willen betrokkenen technologische toepassingen aanreiken, die hun meer controle geven over de verwerking van hun persoonsgegevens. PIMS presenteren zich als alternatief voor de huidige, ‘gecentraliseerde’ wijze van gegevensverwerking, waarbij (grote) organisaties persoonsgegevens op meestal ondoorzichtige wijze verzamelen, analyseren en doorgeven aan derden. PIMS bieden betrokkenen technische instrumenten waarmee zij zelf kunnen controleren en bepalen wanneer en aan wie zijn hun gegevens overdragen, en/of analyses over hun gegevens kunnen laten uitvoeren. Hoewel argumenten voor deze ‘decentralisatie’
aantrekkelijk klinken, rijzen vragen over de mate waarin PIMS de problemen met de huidige gegevensverwerking effectief kunnen bestrijden. In dit artikel ligt de focus bij de vraag in hoeverre deze PIMS de machtsongelijkheid tussen betrokkenen en grote organisaties daadwerkelijk kunnen bestrijden, die als gevolg van de huidige gegevensverwerkingspraktijk zijn ontstaan. PIMS kunnen enig inzicht in en controle over gegevensverwerking bieden, maar desondanks zal de machtsongelijkheid grotendeels blijven voortbestaan.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Persoonsgegevens worden thans veelal op ondoorzichtige wijze, buiten de controle van de betrokkenen verwerkt. Persoonlijke informatiebeheersystemen (PIMS) willen betrokkenen technologische toepassingen aanreiken, die hun meer controle geven over de verwerking van hun persoonsgegevens. PIMS presenteren zich als alternatief voor de huidige, ‘gecentraliseerde’ wijze van gegevensverwerking, waarbij (grote) organisaties persoonsgegevens op meestal ondoorzichtige wijze verzamelen, analyseren en doorgeven aan derden. PIMS bieden betrokkenen technische instrumenten waarmee zij zelf kunnen controleren en bepalen wanneer en aan wie zijn hun gegevens overdragen, en/of analyses over hun gegevens kunnen laten uitvoeren. Hoewel argumenten voor deze ‘decentralisatie’
aantrekkelijk klinken, rijzen vragen over de mate waarin PIMS de problemen met de huidige gegevensverwerking effectief kunnen bestrijden. In dit artikel ligt de focus bij de vraag in hoeverre deze PIMS de machtsongelijkheid tussen betrokkenen en grote organisaties daadwerkelijk kunnen bestrijden, die als gevolg van de huidige gegevensverwerkingspraktijk zijn ontstaan. PIMS kunnen enig inzicht in en controle over gegevensverwerking bieden, maar desondanks zal de machtsongelijkheid grotendeels blijven voortbestaan.
aantrekkelijk klinken, rijzen vragen over de mate waarin PIMS de problemen met de huidige gegevensverwerking effectief kunnen bestrijden. In dit artikel ligt de focus bij de vraag in hoeverre deze PIMS de machtsongelijkheid tussen betrokkenen en grote organisaties daadwerkelijk kunnen bestrijden, die als gevolg van de huidige gegevensverwerkingspraktijk zijn ontstaan. PIMS kunnen enig inzicht in en controle over gegevensverwerking bieden, maar desondanks zal de machtsongelijkheid grotendeels blijven voortbestaan.
Giannopoulou, A.
Putting Data Protection by Design on the Blockchain Journal Article
In: European Data Protection Law Review, vol. 7, no. 3, pp. 388-399, 2021.
@article{Giannopoulou2021,
title = {Putting Data Protection by Design on the Blockchain},
author = {Giannopoulou, A.},
doi = {10.21552/edpl/2021/3/7},
year = {2021},
date = {2021-10-22},
urldate = {2021-10-22},
journal = {European Data Protection Law Review},
volume = {7},
number = {3},
pages = {388-399},
abstract = {The principle of data protection by design, as it is enshrined in article 25 of the GDPR, is difficult to apply in blockchains. This article will assess how the reliance on asymmetric encryption and other privacy enhancing technological architectures -necessary in a blockchain-based system- approach both user control and data protection by design compliance from the single scope of anonymization and unlinkability. Data subjects’ rights, accountability, and the potential shortcomings of applied technological constraints are thus sidelined. Ultimately, this limited understanding of technological privacy, acts as a misguiding set of principles for technological co-regulation through standardisation in blockchains. The standardization of these choices without a holistic analysis of data protection by design imperatives could ultimately weaken the position of data subjects, whose trust in the technological protections of personal data might prove to be relatively misplaced.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
The principle of data protection by design, as it is enshrined in article 25 of the GDPR, is difficult to apply in blockchains. This article will assess how the reliance on asymmetric encryption and other privacy enhancing technological architectures -necessary in a blockchain-based system- approach both user control and data protection by design compliance from the single scope of anonymization and unlinkability. Data subjects’ rights, accountability, and the potential shortcomings of applied technological constraints are thus sidelined. Ultimately, this limited understanding of technological privacy, acts as a misguiding set of principles for technological co-regulation through standardisation in blockchains. The standardization of these choices without a holistic analysis of data protection by design imperatives could ultimately weaken the position of data subjects, whose trust in the technological protections of personal data might prove to be relatively misplaced.
Appelman, N.; Quintais, J.; Fahy, R.
Verfassungsblog, (Ed.): Verfassungsblog 2021.
@online{Appelman2021,
title = {Using Terms and Conditions to apply Fundamental Rights to Content Moderation: Is Article 12 DSA a Paper Tiger?},
author = {Appelman, N. and Quintais, J. and Fahy, R.},
editor = {Verfassungsblog},
url = {https://verfassungsblog.de/power-dsa-dma-06/},
doi = {10.17176/20210901-233103-0.},
year = {2021},
date = {2021-09-01},
organization = {Verfassungsblog},
keywords = {},
pubstate = {published},
tppubtype = {online}
}
Helberger, N.; Dobber, T.; Vreese, C.H. de
Towards Unfair Political Practices Law: Learning lessons from the regulation of unfair commercial practices for online political advertising Journal Article
In: JIPITEC, vol. 12, no. 3, pp. 273-296, 2021.
@article{Helberger2021bb,
title = {Towards Unfair Political Practices Law: Learning lessons from the regulation of unfair commercial practices for online political advertising},
author = {Helberger, N. and Dobber, T. and Vreese, C.H. de},
url = {https://www.jipitec.eu/issues/jipitec-12-3-2021/5338},
year = {2021},
date = {2021-08-26},
journal = {JIPITEC},
volume = {12},
number = {3},
pages = {273-296},
abstract = {Online political advertising operates in a tense forcefield between political and commercial elements and thus presents regulators with a difficult conundrum: because online political advertising is political rather than commercial speech, it is destined to follow a different regulatory tradition than commercial advertising. And yet many of the tools used, players involved and concerns triggered by modern online political advertising strategies very much resemble the tools, players and concerns in online commercial targeting. Commercial advertising is subject to consumer law and unfair advertising regulation, including rules about unfair commercial practices. Unfair commercial practices law and other rules about commercial advertising, however, are explicitly not applicable to forms of non-commercial political or ideological advertising. An important reason why this is so is the different level of protection of political and commercial speech under fundamental rights law standards. And yet with the ongoing commercial turn in advertising, the traditional division between forms of commercial and political advertising is no longer that self-evident. Also, it cannot be denied that commercial advertising law has a long tradition of thinking of where and how to draw the line between lawful advertising and unlawful persuasion through withholding or misleading consumers about the information they need to take informed decisions, or abusing superior knowledge, exerting undue psychological pressure and engaging in other forms of unfair behaviour. The question this article explores is whether there are lessons to be learned from the regulation of commercial advertising for the pending initiatives at the national and the European level to regulate online political advertising, and online political targeting in specific.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Online political advertising operates in a tense forcefield between political and commercial elements and thus presents regulators with a difficult conundrum: because online political advertising is political rather than commercial speech, it is destined to follow a different regulatory tradition than commercial advertising. And yet many of the tools used, players involved and concerns triggered by modern online political advertising strategies very much resemble the tools, players and concerns in online commercial targeting. Commercial advertising is subject to consumer law and unfair advertising regulation, including rules about unfair commercial practices. Unfair commercial practices law and other rules about commercial advertising, however, are explicitly not applicable to forms of non-commercial political or ideological advertising. An important reason why this is so is the different level of protection of political and commercial speech under fundamental rights law standards. And yet with the ongoing commercial turn in advertising, the traditional division between forms of commercial and political advertising is no longer that self-evident. Also, it cannot be denied that commercial advertising law has a long tradition of thinking of where and how to draw the line between lawful advertising and unlawful persuasion through withholding or misleading consumers about the information they need to take informed decisions, or abusing superior knowledge, exerting undue psychological pressure and engaging in other forms of unfair behaviour. The question this article explores is whether there are lessons to be learned from the regulation of commercial advertising for the pending initiatives at the national and the European level to regulate online political advertising, and online political targeting in specific.
van Eechoud, M.; Ausloos, J.; Loos, M.; Mak, C.; Reinhartz, B.; Schumacher, L.D.; Pol, L.
Data na de dood - juridische aspecten van digitale nalatenschappen Technical Report
2021, (Onderzoek in opdracht van het Ministerie van Binnenlandse Zaken en Koninkrijksrelaties, April 2021, Bijlage bij Kamerstuk 2020-2021, 30696 nr. 52.
Auteurs: M.M.M. van Eechoud, J. Ausloos, M. Loos, C. Mak, B. Reinhartz, L. Schumacher & L. Pol.).
@techreport{vanEechoud2021bb,
title = {Data na de dood - juridische aspecten van digitale nalatenschappen},
author = {van Eechoud, M. and Ausloos, J. and Loos, M. and Mak, C. and Reinhartz, B. and Schumacher, L.D. and Pol, L. },
url = {https://www.ivir.nl/publicaties/download/Data-na-de-dood.pdf
https://www.ivir.nl/publicaties/download/Datanadedood_summary.pdf
https://www.sectorplandls.nl/wordpress/news/data-after-death-legal-aspects-of-digital-inheritances/},
year = {2021},
date = {2021-07-08},
urldate = {2021-07-08},
abstract = {Jaarlijks overlijden ruim 150.000 mensen en worden er dus ook ongeveer evenveel nalatenschappen afgewikkeld. Vrijwel zonder uitzondering laten overledenen digitale ‘bezittingen’ achter, zoals sociale media-accounts, e-mails, documenten opgeslagen in de cloud en (gebruiksrechten op) allerlei media en entertainment. De vraag is of het huidige Nederlandse wettelijk kader voldoende handvatten biedt om de bij afwikkeling van digitale nalatenschappen gemoeide private en publieke belangen te behartigen. De centrale onderzoeksvraag van deze studie is: Welke eventuele aanpassingen van het Nederlandse wettelijke kader zijn wenselijk met het oog op de adequate bescherming van private en publieke belangen gemoeid met het regelen en afwikkelen van digitale nalatenschappen?
Voor de beantwoording van deze vraag is om te beginnen een analyse gedaan van het beleid van aanbieders van veelgebruikte informatiediensten rond overlijden, en van de relevante voorwaarden die zij hanteren. Bronnen voor de analyse zijn gebruikersovereenkomsten, algemene voorwaarden, privacy policies en andere (openbare) documenten zoals FAQ’s. Informatiediensten aanbieders zijn onderscheiden in digitale mediadiensten (commercieel aanbod zoals streaming video of -muziek), communicatiediensten (waaronder sociale media en berichtendiensten) en ICT-diensten (o.a. cloudopslag en digitale kluizen). Vervolgens is het relevante wettelijke kader beschreven en zijn onduidelijkheden daarin ge\"{i}dentificeerd. Naast het erfrecht, betreft dit het overeenkomstenrecht en dan in het bijzonder consumentenrecht, intellectuele eigendomsrechten (met name auteursrecht), persoonlijkheidsrechten en gegevensbeschermingsrecht (Algemene Verordening Gegevensbescherming). Ook het algemene vermogensrecht is van belang, voor zover betrekking hebbend op de vraag welk digitaal ‘bezit’ in de nalatenschap valt. Tot slot is met het oog op het formuleren van oplossingsrichtingen, naar een selectie van wetgeving in andere landen gekeken.},
note = {Onderzoek in opdracht van het Ministerie van Binnenlandse Zaken en Koninkrijksrelaties, April 2021, Bijlage bij Kamerstuk 2020-2021, 30696 nr. 52.
Auteurs: M.M.M. van Eechoud, J. Ausloos, M. Loos, C. Mak, B. Reinhartz, L. Schumacher \& L. Pol.},
keywords = {},
pubstate = {published},
tppubtype = {techreport}
}
Jaarlijks overlijden ruim 150.000 mensen en worden er dus ook ongeveer evenveel nalatenschappen afgewikkeld. Vrijwel zonder uitzondering laten overledenen digitale ‘bezittingen’ achter, zoals sociale media-accounts, e-mails, documenten opgeslagen in de cloud en (gebruiksrechten op) allerlei media en entertainment. De vraag is of het huidige Nederlandse wettelijk kader voldoende handvatten biedt om de bij afwikkeling van digitale nalatenschappen gemoeide private en publieke belangen te behartigen. De centrale onderzoeksvraag van deze studie is: Welke eventuele aanpassingen van het Nederlandse wettelijke kader zijn wenselijk met het oog op de adequate bescherming van private en publieke belangen gemoeid met het regelen en afwikkelen van digitale nalatenschappen?
Voor de beantwoording van deze vraag is om te beginnen een analyse gedaan van het beleid van aanbieders van veelgebruikte informatiediensten rond overlijden, en van de relevante voorwaarden die zij hanteren. Bronnen voor de analyse zijn gebruikersovereenkomsten, algemene voorwaarden, privacy policies en andere (openbare) documenten zoals FAQ’s. Informatiediensten aanbieders zijn onderscheiden in digitale mediadiensten (commercieel aanbod zoals streaming video of -muziek), communicatiediensten (waaronder sociale media en berichtendiensten) en ICT-diensten (o.a. cloudopslag en digitale kluizen). Vervolgens is het relevante wettelijke kader beschreven en zijn onduidelijkheden daarin geïdentificeerd. Naast het erfrecht, betreft dit het overeenkomstenrecht en dan in het bijzonder consumentenrecht, intellectuele eigendomsrechten (met name auteursrecht), persoonlijkheidsrechten en gegevensbeschermingsrecht (Algemene Verordening Gegevensbescherming). Ook het algemene vermogensrecht is van belang, voor zover betrekking hebbend op de vraag welk digitaal ‘bezit’ in de nalatenschap valt. Tot slot is met het oog op het formuleren van oplossingsrichtingen, naar een selectie van wetgeving in andere landen gekeken.
Voor de beantwoording van deze vraag is om te beginnen een analyse gedaan van het beleid van aanbieders van veelgebruikte informatiediensten rond overlijden, en van de relevante voorwaarden die zij hanteren. Bronnen voor de analyse zijn gebruikersovereenkomsten, algemene voorwaarden, privacy policies en andere (openbare) documenten zoals FAQ’s. Informatiediensten aanbieders zijn onderscheiden in digitale mediadiensten (commercieel aanbod zoals streaming video of -muziek), communicatiediensten (waaronder sociale media en berichtendiensten) en ICT-diensten (o.a. cloudopslag en digitale kluizen). Vervolgens is het relevante wettelijke kader beschreven en zijn onduidelijkheden daarin geïdentificeerd. Naast het erfrecht, betreft dit het overeenkomstenrecht en dan in het bijzonder consumentenrecht, intellectuele eigendomsrechten (met name auteursrecht), persoonlijkheidsrechten en gegevensbeschermingsrecht (Algemene Verordening Gegevensbescherming). Ook het algemene vermogensrecht is van belang, voor zover betrekking hebbend op de vraag welk digitaal ‘bezit’ in de nalatenschap valt. Tot slot is met het oog op het formuleren van oplossingsrichtingen, naar een selectie van wetgeving in andere landen gekeken.
Sax, M.
Voorbij privacy: manipulatie is het échte probleem in gezondheidsapps Journal Article
In: Privacy & Informatie, no. 3, pp. 117-120, 2021.
@article{Sax2021b,
title = {Voorbij privacy: manipulatie is het \'{e}chte probleem in gezondheidsapps},
author = {Sax, M.},
url = {https://www.uitgeverijparis.nl/nl/reader/209785/1001582341},
year = {2021},
date = {2021-06-24},
journal = {Privacy \& Informatie},
number = {3},
pages = {117-120},
abstract = {Ze zijn enorm populair en zullen alleen nog maar populairder worden: gezondheidsapps. Er zijn populaire gezondheidsapps met tientallen tot soms honderden miljoenen gebruikers voor van alles en nog wat: dieetadviezen en calorie\"{e}ntellen (MyFitnessPal), meditatie en mindfulness (Headspace), het tracken en onderling vergelijken van sportactiviteiten (Strava), het tracken van je algehele bewegings- en gezondheidspatronen via een wearable (Fitbit), enzovoort. Hun huidige populariteit zal alleen nog maar toenemen, aangezien werkgevers en verzekeraars steeds nadrukkelijker het gebruik van gezondheidsapps aanprijzen. 1 Gezondheid is goed, meer gezondheid is beter. Geweldig toch, die alsmaar toenemende populariteit van gezondheidsapps?},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Ze zijn enorm populair en zullen alleen nog maar populairder worden: gezondheidsapps. Er zijn populaire gezondheidsapps met tientallen tot soms honderden miljoenen gebruikers voor van alles en nog wat: dieetadviezen en calorieëntellen (MyFitnessPal), meditatie en mindfulness (Headspace), het tracken en onderling vergelijken van sportactiviteiten (Strava), het tracken van je algehele bewegings- en gezondheidspatronen via een wearable (Fitbit), enzovoort. Hun huidige populariteit zal alleen nog maar toenemen, aangezien werkgevers en verzekeraars steeds nadrukkelijker het gebruik van gezondheidsapps aanprijzen. 1 Gezondheid is goed, meer gezondheid is beter. Geweldig toch, die alsmaar toenemende populariteit van gezondheidsapps?
van Hoboken, J.; Fahy, R.
Smartphone platforms as privacy regulators Journal Article
In: Computer Law & Security Review, vol. 41, 2021.
@article{vanHoboken2021b,
title = {Smartphone platforms as privacy regulators},
author = {van Hoboken, J. and Fahy, R.},
url = {https://www.ivir.nl/publicaties/download/Smartphone-platforms-as-privacy-regulators.pdf},
doi = {https://doi.org/10.1016/j.clsr.2021.105557},
year = {2021},
date = {2021-06-10},
journal = {Computer Law \& Security Review},
volume = {41},
abstract = {A series of recent developments highlight the increasingly important role of online platforms in impacting data privacy in today's digital economy. Revelations and parliamentary hearings about privacy violations in Facebook's app and service partner ecosystem, EU Court of Justice judgments on joint responsibility of platforms and platform users, and the rise of smartphone app ecosystems where app behaviour is governed by app distribution platforms and operating systems, all show that platform policies can make or break the enjoyment of privacy by users. In this article, we examine these developments and explore the question of what can and should be the role of platforms in protecting data privacy of their users.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
A series of recent developments highlight the increasingly important role of online platforms in impacting data privacy in today's digital economy. Revelations and parliamentary hearings about privacy violations in Facebook's app and service partner ecosystem, EU Court of Justice judgments on joint responsibility of platforms and platform users, and the rise of smartphone app ecosystems where app behaviour is governed by app distribution platforms and operating systems, all show that platform policies can make or break the enjoyment of privacy by users. In this article, we examine these developments and explore the question of what can and should be the role of platforms in protecting data privacy of their users.
van Hoboken, J.; Fahy, R.
Regulating Disinformation in Europe: Implications for Speech and Privacy Journal Article
In: UC Irvine Journal of International, Transnational, and Comparative Law, vol. 6, no. 1, pp. 9-36, 2021.
@article{vanHoboken2021,
title = {Regulating Disinformation in Europe: Implications for Speech and Privacy},
author = {van Hoboken, J. and Fahy, R.},
url = {https://www.ivir.nl/publicaties/download/Regulating-Disinformation-in-Europe.pdf},
year = {2021},
date = {2021-06-01},
journal = {UC Irvine Journal of International, Transnational, and Comparative Law},
volume = {6},
number = {1},
pages = {9-36},
abstract = {This Article examines the ongoing dynamics in the regulation of disinformation in Europe, focusing on the intersection between the right to
freedom of expression and the right to privacy. Importantly, there has been a recent wave of regulatory measures and other forms of pressure on online platforms to tackle disinformation in Europe. These measures play out in different ways at the intersection of the right to freedom of expression and the right to privacy. Crucially, as governments, journalists, and researchers seek greater transparency and access to information from online platforms to evaluate their impact on the health of their democracies, these measures raise acute issues related to user privacy. Indeed, platforms that once refused to cooperate with governments in identifying users allegedly responsible for disseminating illegal or harmful content are now expanding cooperation. However, while platforms are increasingly facilitating government access to user data, platforms are also invoking data protection law concerns as a shield in response to recent efforts at increased platform transparency. At
the same time, data protection law provides for one of the main systemic regulatory safeguards in Europe. It protects user autonomy concerning datadriven campaigns, requiring transparency for internet audiences about targeting and data subject rights in relation to audience platforms, such as social media companies.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
This Article examines the ongoing dynamics in the regulation of disinformation in Europe, focusing on the intersection between the right to
freedom of expression and the right to privacy. Importantly, there has been a recent wave of regulatory measures and other forms of pressure on online platforms to tackle disinformation in Europe. These measures play out in different ways at the intersection of the right to freedom of expression and the right to privacy. Crucially, as governments, journalists, and researchers seek greater transparency and access to information from online platforms to evaluate their impact on the health of their democracies, these measures raise acute issues related to user privacy. Indeed, platforms that once refused to cooperate with governments in identifying users allegedly responsible for disseminating illegal or harmful content are now expanding cooperation. However, while platforms are increasingly facilitating government access to user data, platforms are also invoking data protection law concerns as a shield in response to recent efforts at increased platform transparency. At
the same time, data protection law provides for one of the main systemic regulatory safeguards in Europe. It protects user autonomy concerning datadriven campaigns, requiring transparency for internet audiences about targeting and data subject rights in relation to audience platforms, such as social media companies.
freedom of expression and the right to privacy. Importantly, there has been a recent wave of regulatory measures and other forms of pressure on online platforms to tackle disinformation in Europe. These measures play out in different ways at the intersection of the right to freedom of expression and the right to privacy. Crucially, as governments, journalists, and researchers seek greater transparency and access to information from online platforms to evaluate their impact on the health of their democracies, these measures raise acute issues related to user privacy. Indeed, platforms that once refused to cooperate with governments in identifying users allegedly responsible for disseminating illegal or harmful content are now expanding cooperation. However, while platforms are increasingly facilitating government access to user data, platforms are also invoking data protection law concerns as a shield in response to recent efforts at increased platform transparency. At
the same time, data protection law provides for one of the main systemic regulatory safeguards in Europe. It protects user autonomy concerning datadriven campaigns, requiring transparency for internet audiences about targeting and data subject rights in relation to audience platforms, such as social media companies.
Quintais, J.; Appelman, N.; Fahy, R.
DSA Observatory 2021.
@online{Quintais2021f,
title = {Article 12 DSA: Will platforms be required to apply EU fundamental rights in content moderation decisions? },
author = {Quintais, J. and Appelman, N. and Fahy, R.},
url = {https://dsa-observatory.eu/2021/05/31/article-12-dsa-will-platforms-be-required-to-apply-eu-fundamental-rights-in-content-moderation-decisions/},
year = {2021},
date = {2021-05-31},
organization = {DSA Observatory},
keywords = {},
pubstate = {published},
tppubtype = {online}
}
Voorhoof, D.; McGonagle, T.
Freedom of expression, the Media and Journalists: Case-law of the Euopean Court of Human Rights Journal Article
In: 2021, ISBN: 9789287184351, (IRIS Themes, vol. III, 6th edition, April 2021).
@article{Voorhoof2021,
title = {Freedom of expression, the Media and Journalists: Case-law of the Euopean Court of Human Rights},
author = {Voorhoof, D. and McGonagle, T.},
url = {https://rm.coe.int/iris-themes-vol-iii-2020-edition-en-28-april-2021-/1680a24eee},
isbn = {9789287184351},
year = {2021},
date = {2021-05-06},
abstract = {This e-book provides valuable insights into the European Court of Human Rights’ extensive case-law on freedom of expression and media and journalistic freedoms. The first four editions of the e-book (2013, 2015, 2016, 2017 and 2020) have proved hugely successful. The new sixth edition summarises over 339 judgments or decisions by the Court and provides hyperlinks to the full text of each of the summarised judgments or decisions (via HUDOC, the Court's online case-law database). },
note = {IRIS Themes, vol. III, 6th edition, April 2021},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
This e-book provides valuable insights into the European Court of Human Rights’ extensive case-law on freedom of expression and media and journalistic freedoms. The first four editions of the e-book (2013, 2015, 2016, 2017 and 2020) have proved hugely successful. The new sixth edition summarises over 339 judgments or decisions by the Court and provides hyperlinks to the full text of each of the summarised judgments or decisions (via HUDOC, the Court's online case-law database).
Irion, K.
Formal meeting (oral evidence session): Digital trade and data Online
2021.
@online{Irion2021b,
title = {Formal meeting (oral evidence session): Digital trade and data},
author = {Irion, K.},
url = {https://committees.parliament.uk/event/3859/formal-meeting-oral-evidence-session/},
year = {2021},
date = {2021-03-12},
abstract = {Oral testimony on the UK House of Commons International Trade Committee. The Committee has launched an inquiry into digital trade and data. Digital trade refers to digitally enabled, or digitally delivered, trade in goods and services. Such trade involves the movement of data.
The Committee’s inquiry will explore a range of issues, including:
• Digital trade and data provisions in Free Trade Agreements
• Concerns around the security and privacy of data
• The environmental impact of digital trade
• Relevant legal frameworks},
keywords = {},
pubstate = {published},
tppubtype = {online}
}
Oral testimony on the UK House of Commons International Trade Committee. The Committee has launched an inquiry into digital trade and data. Digital trade refers to digitally enabled, or digitally delivered, trade in goods and services. Such trade involves the movement of data.
The Committee’s inquiry will explore a range of issues, including:
• Digital trade and data provisions in Free Trade Agreements
• Concerns around the security and privacy of data
• The environmental impact of digital trade
• Relevant legal frameworks
The Committee’s inquiry will explore a range of issues, including:
• Digital trade and data provisions in Free Trade Agreements
• Concerns around the security and privacy of data
• The environmental impact of digital trade
• Relevant legal frameworks
Dommering, E.
Annotatie bij Hof van Justitie EU 16 juli 2020 (Data Protection Commissioner / Facebook Ireland & Schrems)(Schrems II) Journal Article
In: Nederlandse Jurisprudentie, vol. 2021, no. 5/6, pp. 455-458, 2021.
@article{Dommering2021c,
title = {Annotatie bij Hof van Justitie EU 16 juli 2020 (Data Protection Commissioner / Facebook Ireland \& Schrems)(Schrems II)},
author = {Dommering, E.},
url = {https://www.ivir.nl/publicaties/download/Annotatie_NJ_2021_24.pdf},
year = {2021},
date = {2021-03-12},
journal = {Nederlandse Jurisprudentie},
volume = {2021},
number = {5/6},
pages = {455-458},
abstract = {Uitlevering persoonsgegevens Ierland/VS in strijd met de AVG omdat veiligheidsdiensten in VS ongecontroleerd toegang hebben tot serviceproviders die deze persoonsgegevens ontvangen.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Uitlevering persoonsgegevens Ierland/VS in strijd met de AVG omdat veiligheidsdiensten in VS ongecontroleerd toegang hebben tot serviceproviders die deze persoonsgegevens ontvangen.
Dommering, E.
Annotatie bij Hoge Raad 1 oktober 2019 (nr. 17/01305) Journal Article
In: Nederlandse Jurisprudentie, vol. 2021, no. 5/6, pp. 550-551, 2021.
@article{Dommering2021d,
title = {Annotatie bij Hoge Raad 1 oktober 2019 (nr. 17/01305)},
author = {Dommering, E.},
url = {https://www.ivir.nl/publicaties/download/Annotatie_NJ_2021_29.pdf},
year = {2021},
date = {2021-03-12},
journal = {Nederlandse Jurisprudentie},
volume = {2021},
number = {5/6},
pages = {550-551},
abstract = {Schending geheimhoudingsplicht lid Antilliaanse parlement.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Schending geheimhoudingsplicht lid Antilliaanse parlement.
Dommering, E.
Annotatie bij EHRM 8 oktober 2019 (Szurovecz / Hongarije) Journal Article
In: Nederlandse Jurisprudentie, vol. 2021, no. 4, pp. 230-231, 2021.
@article{Dommering2021b,
title = {Annotatie bij EHRM 8 oktober 2019 (Szurovecz / Hongarije)},
author = {Dommering, E.},
url = {https://www.ivir.nl/publicaties/download/Annotatie_NJ_2021_13.pdf},
year = {2021},
date = {2021-03-11},
journal = {Nederlandse Jurisprudentie},
volume = {2021},
number = {4},
pages = {230-231},
abstract = {Deze zaak gaat over de vrijheid van nieuwsgaring. Een journalist kreeg geen toegang tot vreemdelingencentra in Hongarije. Het EHRM achtte dat in de gegeven omstandigheden in strijd met artikel 10 EVRM. },
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Deze zaak gaat over de vrijheid van nieuwsgaring. Een journalist kreeg geen toegang tot vreemdelingencentra in Hongarije. Het EHRM achtte dat in de gegeven omstandigheden in strijd met artikel 10 EVRM.
Poort, J.; Zuiderveen Borgesius, F.
Personalised pricing: The demise of the fixed price? Journal Article
In: 2021, (Forthcoming as chapter 10 in: Kohl, U., & Eisler, J. (eds.), Data-Driven Personalisation in Markets, Politics and Law. Cambridge: Cambridge University Press, 2021.).
@article{Poort2021,
title = {Personalised pricing: The demise of the fixed price?},
author = {Poort, J. and Zuiderveen Borgesius, F.},
url = {https://www.ivir.nl/publicaties/download/The-Demise-of-the-Fixed-Price.pdf},
year = {2021},
date = {2021-03-04},
abstract = {An online seller or platform is technically able to offer every consumer a different price for the same product, based on information it has about the customers. Such online price discrimination exacerbates concerns regarding the fairness and morality of price discrimination, and the possible need for regulation. In this chapter, we discuss the underlying basis of price discrimination in economic theory, and its popular perception. Our surveys show that consumers are critical and suspicious of online price discrimination. A majority consider it unacceptable and unfair, and are in favour of a ban. When stores apply online price discrimination, most consumers think they should be informed about it. We argue that the General Data Protection Regulation (GDPR) applies to the most controversial forms of online price discrimination, and not only requires companies to disclose their use of price discrimination, but also requires companies to ask customers for their prior consent. Industry practice, however, does not show any adoption of these two principles.},
note = {Forthcoming as chapter 10 in: Kohl, U., \& Eisler, J. (eds.), Data-Driven Personalisation in Markets, Politics and Law. Cambridge: Cambridge University Press, 2021.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
An online seller or platform is technically able to offer every consumer a different price for the same product, based on information it has about the customers. Such online price discrimination exacerbates concerns regarding the fairness and morality of price discrimination, and the possible need for regulation. In this chapter, we discuss the underlying basis of price discrimination in economic theory, and its popular perception. Our surveys show that consumers are critical and suspicious of online price discrimination. A majority consider it unacceptable and unfair, and are in favour of a ban. When stores apply online price discrimination, most consumers think they should be informed about it. We argue that the General Data Protection Regulation (GDPR) applies to the most controversial forms of online price discrimination, and not only requires companies to disclose their use of price discrimination, but also requires companies to ask customers for their prior consent. Industry practice, however, does not show any adoption of these two principles.
Quintais, J.; Jutte, B.J.
The Pelham Chronicles: Sampling, Copyright and Fundamental Rights Journal Article
In: Journal of Intellectual Property Law & Practice, vol. 16, no. 3, pp. 213-225, 2021.
@article{QuintaisJutte2021,
title = {The Pelham Chronicles: Sampling, Copyright and Fundamental Rights},
author = {Quintais, J. and Jutte, B.J.},
url = {https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3775599},
doi = {https://doi.org/10.1093/jiplp/jpab040},
year = {2021},
date = {2021-02-18},
journal = {Journal of Intellectual Property Law \& Practice},
volume = {16},
number = {3},
pages = {213-225},
abstract = {On 29 July 2019 the Court of Justice of the European Union (CJEU or Court) rendered its long-awaited judgment in Pelham. This judgement was published together, but not jointly, with those on Spiegel Online and Funke Medien. A bit less than a year later, on 30 April 2020, the German Federal Court of Justice (Bundesgerichtshof or BGH), which had referred the cases to Luxembourg, rendered its judgments in all three cases. There are obvious parallels between these judgments, and their combined relevance for the interpretation of European copyright law in the light of EU fundamental rights cannot be understated.
This article focuses on Pelham, or the “Metall auf Metall” saga, as it is known in Germany. It analyses the relevant aspects and impact of Pelham in EU copyright law and examines how the BGH implemented the guidance provided by the CJEU. Where relevant, we draw the parallels to Funke Medien and Spiegel Online. Pelham gave the Court the opportunity to define the scope of the related right of reproduction of phonogram producers in art. 2(c) of Directive 2001/29/EC (InfoSoc Directive). The question whether such right enjoys the same scope of protection as the reproduction right for authorial works had made its way through the German courts for a remarkable two decades. This saga included a constitutional complaint, which in 2016 answered the question in the affirmative. The BGH’s preliminary reference to the CJEU was particularly important because on the back of the reproduction question it sought to clarify issues with fundamental rights implications, in particular the scope of the quotation right or defence and its application to musical creativity in the form of sampling.
This article proceeds as follows. After this introduction, we briefly revisit the Pelham saga in its journey through the German and European courts, providing he context to the underlying legal issues (2). We then turn to the interpretation of the scope of the reproduction and distribution rights for phonograms (3) before examining the CJEU’s assessment of the systematic nature of exceptions and limitations (E\&Ls) (4). We then discuss the wider implications of Pelham on the role of fundamental right in copyright law (5). We conclude with some doctrinal and practical observations on the wider implications of the “Metall auf Metall”-saga (6). },
keywords = {},
pubstate = {published},
tppubtype = {article}
}
On 29 July 2019 the Court of Justice of the European Union (CJEU or Court) rendered its long-awaited judgment in Pelham. This judgement was published together, but not jointly, with those on Spiegel Online and Funke Medien. A bit less than a year later, on 30 April 2020, the German Federal Court of Justice (Bundesgerichtshof or BGH), which had referred the cases to Luxembourg, rendered its judgments in all three cases. There are obvious parallels between these judgments, and their combined relevance for the interpretation of European copyright law in the light of EU fundamental rights cannot be understated.
This article focuses on Pelham, or the “Metall auf Metall” saga, as it is known in Germany. It analyses the relevant aspects and impact of Pelham in EU copyright law and examines how the BGH implemented the guidance provided by the CJEU. Where relevant, we draw the parallels to Funke Medien and Spiegel Online. Pelham gave the Court the opportunity to define the scope of the related right of reproduction of phonogram producers in art. 2(c) of Directive 2001/29/EC (InfoSoc Directive). The question whether such right enjoys the same scope of protection as the reproduction right for authorial works had made its way through the German courts for a remarkable two decades. This saga included a constitutional complaint, which in 2016 answered the question in the affirmative. The BGH’s preliminary reference to the CJEU was particularly important because on the back of the reproduction question it sought to clarify issues with fundamental rights implications, in particular the scope of the quotation right or defence and its application to musical creativity in the form of sampling.
This article proceeds as follows. After this introduction, we briefly revisit the Pelham saga in its journey through the German and European courts, providing he context to the underlying legal issues (2). We then turn to the interpretation of the scope of the reproduction and distribution rights for phonograms (3) before examining the CJEU’s assessment of the systematic nature of exceptions and limitations (E&Ls) (4). We then discuss the wider implications of Pelham on the role of fundamental right in copyright law (5). We conclude with some doctrinal and practical observations on the wider implications of the “Metall auf Metall”-saga (6).
Janssen, H.; Cobbe, J.; Norval, C.; Singh, J.
Decentralised Data Processing: Personal Data Stores and the GDPR Journal Article
In: International Data Privacy Law, vol. 10, no. 4, pp. 356-384, 2021.
@article{Janssen2021,
title = {Decentralised Data Processing: Personal Data Stores and the GDPR},
author = {Janssen, H. and Cobbe, J. and Norval, C. and Singh, J.},
url = {https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3570895
https://www.ivir.nl/publicaties/download/IDPL-2021-4.pdf},
doi = {https://doi.org/10.1093/idpl/ipaa016},
year = {2021},
date = {2021-01-04},
journal = {International Data Privacy Law},
volume = {10},
number = {4},
pages = {356-384},
abstract = {When it comes to online services, users have limited control over how their personal data is processed. This is partly due to the nature of the business models of those services, where data is typically stored and aggregated in data centres. This has recently led to the development of technologies aiming at leveraging user control over the processing of their personal data.
Personal Data Stores (“PDSs”) represent a class of these technologies; PDSs provide users with a device, enabling them to capture, aggregate and manage their personal data. The device provides tools for users to control and monitor access, sharing and computation over data on their device. The motivation for PDSs are described as (i) to assist users with their confidentiality and privacy concerns, and/or (ii) to provide opportunities for users to transact with or otherwise monetise their data.
While PDSs potentially might enable some degree of user empowerment, they raise interesting considerations and uncertainties in relation to the responsibilities under the General Data Protection Regulation (GDPR). More specifically, the designations of responsibilities among key parties involved in PDS ecosystems are unclear. Further, the technical architecture of PDSs appears to restrict certain lawful grounds for processing, while technical means to identify certain category data, as proposed by some, may remain theoretical.
We explore the considerations, uncertainties, and limitations of PDSs with respect to some key obligations under the GDPR. As PDS technologies continue to develop and proliferate, potentially providing an alternative to centralised approaches to data processing, we identify issues which require consideration by regulators, PDS platform providers and technologists.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
When it comes to online services, users have limited control over how their personal data is processed. This is partly due to the nature of the business models of those services, where data is typically stored and aggregated in data centres. This has recently led to the development of technologies aiming at leveraging user control over the processing of their personal data.
Personal Data Stores (“PDSs”) represent a class of these technologies; PDSs provide users with a device, enabling them to capture, aggregate and manage their personal data. The device provides tools for users to control and monitor access, sharing and computation over data on their device. The motivation for PDSs are described as (i) to assist users with their confidentiality and privacy concerns, and/or (ii) to provide opportunities for users to transact with or otherwise monetise their data.
While PDSs potentially might enable some degree of user empowerment, they raise interesting considerations and uncertainties in relation to the responsibilities under the General Data Protection Regulation (GDPR). More specifically, the designations of responsibilities among key parties involved in PDS ecosystems are unclear. Further, the technical architecture of PDSs appears to restrict certain lawful grounds for processing, while technical means to identify certain category data, as proposed by some, may remain theoretical.
We explore the considerations, uncertainties, and limitations of PDSs with respect to some key obligations under the GDPR. As PDS technologies continue to develop and proliferate, potentially providing an alternative to centralised approaches to data processing, we identify issues which require consideration by regulators, PDS platform providers and technologists.
Personal Data Stores (“PDSs”) represent a class of these technologies; PDSs provide users with a device, enabling them to capture, aggregate and manage their personal data. The device provides tools for users to control and monitor access, sharing and computation over data on their device. The motivation for PDSs are described as (i) to assist users with their confidentiality and privacy concerns, and/or (ii) to provide opportunities for users to transact with or otherwise monetise their data.
While PDSs potentially might enable some degree of user empowerment, they raise interesting considerations and uncertainties in relation to the responsibilities under the General Data Protection Regulation (GDPR). More specifically, the designations of responsibilities among key parties involved in PDS ecosystems are unclear. Further, the technical architecture of PDSs appears to restrict certain lawful grounds for processing, while technical means to identify certain category data, as proposed by some, may remain theoretical.
We explore the considerations, uncertainties, and limitations of PDSs with respect to some key obligations under the GDPR. As PDS technologies continue to develop and proliferate, potentially providing an alternative to centralised approaches to data processing, we identify issues which require consideration by regulators, PDS platform providers and technologists.
Janssen, H.; Cobbe, J.; Singh, J.
Personal Data Stores: a user-centric privacy utopia? Journal Article Forthcoming
In: Internet Policy Review, Forthcoming.
@article{Janssen2021b,
title = {Personal Data Stores: a user-centric privacy utopia?},
author = {Janssen, H. and Cobbe, J. and Singh, J.},
year = {2021},
date = {2021-01-04},
journal = {Internet Policy Review},
keywords = {},
pubstate = {forthcoming},
tppubtype = {article}
}
Ferrari, V.
Crosshatching Privacy: Financial Intermediaries’ Data Practices Between Law Enforcement and Data Economy Journal Article
In: European Data Protection Law Review, vol. 6, no. 4, pp. 522-535, 2020.
@article{Ferrari2020b,
title = {Crosshatching Privacy: Financial Intermediaries’ Data Practices Between Law Enforcement and Data Economy},
author = {Ferrari, V.},
url = {https://edpl.lexxion.eu/article/EDPL/2020/4/8
https://www.ivir.nl/publicaties/download/edpl_2020_04.pdf},
doi = {https://doi.org/10.21552/edpl/2020/4/8},
year = {2020},
date = {2020-12-22},
journal = {European Data Protection Law Review},
volume = {6},
number = {4},
pages = {522-535},
abstract = {Financial data are key to various law enforcement processes, including criminal investigations, anti-money laundering strategies and the implementation of national fiscal policies. However, financial data also qualify as personal data. While law enforcement objectives can derogate certain privacy-related legal safeguards, private financial firms should, in principle, comply with the privacy standards upheld by GDPR. Highlighting the most critical trends of the current financial industry (i.e. commercial exploitation of data; international dimension of financial informational networks; use of automated processing and decision-making tools), the present paper analyses how privacy and law enforcement priorities interplay in determining the governance of financial data. We conclude by recognizing that privacy loopholes exist in the current financial industry’s data practices, and that - as payments tend to be increasingly performed in digital manners, exponentially increasing the availability of financial data - privacy-enhancing payment methods should be encouraged and legitimised.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Financial data are key to various law enforcement processes, including criminal investigations, anti-money laundering strategies and the implementation of national fiscal policies. However, financial data also qualify as personal data. While law enforcement objectives can derogate certain privacy-related legal safeguards, private financial firms should, in principle, comply with the privacy standards upheld by GDPR. Highlighting the most critical trends of the current financial industry (i.e. commercial exploitation of data; international dimension of financial informational networks; use of automated processing and decision-making tools), the present paper analyses how privacy and law enforcement priorities interplay in determining the governance of financial data. We conclude by recognizing that privacy loopholes exist in the current financial industry’s data practices, and that - as payments tend to be increasingly performed in digital manners, exponentially increasing the availability of financial data - privacy-enhancing payment methods should be encouraged and legitimised.
van Hoboken, J.; Appelman, N.; van Duin, A.; Blom, T.; Zarouali, B.; Fahy, R.; Steel, M.; Stringhi, E.; Helberger, N.
WODC-onderzoek: Voorziening voor verzoeken tot snelle verwijdering van onrechtmatige online content Technical Report
2020.
@techreport{vanHoboken2020d,
title = {WODC-onderzoek: Voorziening voor verzoeken tot snelle verwijdering van onrechtmatige online content},
author = {van Hoboken, J. and Appelman, N. and van Duin, A. and Blom, T. and Zarouali, B. and Fahy, R. and Steel, M. and Stringhi, E. and Helberger, N.},
url = {https://www.ivir.nl/publicaties/download/WODC_voorziening_onrechtmatige_content.pdf},
year = {2020},
date = {2020-11-12},
abstract = {Dit onderzoek is uitgegeven als onderdeel van het speerpunt van de Minister voor Rechtsbescherming om de positie van slachtoffers van onrechtmatige uitingen op het internet te verbeteren. Aanleiding is dat het voor mensen als te moeilijk ervaren wordt om onrechtmatige online content snel verwijderd te krijgen. Dit rapport biedt inzicht in de juridische en praktische haalbaarheid van een voorziening voor de verwijdering van onrechtmatige online content die mensen persoonlijk raakt. Onrechtmatige content is informatie, door mensen op het internet geplaatst, die in strijd is met het recht, vanwege de schadelijke gevolgen ervan en/of omdat de belangen van anderen daardoor op ernstige wijze worden aangetast. Hierbij moet, bijvoorbeeld, gedacht worden aan bedreigingen, privacy-inbreuken of wraakporno. Het doel van de onderzochte voorziening is om mensen in staat te stellen deze onrechtmatige online content zo snel mogelijk te verwijderen. Het onderzoek focust op onrechtmatige online content die mensen in hun persoon raakt en daarmee onder het recht op priv\'{e}leven uit artikel 8 Europees Verdrag voor de Rechten van de Mens (“EVRM”) valt.},
keywords = {},
pubstate = {published},
tppubtype = {techreport}
}
Dit onderzoek is uitgegeven als onderdeel van het speerpunt van de Minister voor Rechtsbescherming om de positie van slachtoffers van onrechtmatige uitingen op het internet te verbeteren. Aanleiding is dat het voor mensen als te moeilijk ervaren wordt om onrechtmatige online content snel verwijderd te krijgen. Dit rapport biedt inzicht in de juridische en praktische haalbaarheid van een voorziening voor de verwijdering van onrechtmatige online content die mensen persoonlijk raakt. Onrechtmatige content is informatie, door mensen op het internet geplaatst, die in strijd is met het recht, vanwege de schadelijke gevolgen ervan en/of omdat de belangen van anderen daardoor op ernstige wijze worden aangetast. Hierbij moet, bijvoorbeeld, gedacht worden aan bedreigingen, privacy-inbreuken of wraakporno. Het doel van de onderzochte voorziening is om mensen in staat te stellen deze onrechtmatige online content zo snel mogelijk te verwijderen. Het onderzoek focust op onrechtmatige online content die mensen in hun persoon raakt en daarmee onder het recht op privéleven uit artikel 8 Europees Verdrag voor de Rechten van de Mens (“EVRM”) valt.
Dommering, E.
Annotatie bij Rb. Den Haag 5 februari 2020 (NJCM c.s. / Staat der Nederlanden - SyRI-wetgeving) Journal Article
In: Nederlandse Jurisprudentie, no. 45, pp. 6792-6795, 2020.
@article{Dommering2020i,
title = {Annotatie bij Rb. Den Haag 5 februari 2020 (NJCM c.s. / Staat der Nederlanden - SyRI-wetgeving)},
author = {Dommering, E.},
url = {https://www.ivir.nl/publicaties/download/Annotatie_NJ_2020_386.pdf},
year = {2020},
date = {2020-11-10},
journal = {Nederlandse Jurisprudentie},
number = {45},
pages = {6792-6795},
abstract = {De SyRI-wetgeving voldoet niet aan de in art. 8 lid 2 EVRM gestelde eis dat de inmenging in de uitoefening van het recht op respect voor het priv\'{e}leven noodzakelijk is in een democratische samenleving, dat wil zeggen noodzakelijk, evenredig (proportioneel) en subsidiair in relatie tot het beoogde doel.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
De SyRI-wetgeving voldoet niet aan de in art. 8 lid 2 EVRM gestelde eis dat de inmenging in de uitoefening van het recht op respect voor het privéleven noodzakelijk is in een democratische samenleving, dat wil zeggen noodzakelijk, evenredig (proportioneel) en subsidiair in relatie tot het beoogde doel.
Senftleben, M.; Angelopoulos, C.
2020, (Amsterdam: Institute for Information Law & Cambridge: Centre for Intellectual Property and Information Law).
@techreport{Senftleben2020e,
title = {The Odyssey of the Prohibition on General Monitoring Obligations on the Way to the Digital Services Act: Between Article 15 of the E-Commerce Directive and Article 17 of the Directive on Copyright in the Digital Single Market},
author = {Senftleben, M. and Angelopoulos, C.},
url = {https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3717022},
year = {2020},
date = {2020-10-29},
abstract = {EU law provides explicitly that intermediaries may not be obliged to monitor their service in a general manner in order to detect and prevent the illegal activity of their users. However, a misunderstanding of the difference between monitoring specific content and monitoring FOR specific content is a recurrent theme in the debate on intermediary liability and a central driver of the controversy surrounding it. Rightly understood, a prohibited general monitoring obligation arises whenever content \textendash no matter how specifically it is defined \textendash must be identified among the totality of the content on a platform. The moment platform content must be screened in its entirety, the monitoring obligation acquires an excessive, general nature. Against this background, a content moderation duty can only be deemed permissible if it is specific in respect of both the protected subject matter and potential infringers.
This requirement of 'double specificity' is of particular importance because it prevents encroachments upon fundamental rights. The jurisprudence of the Court of Justice of the European Union has shed light on the anchorage of the general monitoring ban in primary EU law, in particular the right to the protection of personal data, the freedom of expression and information, the freedom to conduct a business, and the free movement of goods and services in the internal market. Due to their higher rank in the norm hierarchy, these legal guarantees constitute common ground for the application of the general monitoring prohibition in secondary EU legislation, namely Article 15(1) of the E-Commerce Directive ('ECD') and Article 17(8) of the Directive on Copyright in the Digital Single Market ('CDSMD').
With regard to the Digital Services Act (‘DSA’), this result of the analysis implies that any further manifestation of the general monitoring ban in the DSA would have to be construed and applied \textendash in the light of applicable CJEU case law \textendash as a safeguard against encroachments upon the aforementioned fundamental rights and freedoms. If the final text of the DSA does not contain a reiteration of the prohibition of general monitoring obligations known from Article 15(1) ECD and Article 17(8) CDSMD, the regulation of internet service provider liability, duties of care and injunctions would still have to avoid inroads into the aforementioned fundamental rights and freedoms and observe the principle of proportionality. The double specificity requirement plays a central role in this respect.},
note = {Amsterdam: Institute for Information Law \& Cambridge: Centre for Intellectual Property and Information Law},
keywords = {},
pubstate = {published},
tppubtype = {techreport}
}
EU law provides explicitly that intermediaries may not be obliged to monitor their service in a general manner in order to detect and prevent the illegal activity of their users. However, a misunderstanding of the difference between monitoring specific content and monitoring FOR specific content is a recurrent theme in the debate on intermediary liability and a central driver of the controversy surrounding it. Rightly understood, a prohibited general monitoring obligation arises whenever content – no matter how specifically it is defined – must be identified among the totality of the content on a platform. The moment platform content must be screened in its entirety, the monitoring obligation acquires an excessive, general nature. Against this background, a content moderation duty can only be deemed permissible if it is specific in respect of both the protected subject matter and potential infringers.
This requirement of 'double specificity' is of particular importance because it prevents encroachments upon fundamental rights. The jurisprudence of the Court of Justice of the European Union has shed light on the anchorage of the general monitoring ban in primary EU law, in particular the right to the protection of personal data, the freedom of expression and information, the freedom to conduct a business, and the free movement of goods and services in the internal market. Due to their higher rank in the norm hierarchy, these legal guarantees constitute common ground for the application of the general monitoring prohibition in secondary EU legislation, namely Article 15(1) of the E-Commerce Directive ('ECD') and Article 17(8) of the Directive on Copyright in the Digital Single Market ('CDSMD').
With regard to the Digital Services Act (‘DSA’), this result of the analysis implies that any further manifestation of the general monitoring ban in the DSA would have to be construed and applied – in the light of applicable CJEU case law – as a safeguard against encroachments upon the aforementioned fundamental rights and freedoms. If the final text of the DSA does not contain a reiteration of the prohibition of general monitoring obligations known from Article 15(1) ECD and Article 17(8) CDSMD, the regulation of internet service provider liability, duties of care and injunctions would still have to avoid inroads into the aforementioned fundamental rights and freedoms and observe the principle of proportionality. The double specificity requirement plays a central role in this respect.
Senftleben, M.
Institutionalized Algorithmic Enforcement - The Pros and Cons of the EU Approach to UGC Platform Liability Journal Article
In: Florida International University Law Review, vol. 14, no. 2, pp. 299-328, 2020.
@article{Senftleben2020,
title = {Institutionalized Algorithmic Enforcement - The Pros and Cons of the EU Approach to UGC Platform Liability},
author = {Senftleben, M.},
url = {https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3565175
https://ecollections.law.fiu.edu/lawreview/vol14/iss2/11/},
doi = {10.25148/lawrev.14.2.11},
year = {2020},
date = {2020-10-20},
journal = {Florida International University Law Review},
volume = {14},
number = {2},
pages = {299-328},
abstract = {Algorithmic copyright enforcement \textendash the use of automated filtering tools to detect infringing content before it appears on the internet \textendash has a deep impact on the freedom of users to upload and share information. Instead of presuming that user-generated content ("UGC") does not amount to infringement unless copyright owners take action and provide proof, the default position of automated filtering systems is that every upload is suspicious and that copyright owners are entitled to ex ante control over the sharing of information online. If platform providers voluntarily introduce algorithmic enforcement measures, this may be seen as a private decision following from the freedom of companies to run their business as they wish. If, however, copyright legislation institutionalizes algorithmic enforcement and imposes a legal obligation on platform providers to employ automated filtering tools, the law itself transforms copyright into a censorship and filtering instrument. Nonetheless, the new EU Directive on Copyright in the Digital Single Market (“DSM Directive”) follows this path and requires the employment of automated filtering tools to ensure that unauthorized protected content does not populate UGC platforms. The new EU rules on UGC licensing and screening will inevitably lead to the adoption of algorithmic enforcement measures in practice. Without automated content control, UGC platforms will be unable to escape liability for infringing user uploads.
To provide a complete picture, however, it is important to also shed light on counterbalances which may distinguish this new, institutionalized form of algorithmic enforcement from known content filtering tools that have evolved as voluntary measures in the private sector. The DSM Directive underlines the necessity to safeguard user freedoms that support transformative, creative remixes and mash-ups of pre-existing content. This feature of the new legislation may offer important incentives to develop algorithmic tools that go beyond the mere identification of unauthorized takings from protected works. It has the potential to encourage content assessment mechanisms that factor the degree of transformative effort and user creativity into the equation. As a result, more balanced content filtering tools may emerge in the EU. Against this background, the analysis shows that the new EU legislation not only escalates the use of algorithmic enforcement measures that already commenced in the private sector years ago. If rightly implemented, it may also add an important nuance to existing content identification tools and alleviate the problems arising from reliance on automated filtering mechanisms.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Algorithmic copyright enforcement – the use of automated filtering tools to detect infringing content before it appears on the internet – has a deep impact on the freedom of users to upload and share information. Instead of presuming that user-generated content ("UGC") does not amount to infringement unless copyright owners take action and provide proof, the default position of automated filtering systems is that every upload is suspicious and that copyright owners are entitled to ex ante control over the sharing of information online. If platform providers voluntarily introduce algorithmic enforcement measures, this may be seen as a private decision following from the freedom of companies to run their business as they wish. If, however, copyright legislation institutionalizes algorithmic enforcement and imposes a legal obligation on platform providers to employ automated filtering tools, the law itself transforms copyright into a censorship and filtering instrument. Nonetheless, the new EU Directive on Copyright in the Digital Single Market (“DSM Directive”) follows this path and requires the employment of automated filtering tools to ensure that unauthorized protected content does not populate UGC platforms. The new EU rules on UGC licensing and screening will inevitably lead to the adoption of algorithmic enforcement measures in practice. Without automated content control, UGC platforms will be unable to escape liability for infringing user uploads.
To provide a complete picture, however, it is important to also shed light on counterbalances which may distinguish this new, institutionalized form of algorithmic enforcement from known content filtering tools that have evolved as voluntary measures in the private sector. The DSM Directive underlines the necessity to safeguard user freedoms that support transformative, creative remixes and mash-ups of pre-existing content. This feature of the new legislation may offer important incentives to develop algorithmic tools that go beyond the mere identification of unauthorized takings from protected works. It has the potential to encourage content assessment mechanisms that factor the degree of transformative effort and user creativity into the equation. As a result, more balanced content filtering tools may emerge in the EU. Against this background, the analysis shows that the new EU legislation not only escalates the use of algorithmic enforcement measures that already commenced in the private sector years ago. If rightly implemented, it may also add an important nuance to existing content identification tools and alleviate the problems arising from reliance on automated filtering mechanisms.
To provide a complete picture, however, it is important to also shed light on counterbalances which may distinguish this new, institutionalized form of algorithmic enforcement from known content filtering tools that have evolved as voluntary measures in the private sector. The DSM Directive underlines the necessity to safeguard user freedoms that support transformative, creative remixes and mash-ups of pre-existing content. This feature of the new legislation may offer important incentives to develop algorithmic tools that go beyond the mere identification of unauthorized takings from protected works. It has the potential to encourage content assessment mechanisms that factor the degree of transformative effort and user creativity into the equation. As a result, more balanced content filtering tools may emerge in the EU. Against this background, the analysis shows that the new EU legislation not only escalates the use of algorithmic enforcement measures that already commenced in the private sector years ago. If rightly implemented, it may also add an important nuance to existing content identification tools and alleviate the problems arising from reliance on automated filtering mechanisms.
Strycharz, J.; Ausloos, J.; Helberger, N.
Data Protection or Data Frustration? Individual perceptions and attitudes towards the GDPR Journal Article
In: European Data Protection Law Review, vol. 6, no. 3, pp. 407-421, 2020.
@article{Strycharz2020,
title = {Data Protection or Data Frustration? Individual perceptions and attitudes towards the GDPR},
author = {Strycharz, J. and Ausloos, J. and Helberger, N.},
url = {https://www.ivir.nl/publicaties/download/EDPLR_2020_3.pdf},
doi = {https://doi.org/10.21552/edpl/2020/3/10},
year = {2020},
date = {2020-10-13},
journal = {European Data Protection Law Review},
volume = {6},
number = {3},
pages = {407-421},
abstract = {Strengthening individual rights, enhancing control over one’s data and raising awareness were among the main aims the European Commission set for the General Data Protection Regulation (GDPR). In order to assess whether these aims have been met, research into individual perceptions, awareness, and understanding of the Regulation is necessary. This study thus examines individual reactions to the GDPR in order to provide insights into user agency in relation to the Regulation. More specifically, it discusses empirical data (survey with N = 1288) on individual knowledge of, reactions to, and rights exercised under the GDPR in the Netherlands. The results show high awareness of the GDPR and knowledge of individual rights. At the same time, the Dutch show substantial reactance to the Regulation and doubt the effectiveness of their individual rights. These findings point to several issues obstructing the GDPR’s effectiveness, and constitute useful signposts for policy-makers and enforcement agencies to prioritise their strategies in achieving the original aims of the Regulation.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Strengthening individual rights, enhancing control over one’s data and raising awareness were among the main aims the European Commission set for the General Data Protection Regulation (GDPR). In order to assess whether these aims have been met, research into individual perceptions, awareness, and understanding of the Regulation is necessary. This study thus examines individual reactions to the GDPR in order to provide insights into user agency in relation to the Regulation. More specifically, it discusses empirical data (survey with N = 1288) on individual knowledge of, reactions to, and rights exercised under the GDPR in the Netherlands. The results show high awareness of the GDPR and knowledge of individual rights. At the same time, the Dutch show substantial reactance to the Regulation and doubt the effectiveness of their individual rights. These findings point to several issues obstructing the GDPR’s effectiveness, and constitute useful signposts for policy-makers and enforcement agencies to prioritise their strategies in achieving the original aims of the Regulation.
Yakovleva, S.
Privacy and Data Protection in the EU- and US-led Post- WTO Free Trade Agreements Book Chapter
In: pp. 95-115, 2020, (Chapter in: Coherence and Divergence in Services Trade Law, ed. R.T. Hoffmann & M. Krajewski).
@inbook{Yakovleva2020e,
title = {Privacy and Data Protection in the EU- and US-led Post- WTO Free Trade Agreements},
author = {Yakovleva, S.},
url = {https://www.ivir.nl/publicaties/download/Yearbook_International_Economic_Law.pdf},
doi = {https://doi.org/10.1007/978-3-030-46955-9_5},
year = {2020},
date = {2020-10-08},
pages = {95-115},
series = {European Yearbook of International Economic Law},
abstract = {The chapter addresses privacy and data protection in FTAs. It takes stock of the evolution of provisions on privacy and data protection in the post-WTO FTAs and FTAs currently under negotiation relying on EU- and US-led FTAs as an empirical basis. The chapter evaluates the trends and patterns of the development of these provisions and provides an outlook for the upcoming negotiations on electronic commerce at the WTO. It highlights the evolution of provisions on privacy and personal data protection in general exceptions, financial and telecommunications chapters, chapters on electronic commerce and digital trade. After identifying trends in the design and wording of these provisions in the EU- and US-led FTAs the chapter concludes that both trading partners tend to prefer their own template for regional FTAs.},
note = {Chapter in: Coherence and Divergence in Services Trade Law, ed. R.T. Hoffmann \& M. Krajewski},
keywords = {},
pubstate = {published},
tppubtype = {inbook}
}
The chapter addresses privacy and data protection in FTAs. It takes stock of the evolution of provisions on privacy and data protection in the post-WTO FTAs and FTAs currently under negotiation relying on EU- and US-led FTAs as an empirical basis. The chapter evaluates the trends and patterns of the development of these provisions and provides an outlook for the upcoming negotiations on electronic commerce at the WTO. It highlights the evolution of provisions on privacy and personal data protection in general exceptions, financial and telecommunications chapters, chapters on electronic commerce and digital trade. After identifying trends in the design and wording of these provisions in the EU- and US-led FTAs the chapter concludes that both trading partners tend to prefer their own template for regional FTAs.
Yakovleva, S.
Personal Data Transfers in International Trade and EU Law: A Tale of Two ‘Necessities’ Journal Article
In: The Journal of World Investment & Trade, pp. 1-39, 2020.
@article{Yakovleva2020d,
title = {Personal Data Transfers in International Trade and EU Law: A Tale of Two ‘Necessities’},
author = {Yakovleva, S.},
url = {https://www.ivir.nl/publicaties/download/JWIT_2020.pdf},
year = {2020},
date = {2020-10-02},
journal = {The Journal of World Investment \& Trade},
pages = {1-39},
abstract = {Cross-border flows of personal data have become essential for international trade. EU law restricts transfers of personal data to a degree that is arguably beyond what is permitted under the EU’s WTO commitments. These restrictions may be justified under trade law’s ‘necessity test.’ The article suggests that they may not pass this test. Yet, from an EU law perspective, the right to the protection of personal data is a fundamental right. An international transfer of personal data constitutes a derogation from this right and, therefore, must be consistent with another necessity test, the ‘strict necessity’ test of the derogation clause of the EU Charter of Fundamental Rights. This article shows how a simultaneous application of the trade law and EU Charter ‘necessities’ to EU restrictions on transfers of personal data creates a Catch-22 situation and sketches the ways out of this compliance deadlock.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Cross-border flows of personal data have become essential for international trade. EU law restricts transfers of personal data to a degree that is arguably beyond what is permitted under the EU’s WTO commitments. These restrictions may be justified under trade law’s ‘necessity test.’ The article suggests that they may not pass this test. Yet, from an EU law perspective, the right to the protection of personal data is a fundamental right. An international transfer of personal data constitutes a derogation from this right and, therefore, must be consistent with another necessity test, the ‘strict necessity’ test of the derogation clause of the EU Charter of Fundamental Rights. This article shows how a simultaneous application of the trade law and EU Charter ‘necessities’ to EU restrictions on transfers of personal data creates a Catch-22 situation and sketches the ways out of this compliance deadlock.
Yakovleva, S.; Geursen, W.; Arnbak, A.
Kaleidoscopic data-related enforcement in the digital age Journal Article
In: Common Market Law Review, vol. 57, no. 5, pp. 1461-1494, 2020.
@article{Yakovleva2020c,
title = {Kaleidoscopic data-related enforcement in the digital age},
author = {Yakovleva, S. and Geursen, W. and Arnbak, A.},
url = {https://www.ivir.nl/publicaties/download/CMLR_2020.pdf},
year = {2020},
date = {2020-10-01},
journal = {Common Market Law Review},
volume = {57},
number = {5},
pages = {1461-1494},
abstract = {The interplay between competition, consumer and data protection law, when applied to data collection and processing practices, may lead to situations where several competent authorities can, independently, carry out enforcement actions against the same practice, or where an authority competent to carry out enforcement in one area of law can borrow the concepts of another area to advance its own goals. The authors call this “kaleidoscopic enforcement”. Kaleidoscopic enforcement may undermine existing coordination mechanisms within specif ic areas, and may lead to both the incoherent enforcement of EU rules applicable to data, and to sub-optimal enforcement. An EU level binding
inter-disciplinary coordination mechanism between competition, consumer and data protection authorities is needed. Now the Commission has announced ambitious plans to enhance the coherent application of EU law in several areas, it is the perfect time to work towards creating such an enforcement mechanism.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
The interplay between competition, consumer and data protection law, when applied to data collection and processing practices, may lead to situations where several competent authorities can, independently, carry out enforcement actions against the same practice, or where an authority competent to carry out enforcement in one area of law can borrow the concepts of another area to advance its own goals. The authors call this “kaleidoscopic enforcement”. Kaleidoscopic enforcement may undermine existing coordination mechanisms within specif ic areas, and may lead to both the incoherent enforcement of EU rules applicable to data, and to sub-optimal enforcement. An EU level binding
inter-disciplinary coordination mechanism between competition, consumer and data protection authorities is needed. Now the Commission has announced ambitious plans to enhance the coherent application of EU law in several areas, it is the perfect time to work towards creating such an enforcement mechanism.
inter-disciplinary coordination mechanism between competition, consumer and data protection authorities is needed. Now the Commission has announced ambitious plans to enhance the coherent application of EU law in several areas, it is the perfect time to work towards creating such an enforcement mechanism.
Helberger, N.; Huh, J.; Milne, G.; Strycharz, J.
Macro and Exogenous Factors in Computational Advertising: Key Issues and New Research Directions Journal Article
In: Journal of Advertising, vol. 49, no. 4, pp. 377-393, 2020.
@article{Helberger2020h,
title = {Macro and Exogenous Factors in Computational Advertising: Key Issues and New Research Directions},
author = {Helberger, N. and Huh, J. and Milne, G. and Strycharz, J.},
doi = {https://doi.org/10.1080/00913367.2020.1811179},
year = {2020},
date = {2020-09-11},
journal = {Journal of Advertising},
volume = {49},
number = {4},
pages = {377-393},
abstract = {To advance the emerging research field of computational advertising this article describes the new computational advertising ecosystem, identifies key actors within it and interactions among them, and discusses future research agendas. Specifically, we propose systematic conceptualization for the redefined advertising industry, consumers, government, and technology environmental factors, and discuss emerging and anticipated tensions that arise in the macro and exogenous factors surrounding the new computational advertising industry, leading to suggestions for future research directions. From multidisciplinary angles, areas of tension and related research questions are explored from advertising, business, computer science, and legal perspectives. The proposed research agendas include exploring transparency of computational advertising practice and consumer education; understanding the trade-off between explainability and performance of algorithms; exploring the issue of new consumers as free data laborers, data as commodity, and related consumer agency challenges; understanding the relationship between algorithmic transparency and consumers’ literacy; evaluating the trade-off between algorithmic fairness and privacy protection; examining legal and regulatory issues regarding power imbalance between actors in the computational advertising ecosystem; and studying the trade-off between technological innovation and consumer protection and empowerment.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
To advance the emerging research field of computational advertising this article describes the new computational advertising ecosystem, identifies key actors within it and interactions among them, and discusses future research agendas. Specifically, we propose systematic conceptualization for the redefined advertising industry, consumers, government, and technology environmental factors, and discuss emerging and anticipated tensions that arise in the macro and exogenous factors surrounding the new computational advertising industry, leading to suggestions for future research directions. From multidisciplinary angles, areas of tension and related research questions are explored from advertising, business, computer science, and legal perspectives. The proposed research agendas include exploring transparency of computational advertising practice and consumer education; understanding the trade-off between explainability and performance of algorithms; exploring the issue of new consumers as free data laborers, data as commodity, and related consumer agency challenges; understanding the relationship between algorithmic transparency and consumers’ literacy; evaluating the trade-off between algorithmic fairness and privacy protection; examining legal and regulatory issues regarding power imbalance between actors in the computational advertising ecosystem; and studying the trade-off between technological innovation and consumer protection and empowerment.