Privacy
| Dobber, T., Fahy, R., Zuiderveen Borgesius, F.
The regulation of online political micro-targeting in Europe Internet Policy Review, 8 (4), 2020. @article{Dobber2020,
title = {The regulation of online political micro-targeting in Europe}, author = {Dobber, T. and Fahy, R. and Zuiderveen Borgesius, F.}, url = {https://policyreview.info/articles/analysis/regulation-online-political-micro-targeting-europe}, doi = {10.14763/2019.4.1440}, year = {2020}, date = {2020-01-16}, journal = {Internet Policy Review}, volume = {8}, number = {4}, abstract = {In this paper, we examine how online political micro-targeting is regulated in Europe. While there are no specific rules on such micro-targeting, there are general rules that apply. We focus on three fields of law: data protection law, freedom of expression, and sector-specific rules for political advertising; for the latter we examine four countries. We argue that the rules in the General Data Protection Regulation (GDPR) are necessary, but not sufficient. We show that political advertising, including online political micro-targeting, is protected by the right to freedom of expression. That right is not absolute, however. From a European human rights perspective, it is possible for lawmakers to limit the possibilities for political advertising. Indeed, some countries ban TV advertising for political parties during elections.}, keywords = {}, pubstate = {published}, tppubtype = {article} } In this paper, we examine how online political micro-targeting is regulated in Europe. While there are no specific rules on such micro-targeting, there are general rules that apply. We focus on three fields of law: data protection law, freedom of expression, and sector-specific rules for political advertising; for the latter we examine four countries. We argue that the rules in the General Data Protection Regulation (GDPR) are necessary, but not sufficient. We show that political advertising, including online political micro-targeting, is protected by the right to freedom of expression. That right is not absolute, however. From a European human rights perspective, it is possible for lawmakers to limit the possibilities for political advertising. Indeed, some countries ban TV advertising for political parties during elections.
|
| Giannopoulou, A.
Access and Reuse of Machine-Generated Data for Scientific Research Erasmus Law Review, (2), pp. 155-165, 2019. @article{Giannopoulou2019bb,
title = {Access and Reuse of Machine-Generated Data for Scientific Research}, author = {Giannopoulou, A.}, url = {https://www.ivir.nl/publicaties/download/Erasmus_Law_Review_2019.pdf}, doi = {10.5553/ELR.000136}, year = {2019}, date = {2019-12-20}, journal = {Erasmus Law Review}, number = {2}, pages = {155-165}, abstract = {Data driven innovation holds the potential in transforming current business and knowledge discovery models. For this reason, data sharing has become one of the central points of interest for the European Commission towards the creation of a Digital Single Market. The value of automatically generated data, which are collected by Internet-connected objects (IoT), is increasing: from smart houses to wearables, machine-generated data hold significant potential for growth, learning, and problem solving. Facilitating researchers in order to provide access to these types of data implies not only the articulation of existing legal obstacles and of proposed legal solutions but also the understanding of the incentives that motivate the sharing of the data in question. What are the legal tools that researchers can use to gain access and reuse rights in the context of their research?}, keywords = {}, pubstate = {published}, tppubtype = {article} } Data driven innovation holds the potential in transforming current business and knowledge discovery models. For this reason, data sharing has become one of the central points of interest for the European Commission towards the creation of a Digital Single Market. The value of automatically generated data, which are collected by Internet-connected objects (IoT), is increasing: from smart houses to wearables, machine-generated data hold significant potential for growth, learning, and problem solving. Facilitating researchers in order to provide access to these types of data implies not only the articulation of existing legal obstacles and of proposed legal solutions but also the understanding of the incentives that motivate the sharing of the data in question. What are the legal tools that researchers can use to gain
access and reuse rights in the context of their research? |
| Fahy, R., van Hoboken, J.
European Regulation of Smartphone Ecosystems European Data Protection Law Review (EDPL), 5 (4), pp. 476-491, 2019. @article{Fahy2019eb,
title = {European Regulation of Smartphone Ecosystems}, author = {Fahy, R. and van Hoboken, J.}, url = {https://edpl.lexxion.eu/article/EDPL/2019/4/6}, doi = {https://doi.org/10.21552/edpl/2019/4/6}, year = {2019}, date = {2019-12-13}, journal = {European Data Protection Law Review (EDPL)}, volume = {5}, number = {4}, pages = {476-491}, abstract = {For the first time, two pieces of EU legislation will specifically target smartphone ecosystems in relation to smartphone and mobile software (eg, iOS and Android) privacy, and use and monetisation of data. And yet, both pieces of legislation approach data use and data monetisation from radically contrasting perspectives. The first is the proposed ePrivacy Regulation, which seeks to provide enhanced protection against user data monitoring and tracking in smartphones, and safeguard privacy in electronic communications. On the other hand, the recently enacted Platform-to-Business Regulation 2019, seeks to bring fairness to platform-business user relations (including app stores and app developers), and is crucially built upon the premise that the ability to access and use data, including personal data, can enable important value creation in the online platform economy. This article discusses how these two Regulations will apply to smartphone ecosystems, especially relating to user and device privacy. The article analyses the potential tension points between the two sets of rules, which result from the underlying policy objectives of safeguarding privacy in electronic communications and the functioning of the digital economy in the emerging era of platform governance. The article concludes with a discussion on how to address these issues, at the intersection of privacy and competition in the digital platform economy.}, keywords = {}, pubstate = {published}, tppubtype = {article} } For the first time, two pieces of EU legislation will specifically target smartphone ecosystems in relation to smartphone and mobile software (eg, iOS and Android) privacy, and use and monetisation of data. And yet, both pieces of legislation approach data use and data monetisation from radically contrasting perspectives. The first is the proposed ePrivacy Regulation, which seeks to provide enhanced protection against user data monitoring and tracking in smartphones, and safeguard privacy in electronic communications. On the other hand, the recently enacted Platform-to-Business Regulation 2019, seeks to bring fairness to platform-business user relations (including app stores and app developers), and is crucially built upon the premise that the ability to access and use data, including personal data, can enable important value creation in the online platform economy. This article discusses how these two Regulations will apply to smartphone ecosystems, especially relating to user and device privacy. The article analyses the potential tension points between the two sets of rules, which result from the underlying policy objectives of safeguarding privacy in electronic communications and the functioning of the digital economy in the emerging era of platform governance. The article concludes with a discussion on how to address these issues, at the intersection of privacy and competition in the digital platform economy.
|
| Fondazione Giacomo Brodolini, Irion, K.
Fundamental rights review of EU data collection instruments and programmes 2019, (Final report). @online{Brodolini2019,
title = {Fundamental rights review of EU data collection instruments and programmes}, author = {Fondazione Giacomo Brodolini and Irion, K. }, url = {http://www.fondazionebrodolini.it/sites/default/files/final_report_0.pdf}, year = {2019}, date = {2019-12-04}, abstract = {This report is the result of a Pilot Project requested by the European Parliament, managed by the Commission and carried out by a group of independent experts. The scope of the project was to establish and support an independent experts’ group to carry out a fundamental rights review of existing EU legislation and instruments in the Area of Freedom, Security and Justice (AFSJ) that involve the collection, retention, storage or transfer of personal data. One outcome of the project is a database of AFSJ legislation and instruments with individual fundamental rights assessments (at http://brodolini.mbs.it/). The final report concludes that that fundamental rights safeguards need to be more consistently considered and applied in the AFSJ. The conclusions highlight five broad issues for further consideration: ambiguous definitions and open terms; law enforcement access to migration databases; the expansion of centralised databases; data retention periods; and information rights and duties.}, note = {Final report}, keywords = {}, pubstate = {published}, tppubtype = {online} } This report is the result of a Pilot Project requested by the European Parliament, managed by the Commission and carried out by a group of independent experts. The scope of the project was to establish and support an independent experts’ group to carry out a fundamental rights review of existing EU legislation and instruments in the Area of Freedom, Security and Justice (AFSJ) that involve the collection, retention, storage or transfer of personal data. One outcome of the project is a database of AFSJ legislation and instruments with individual fundamental rights assessments (at http://brodolini.mbs.it/). The final report concludes that that fundamental rights safeguards need to be more consistently considered and applied in the AFSJ. The conclusions highlight five broad issues for further consideration: ambiguous definitions and open terms; law enforcement access to migration databases; the expansion of centralised databases; data retention periods; and information rights and duties.
|
| van Daalen, O.
Justitie toegang geven tot versleutelde chatberichten is geen goed idee Trouw, 2019, (Opinie). @article{vanDaalen2019b,
title = {Justitie toegang geven tot versleutelde chatberichten is geen goed idee}, author = {van Daalen, O.}, url = {https://www.trouw.nl/opinie/justitie-toegang-geven-tot-versleutelde-chatberichten-is-geen-goed-idee~bd398447/}, year = {2019}, date = {2019-11-08}, journal = {Trouw}, note = {Opinie}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Rucz, M.
Territorial scope of the “right to erasure” limited to the EU IRIS, 2019. @article{Rucz2019b,
title = {Territorial scope of the “right to erasure” limited to the EU}, author = {Rucz, M.}, url = {http://merlin.obs.coe.int/iris/2019/10/article3.en.html}, year = {2019}, date = {2019-10-22}, journal = {IRIS}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Mil, J. van
Annotatie bij Rb. Noord-Holland 23 mei 2019 Computerrecht, 2019 (4), pp. 267-273, 2019. @article{Mil2019c,
title = {Annotatie bij Rb. Noord-Holland 23 mei 2019 }, author = {Mil, J. van}, url = {https://www.ivir.nl/publicaties/download/Annotatie_CR_2019_4.pdf}, year = {2019}, date = {2019-09-19}, journal = {Computerrecht}, volume = {2019}, number = {4}, pages = {267-273}, abstract = {De rechtbank bakent de omvang van het inzagerecht af in overeenstemming met eerdere jurisprudentie, waarmee zij verwerkingsverantwoordelijke handvatten biedt voor die gevallen waarin zij zich geconfronteerd ziet met inzageverzoeken.}, keywords = {}, pubstate = {published}, tppubtype = {article} } De rechtbank bakent de omvang van het inzagerecht af in overeenstemming met eerdere jurisprudentie, waarmee zij verwerkingsverantwoordelijke handvatten biedt voor die gevallen waarin zij zich geconfronteerd ziet met inzageverzoeken.
|
| Kabel, J.
Het prinsesje op de erwt en de tovenaarsleerling Privacy & Informatie, 22 (3), pp. 89-90, 2019, (Redactioneel). @article{Kabel2019c,
title = {Het prinsesje op de erwt en de tovenaarsleerling}, author = {Kabel, J.}, url = {https://www.ivir.nl/publicaties/download/PI_2019_3.pdf}, year = {2019}, date = {2019-07-30}, journal = {Privacy & Informatie}, volume = {22}, number = {3}, pages = {89-90}, note = {Redactioneel}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Poort, J., Zuiderveen Borgesius, F.
Prijsdiscriminatie, privacy en publieke opinie Ars Aequi, 2019 , pp. 580-590, 2019. @article{Poort2019c,
title = {Prijsdiscriminatie, privacy en publieke opinie}, author = {Poort, J. and Zuiderveen Borgesius, F.}, year = {2019}, date = {2019-07-04}, journal = {Ars Aequi}, volume = {2019}, pages = {580-590}, abstract = {Webwinkels zijn technisch in staat om elke consument een andere prijs aan te bieden: online prijsdiscriminatie. Dit artikel bespreekt twee enqu\^{e}tes over dergelijke praktijken die zijn gehouden onder de Nederlandse bevolking en onderzoekt de implicaties van de Algemene Verordening Gegevensbescherming (AVG) voor online prijsdiscriminatie.}, keywords = {}, pubstate = {published}, tppubtype = {article} } Webwinkels zijn technisch in staat om elke consument een andere prijs aan te bieden: online prijsdiscriminatie. Dit artikel bespreekt twee enquêtes over dergelijke praktijken die zijn gehouden onder
de Nederlandse bevolking en onderzoekt de implicaties van de Algemene Verordening Gegevensbescherming (AVG) voor online prijsdiscriminatie. |
| Ryngaert, C.M.J., van Eijk, N.
International Data Privacy Law, 2019 (1), pp. 61-73, 2019. @article{Ryngaert2019,
title = {International cooperation by (European) security and intelligence services: reviewing the creation of a joint database in light of data protection guarantees}, author = {Ryngaert, C.M.J. and van Eijk, N.}, url = {https://www.ivir.nl/publicaties/download/IDPL_2019_1.pdf}, doi = {https://doi.org/10.1093/idpl/ipz001}, year = {2019}, date = {2019-04-09}, journal = {International Data Privacy Law}, volume = {2019}, number = {1}, pages = {61-73}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Dommering, E.
Annotatie bij EHRM 28 juni 2018 (M.L. en W.W. / Duitsland) Nederlandse Jurisprudentie, 2019 (12), pp. 1624-1626, 2019. @article{Dommering2019,
title = {Annotatie bij EHRM 28 juni 2018 (M.L. en W.W. / Duitsland)}, author = {Dommering, E.}, url = {https://www.ivir.nl/publicaties/download/Annotatie_NJ_2019_97.pdf}, year = {2019}, date = {2019-03-29}, journal = {Nederlandse Jurisprudentie}, volume = {2019}, number = {12}, pages = {1624-1626}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Bodó, B., Dobber, T., Fahy, R., Irion, K., Kruikemeier, S., Möller, J., Stapel, S., Vreese, C.H. de, Zuiderveen Borgesius, F.
Online politieke microtargeting: Een zegen of een vloek voor de democratie? Nederlands Juristenblad (NJB), 2019 (10), pp. 528-669, 2019. @article{Borgesius2019b,
title = {Online politieke microtargeting: Een zegen of een vloek voor de democratie?}, author = {Zuiderveen Borgesius, F. and M\"{o}ller, J. and Dobber, T. and Kruikemeier, S. and Irion, K. and Stapel, S. and Fahy, R. and Bod\'{o}, B. and Vreese, C.H. de}, url = {https://www.ivir.nl/publicaties/download/NJB_2019.pdf}, year = {2019}, date = {2019-03-19}, journal = {Nederlands Juristenblad (NJB)}, volume = {2019}, number = {10}, pages = {528-669}, abstract = {Voor online politieke microtargeting wordt het online-gedrag van mensen in kaart gebracht en worden de verzamelde gegevens gebruikt om mensen gerichte politieke advertenties te tonen. Microtargeting is vanuit de VS komen overwaaien naar Europa en heeft voor- en nadelen voor de democratie. Microtargeting kan politieke partijen helpen om mensen effectief te bereiken en kan politieke betrokkenheid stimuleren. Maar microtargeting kan ook een bedreiging vormen voor de democratie. Zo kan een politieke partij zich verschillend voordoen aan verschillende mensen. Bovendien bedreigt het verzamelen van persoonsgegevens onze privacy. Dit artikel brengt de beloftes en bedreigingen van microtargeting voor de democratie in kaart en schetst mogelijkheden voor beleidsmakers om het gebruik van microtargeting te reguleren.}, keywords = {}, pubstate = {published}, tppubtype = {article} } Voor online politieke microtargeting wordt het online-gedrag van mensen in kaart gebracht en worden de verzamelde gegevens gebruikt om mensen gerichte politieke advertenties te tonen. Microtargeting is vanuit de VS komen overwaaien naar Europa en heeft voor- en nadelen voor de democratie. Microtargeting kan politieke partijen helpen om mensen effectief te bereiken en kan politieke betrokkenheid stimuleren. Maar microtargeting kan ook een bedreiging vormen voor de democratie. Zo kan een politieke partij zich verschillend voordoen aan verschillende mensen. Bovendien bedreigt het verzamelen van persoonsgegevens onze privacy. Dit artikel brengt de beloftes en bedreigingen van microtargeting voor de democratie in kaart en schetst mogelijkheden voor beleidsmakers om het gebruik van microtargeting te reguleren.
|
| Hoofnagle, C.J., van der Sloot, B., Zuiderveen Borgesius, F.
The European Union General Data Protection Regulation: What It Is And What It Means Information & Communications Technology Law, 2019 , 2019. @article{Hoofnagle2018,
title = {The European Union General Data Protection Regulation: What It Is And What It Means}, author = {Hoofnagle, C.J. and van der Sloot, B. and Zuiderveen Borgesius, F.}, url = {https://www.tandfonline.com/doi/full/10.1080/13600834.2019.1573501}, year = {2019}, date = {2019-02-12}, journal = {Information & Communications Technology Law}, volume = {2019}, abstract = {This article introduces U.S. lawyers and academics to the normative foundations, attributes, and strategic approach to regulating personal data advanced by the European Union’s General Data Protection Regulation (“GDPR”). We explain the genesis of the GDPR, which is best understood as an extension and refinement of existing requirements imposed by the 1995 Data Protection Directive; describe the GDPR’s approach and provisions; and make predictions about the GDPR’s short and medium-term implications. The GDPR is the most consequential regulatory development in information policy in a generation. The GDPR brings personal data into a detailed and protective regulatory regime, which will influence personal data usage worldwide. Understood properly, the GDPR encourages firms to develop information governance frameworks, to in-house data use, and to keep humans in the loop in decision making. Companies with direct relationships with consumers have strategic advantages under the GDPR, compared to third party advertising firms on the internet. To reach these objectives, the GDPR uses big sticks, structural elements that make proving violations easier, but only a few carrots. The GDPR will complicate and restrain some information-intensive business models. But the GDPR will also enable approaches previously impossible under less-protective approaches.}, keywords = {}, pubstate = {published}, tppubtype = {article} } This article introduces U.S. lawyers and academics to the normative foundations, attributes, and strategic approach to regulating personal data advanced by the European Union’s General Data Protection Regulation (“GDPR”). We explain the genesis of the GDPR, which is best understood as an extension and refinement of existing requirements imposed by the 1995 Data Protection Directive; describe the GDPR’s approach and provisions; and make predictions about the GDPR’s short and medium-term implications. The GDPR is the most consequential regulatory development in information policy in a generation. The GDPR brings personal data into a detailed and protective regulatory regime, which will influence personal data usage worldwide. Understood properly, the GDPR encourages firms to develop information governance frameworks, to in-house data use, and to keep humans in the loop in decision making. Companies with direct relationships with consumers have strategic advantages under the GDPR, compared to third party advertising firms on the internet. To reach these objectives, the GDPR uses big sticks, structural elements that make proving violations easier, but only a few carrots. The GDPR will complicate and restrain some information-intensive business models. But the GDPR will also enable approaches previously impossible under less-protective approaches.
|
| Fahy, R., van Eijk, N., van Hoboken, J.
Mobile Privacy and Business-to-Platform Dependencies: An Analysis of SEC Disclosures Journal of Business & Technology Law , 14 (1), 2019. @article{Fahy2019e,
title = {Mobile Privacy and Business-to-Platform Dependencies: An Analysis of SEC Disclosures}, author = {Fahy, R. and van Hoboken, J. and van Eijk, N.}, url = {https://digitalcommons.law.umaryland.edu/jbtl/vol14/iss1/4/}, year = {2019}, date = {2019-02-06}, journal = {Journal of Business & Technology Law }, volume = {14}, number = {1}, abstract = {This Article systematically examines the dependence of mobile apps on mobile platforms for the collection and use of personal information through an analysis of Securities and Exchange Commission (SEC) filings of mobile app companies. The Article uses these disclosures to find systematic evidence of how app business models are shaped by the governance of user data by mobile platforms, in order to reflect on the role of platforms in privacy regulation more generally. The analysis of SEC filings documented in the Article produces new and unique insights into the data practices and data-related aspects of the business models of popular mobile apps and shows the value of SEC filings for privacy law and policy research more generally. The discussion of SEC filings and privacy builds on regulatory developments in SEC disclosures and cybersecurity of the last decade. The Article also connects to recent regulatory developments in the U.S. and Europe, including the General Data Protection Regulation, the proposals for a new ePrivacy Regulation and a Regulation of fairness in business-to-platform relations.}, keywords = {}, pubstate = {published}, tppubtype = {article} } This Article systematically examines the dependence of mobile apps on mobile platforms for the collection and use of personal information through an analysis of Securities and Exchange Commission (SEC) filings of mobile app companies. The Article uses these disclosures to find systematic evidence of how app business models are shaped by the governance of user data by mobile platforms, in order to reflect on the role of platforms in privacy regulation more generally. The analysis of SEC filings documented in the Article produces new and unique insights into the data practices and data-related aspects of the business models of popular mobile apps and shows the value of SEC filings for privacy law and policy research more generally. The discussion of SEC filings and privacy builds on regulatory developments in SEC disclosures and cybersecurity of the last decade. The Article also connects to recent regulatory developments in the U.S. and Europe, including the General Data Protection Regulation, the proposals for a new ePrivacy Regulation and a Regulation of fairness in business-to-platform relations.
|
| Irion, K., Oostveen, M.
The Golden Age of Personal Data: How to Regulate an Enabling Fundamental Right? In: Bakhoum M., Conde Gallego B., Mackenrodt MO., Surblytė-Namavičienė G. (eds) Personal Data in Competition, Consumer Protection and Intellectual Property Law. MPI Studies on Intellectual Property and Competition Law, vol 28. Springer, Berlin, Heidelberg, 2018. @inbook{Oostveen2018,
title = {The Golden Age of Personal Data: How to Regulate an Enabling Fundamental Right?}, author = {Oostveen, M. and Irion, K.}, url = {https://link.springer.com/chapter/10.1007/978-3-662-57646-5_2}, year = {2018}, date = {2018-11-20}, publisher = {In: Bakhoum M., Conde Gallego B., Mackenrodt MO., Surblyt\.{e}-Namavi\v{c}ien\.{e} G. (eds) Personal Data in Competition, Consumer Protection and Intellectual Property Law. MPI Studies on Intellectual Property and Competition Law, vol 28. Springer, Berlin, Heidelberg}, abstract = {New technologies, purposes and applications to process individuals’ personal data are being developed on a massive scale. But we have not only entered the ‘golden age of personal data’ in terms of its exploitation: ours is also the ‘golden age of personal data’ in terms of regulation of its use. Understood as an enabling right, the architecture of EU data protection law is capable of protecting against many of the negative short- and long-term effects of contemporary data processing. Against the backdrop of big data applications, we evaluate how the implementation of privacy and data protection rules protect against the short- and long-term effects of contemporary data processing. We conclude that from the perspective of protecting individual fundamental rights and freedoms, it would be worthwhile to explore alternative (legal) approaches instead of relying on EU data protection law alone to cope with contemporary data processing.}, keywords = {}, pubstate = {published}, tppubtype = {inbook} } New technologies, purposes and applications to process individuals’ personal data are being developed on a massive scale. But we have not only entered the ‘golden age of personal data’ in terms of its exploitation: ours is also the ‘golden age of personal data’ in terms of regulation of its use. Understood as an enabling right, the architecture of EU data protection law is capable of protecting against many of the negative short- and long-term effects of contemporary data processing. Against the backdrop of big data applications, we evaluate how the implementation of privacy and data protection rules protect against the short- and long-term effects of contemporary data processing. We conclude that from the perspective of protecting individual fundamental rights and freedoms, it would be worthwhile to explore alternative (legal) approaches instead of relying on EU data protection law alone to cope with contemporary data processing.
|
| Granger, M.-P., Irion, K.
The right to protection of personal data: the new posterchild of European Union citizenship? Edward Elgar Publishing, 2018, (See also: https://www.elgaronline.com/view/edcoll/9781788113434/9781788113434.xml). @inbook{Irion2018c,
title = {The right to protection of personal data: the new posterchild of European Union citizenship?}, author = {Irion, K. and Granger, M.-P.}, url = {https://www.ivir.nl/publicaties/download/The-right-to-protection-of-personal-data-prepub.pdf}, doi = {10.4337/9781788113441.00019}, year = {2018}, date = {2018-10-31}, publisher = {Edward Elgar Publishing}, abstract = {In this chapter we argue that the right to data protection is the posterchild of EU citizenship in the digital era. We start by providing a brief overview of the gradual construction of the right to personal data protection in the EU. We then identify a range of actors who have played a particular role in the building process, including EU citizens themselves. Next, we review the current legal ‘architecture’ of the right to the protection of personal data and discuss whether it could serve as a model for the future development of EU citizenship, notwithstanding remaining challenges at the level of national implementation and public and private compliance with EU rules. Finally, we reflect on the future of the right to data protection, and its contribution to the development of EU citizenship as a legal regime.}, note = {See also: https://www.elgaronline.com/view/edcoll/9781788113434/9781788113434.xml}, keywords = {}, pubstate = {published}, tppubtype = {inbook} } In this chapter we argue that the right to data protection is the posterchild of EU citizenship in the digital era. We start by providing a brief overview of the gradual construction of the right to personal data protection in the EU. We then identify a range of actors who have played a particular role in the building process, including EU citizens themselves. Next, we review the current legal ‘architecture’ of the right to the protection of personal data and discuss whether it could serve as a model for the future development of EU citizenship, notwithstanding remaining challenges at the level of national implementation and public and private compliance with EU rules. Finally, we reflect on the future of the right to data protection, and its contribution to the development of EU citizenship as a legal regime.
|
| van Daalen, O.
Het privacy-argument tegen de Dopamine Machine Privacy & Informatierecht, 2018 (2), pp. 39-41, 2018. @article{vanDaalen2018b,
title = {Het privacy-argument tegen de Dopamine Machine}, author = {van Daalen, O.}, url = {https://www.ivir.nl/publicaties/download/PrivacyInformatie_2018_2.pdf}, year = {2018}, date = {2018-10-12}, journal = {Privacy & Informatierecht}, volume = {2018}, number = {2}, pages = {39-41}, abstract = {De kinderen van Apple-baas Steve Jobs mochten geen iPad gebruiken. 1 Maar Jobs was niet de enige. Veel techies in Silicon Valley zijn zich bewust van de verslavende effecten van IT \textendash ze hebben de producten namelijk zelf ontwikkeld. En nu steeds meer spijtoptanten oproepen tot regulering van onlinediensten zoals Facebook, vraag ik me af: welke rol kan het privacyrecht daarbij spelen?}, keywords = {}, pubstate = {published}, tppubtype = {article} } De kinderen van Apple-baas Steve Jobs mochten geen iPad gebruiken. 1 Maar Jobs was niet de enige. Veel techies in Silicon Valley zijn zich bewust van de verslavende effecten van IT – ze hebben de producten namelijk zelf ontwikkeld. En nu steeds meer spijtoptanten oproepen tot regulering van onlinediensten zoals Facebook, vraag ik me af: welke rol kan het privacyrecht daarbij spelen?
|
| Dommering, E.
Annotatie bij Hof van Justitie EU 20 december 2017 (Nowak / Data Protection Commissioner) Nederlandse Jurisprudentie, 2018 (314), pp. 4793-4795, 2018. @article{Dommering2018j,
title = {Annotatie bij Hof van Justitie EU 20 december 2017 (Nowak / Data Protection Commissioner)}, author = {Dommering, E.}, url = {https://www.ivir.nl/publicaties/download/Annotatie_NJ_2018_314.pdf}, year = {2018}, date = {2018-09-13}, journal = {Nederlandse Jurisprudentie}, volume = {2018}, number = {314}, pages = {4793-4795}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Sax, M.
Privacy from an Ethical Perspective van der Sloot, B; De Groot, A (Ed.): The Handbook of Privacy Studies: An Interdisciplinary Introduction, Chapter 3, pp. 143-172, Amsterdam University Press, 2018, ISBN: 9789462988095. @inbook{Sax2018b,
title = {Privacy from an Ethical Perspective}, author = {Sax, M.}, editor = {van der Sloot, B. and De Groot, A.}, url = {https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3299047}, isbn = {9789462988095}, year = {2018}, date = {2018-08-31}, booktitle = {The Handbook of Privacy Studies: An Interdisciplinary Introduction}, pages = {143-172}, publisher = {Amsterdam University Press}, chapter = {3}, keywords = {}, pubstate = {published}, tppubtype = {inbook} } |
| van Eijk, N.
2018, visited: 06.08.2018. @online{vanEijk2018i,
title = {How Should Facebook and Other Companies Protect Privacy While Letting People Share Their Information Between Apps and Services?}, author = {van Eijk, N.}, url = {https://newsroom.fb.com/news/2018/08/guest-post-nico-van-eijk/}, year = {2018}, date = {2018-08-07}, urldate = {2018-08-06}, abstract = {Blogpost part of a series on data portability and interoperability.}, keywords = {}, pubstate = {published}, tppubtype = {online} } Blogpost part of a series on data portability and interoperability.
|
| Arnbak, A.
Maatschappelijk belang onderbelicht in nieuwe Europese privacyregels Het Financieele Dagblad, 2018 , 2018. @article{Arnbak2018h,
title = {Maatschappelijk belang onderbelicht in nieuwe Europese privacyregels}, author = {Arnbak, A.}, url = {https://axelarnbak.nl/2018/06/18/49e-fd-column-maatschappelijk-belang-onderbelicht-in-nieuwe-europese-privacyregels/}, year = {2018}, date = {2018-06-14}, journal = {Het Financieele Dagblad}, volume = {2018}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| van Eijk, N.
'Laat u niet opjagen door privacyophef' 2018, (Opinie in Het Parool, 17 mei 2018.). @article{vanEijk2018g,
title = {'Laat u niet opjagen door privacyophef'}, author = {van Eijk, N.}, url = {https://www.ivir.nl/publicaties/download/Opinie_Het_Parool_17mei2018.pdf}, year = {2018}, date = {2018-05-18}, abstract = {Alle opwinding over de nieuwe Europese privacyregels komt volgens Nico van Eijk neer op stemmingmakerij. Op 25 mei ziet hij bar weinig veranderen.}, note = {Opinie in Het Parool, 17 mei 2018.}, keywords = {}, pubstate = {published}, tppubtype = {article} } Alle opwinding over de nieuwe Europese privacyregels komt volgens Nico van Eijk neer op stemmingmakerij. Op 25 mei ziet hij bar weinig veranderen.
|
| van Eijk, N.
Sleep maker safarifilmpje voor de rechter 2018, (Opinie in De Volkskrant, 14 mei 2018.). @article{vanEijk2018h,
title = {Sleep maker safarifilmpje voor de rechter}, author = {van Eijk, N.}, url = {https://www.ivir.nl/publicaties/download/Opinie_Volkskrant_14mei2018.pdf}, year = {2018}, date = {2018-05-18}, note = {Opinie in De Volkskrant, 14 mei 2018.}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Arnbak, A.
Nieuwe privacregels AVG bieden kansen voor innovatieve data-analyse Het Financieele Dagblad, 2018 , 2018. @article{Arnbak2018g,
title = {Nieuwe privacregels AVG bieden kansen voor innovatieve data-analyse}, author = {Arnbak, A.}, url = {https://axelarnbak.nl/2018/05/17/48e-fd-column-nieuwe-privacyregels-avg-bieden-kansen-voor-innovatieve-data-analyse/}, year = {2018}, date = {2018-05-17}, journal = {Het Financieele Dagblad}, volume = {2018}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Ryngaert, C.M.J., van Eijk, N.
Expert Opinion: Legal basis for multilateral exchange of information 2018. @techreport{vanEijk2018f,
title = {Expert Opinion: Legal basis for multilateral exchange of information}, author = {van Eijk, N. and Ryngaert, C.M.J.}, url = {https://www.ivir.nl/publicaties/download/Expert_opinion_CTIVD.pdf}, year = {2018}, date = {2018-05-03}, abstract = {Appendix IV to CTIVD report no. 56 to the review report on the multilateral exchange of data on (alleged) jihadists by the AIVD}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } Appendix IV to CTIVD report no. 56 to the review report on the multilateral exchange of data on (alleged) jihadists by the AIVD
|
| Bol, N., Helberger, N., Weert, J.C.M.
Differences in mobile health app use: A source of new digital inequalities? The Information Society, 2018 (3), 2018. @article{Bol2018,
title = {Differences in mobile health app use: A source of new digital inequalities?}, author = {Bol, N. and Helberger, N. and Weert, J.C.M.}, url = {https://www.tandfonline.com/doi/full/10.1080/01972243.2018.1438550}, year = {2018}, date = {2018-05-01}, journal = {The Information Society}, volume = {2018}, number = {3}, abstract = {This article provides a more differentiated understanding of mobile health consumers, and considers whether health app use may contribute to new digital inequalities. It focuses on factors associated with mobile health app use, and identifies which factors explain the use of different types of health apps. Data from a large representative sample of the Dutch population (N = 1,079) show that mobile health app users were generally younger, higher educated, and had higher levels of e-health literacy skills than non-users. Interestingly, different usage patterns were found for specific types of health apps. Theory and policy implications are discussed.}, keywords = {}, pubstate = {published}, tppubtype = {article} } This article provides a more differentiated understanding of mobile health consumers, and considers whether health app use may contribute to new digital inequalities. It focuses on factors associated with mobile health app use, and identifies which factors explain the use of different types of health apps. Data from a large representative sample of the Dutch population (N = 1,079) show that mobile health app users were generally younger, higher educated, and had higher levels of e-health literacy skills than non-users. Interestingly, different usage patterns were found for specific types of health apps. Theory and policy implications are discussed.
|
| Dommering, E.
Annotatie bij EHRM 5 september 2017 (Barbulescu / Roemenië) Nederlandse Jurisprudentie, 2018 (15), pp. 2021-2023, 2018. @article{Dommering2018f,
title = {Annotatie bij EHRM 5 september 2017 (Barbulescu / Roemeni\"{e})}, author = {Dommering, E.}, url = {https://www.ivir.nl/publicaties/download/Annotatie_NJ_2018_137.pdf}, year = {2018}, date = {2018-04-17}, journal = {Nederlandse Jurisprudentie}, volume = {2018}, number = {15}, pages = {2021-2023}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Steenbruggen, W., Zuiderveen Borgesius, F.
2018 , 2018. @article{Borgesius2018b,
title = {The Right to Communications Confidentiality in Europe: Protecting Trust, Privacy, and Freedom of Expression}, author = {Zuiderveen Borgesius, F. and Steenbruggen, W.}, url = {https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3152014}, year = {2018}, date = {2018-04-06}, volume = {2018}, abstract = {In the European Union, the General Data Protection Regulation (GDPR) provides comprehensive rules for the processing of personal data. In addition, the EU lawmaker intends to adopt specific rules to protect confidentiality of communications, in a separate ePrivacy Regulation. Some have argued that there is no need for such additional rules for communications confidentiality. This paper discusses the protection of the right to confidentiality of communications in Europe. We look at the right’s origins as a fundamental right to assess the rationale for protecting the right. We also analyse how the right is currently protected under the European Convention on Human Rights and under EU law. We show that the right to communications confidentiality protects three values: trust in communication services, privacy, and freedom of expression. The right aims to ensure that individuals and businesses can safely entrust communication to service providers. Initially, the right protected only postal letters, but it has gradually developed into a strong safeguard for the protection of confidentiality of communications, regardless of the technology used. Hence, the right does not merely serve individual privacy interests, but also other interests that are crucial for the functioning of our information society. We conclude that separate EU rules to protect communications confidentiality, next to the GDPR, are justified and necessary to protect trust, privacy and freedom and expression.}, keywords = {}, pubstate = {published}, tppubtype = {article} } In the European Union, the General Data Protection Regulation (GDPR) provides comprehensive rules for the processing of personal data. In addition, the EU lawmaker intends to adopt specific rules to protect confidentiality of communications, in a separate ePrivacy Regulation. Some have argued that there is no need for such additional rules for communications confidentiality.
This paper discusses the protection of the right to confidentiality of communications in Europe. We look at the right’s origins as a fundamental right to assess the rationale for protecting the right. We also analyse how the right is currently protected under the European Convention on Human Rights and under EU law. We show that the right to communications confidentiality protects three values: trust in communication services, privacy, and freedom of expression. The right aims to ensure that individuals and businesses can safely entrust communication to service providers. Initially, the right protected only postal letters, but it has gradually developed into a strong safeguard for the protection of confidentiality of communications, regardless of the technology used. Hence, the right does not merely serve individual privacy interests, but also other interests that are crucial for the functioning of our information society. We conclude that separate EU rules to protect communications confidentiality, next to the GDPR, are justified and necessary to protect trust, privacy and freedom and expression. |
| Ryngaert, C.M.J., van Eijk, N.
Deskundigenbericht: Juridische grondslag multilaterale informatie-uitwisseling 2018 , 2018, (Bijlage IV bij CTIVD rapport nr. 56 over de multilaterale gegevensuitwisseling door de AIVD over (vermeende) jihadisten. Zie ook: https://www.ctivd.nl/actueel/nieuws/2018/03/28/index.). @article{vanEijk2018e,
title = {Deskundigenbericht: Juridische grondslag multilaterale informatie-uitwisseling}, author = {van Eijk, N. and Ryngaert, C.M.J.}, url = {https://www.ivir.nl/publicaties/download/Deskundigenbericht.pdf}, year = {2018}, date = {2018-04-03}, volume = {2018}, note = {Bijlage IV bij CTIVD rapport nr. 56 over de multilaterale gegevensuitwisseling door de AIVD over (vermeende) jihadisten. Zie ook: https://www.ctivd.nl/actueel/nieuws/2018/03/28/index.}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Dommering, E.
Annotatie bij Hof van Justitie EU 9 maart 2017 (Camera di Commercio / S. Manni) Nederlandse Jurisprudentie, 2018 (14), pp. 1796-1797, 2018. @article{Dommering2018e,
title = {Annotatie bij Hof van Justitie EU 9 maart 2017 (Camera di Commercio / S. Manni)}, author = {Dommering, E.}, url = {https://www.ivir.nl/publicaties/download/Annotatie_NJ_2018_124.pdf}, year = {2018}, date = {2018-04-03}, journal = {Nederlandse Jurisprudentie}, volume = {2018}, number = {14}, pages = {1796-1797}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Arnbak, A.
Machtspositie Nederland belangrijke drijfveer controversiële internettap Het Financieele Dagblad, 2018 , 2018, (Column 25 januari 2018). @article{Arnbak2018c,
title = {Machtspositie Nederland belangrijke drijfveer controversi\"{e}le internettap}, author = {Arnbak, A.}, url = {https://axelarnbak.nl/2018/01/26/44e-fd-column-machtspositie-nederland-belangrijke-drijfveer-voor-controversiele-internettap/}, year = {2018}, date = {2018-03-26}, journal = {Het Financieele Dagblad}, volume = {2018}, note = {Column 25 januari 2018}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Arnbak, A.
Het Financieele Dagblad, 2017 , 2018. @article{Arnbak2018d,
title = {Bewuste digitale keuze is voor gebruiker belangrijker dan ooit: Noodzakelijke internationale consensus over digitale innovatie steeds lastiger te realiseren}, author = {Arnbak, A.}, url = {https://axelarnbak.nl/2018/01/26/43e-fd-column-bewuste-digitale-keuze-is-voor-gebruiker-belangrijker-dan-ooit/}, year = {2018}, date = {2018-03-26}, journal = {Het Financieele Dagblad}, volume = {2017}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| van Daalen, O.
De zeven privacytrends van 2017 Mediaforum, 2018 (1), pp. 2-5, 2018. @article{vanDaalen2018,
title = {De zeven privacytrends van 2017}, author = {van Daalen, O.}, url = {https://www.ivir.nl/publicaties/download/Mediaforum_2018_1.pdf}, year = {2018}, date = {2018-03-22}, journal = {Mediaforum}, volume = {2018}, number = {1}, pages = {2-5}, abstract = {Het is drie jaar geleden dat Mediaforum een overzicht van tien privacytrends publiceerde. Toen was de Algemene Verordening Gegevensbescherming (AVG) nog niet aangenomen, lag Snowden nog fris in het geheugen en heette de Autoriteit Persoonsgegevens (AP) nog het College Bescherming Persoonsgegevens. Privacyrecht was ook toen al best belangrijk, maar de aandacht voor dit vakgebied is in de afgelopen jaren behoorlijk gegroeid. Dus laten we de vraag opnieuw stellen: wat is er de afgelopen tijd gebeurd op privacygebied, en vallen daarin grote lijnen te ontwaren?}, keywords = {}, pubstate = {published}, tppubtype = {article} } Het is drie jaar geleden dat Mediaforum een overzicht van tien privacytrends publiceerde. Toen was de Algemene Verordening Gegevensbescherming (AVG) nog niet aangenomen, lag Snowden nog fris in het geheugen en heette de Autoriteit Persoonsgegevens (AP) nog het College Bescherming Persoonsgegevens. Privacyrecht was ook toen al best belangrijk, maar de aandacht voor dit vakgebied is in de afgelopen jaren behoorlijk gegroeid. Dus laten we de vraag opnieuw stellen: wat is er de afgelopen tijd gebeurd op privacygebied, en vallen daarin grote lijnen te ontwaren?
|
| Dommering, E.
Annotatie bij EHRM 27 juni 2017 (Satakunnan Markkinapörssi Oy & Satamedia Oy / Finland) Nederlandse Jurisprudentie, 2018 (8), pp. 984-987, 2018. @article{Dommering2018c,
title = {Annotatie bij EHRM 27 juni 2017 (Satakunnan Markkinap\"{o}rssi Oy & Satamedia Oy / Finland)}, author = {Dommering, E.}, url = {https://www.ivir.nl/publicaties/download/Annotatie_NJ_2018_67.pdf}, year = {2018}, date = {2018-03-13}, journal = {Nederlandse Jurisprudentie}, volume = {2018}, number = {8}, pages = {984-987}, abstract = {In Finland mogen openbare fiscale inkomensgegevens niet onbeperkt worden gepubliceerd: er moet een afweging plaatsvinden welk algemeen belang daarmee is gediend. Deze afweging is vergelijkbaar met die voor algemene privacy inbreuken door de pers geldt. }, keywords = {}, pubstate = {published}, tppubtype = {article} } In Finland mogen openbare fiscale inkomensgegevens niet onbeperkt worden gepubliceerd: er moet een afweging plaatsvinden welk algemeen belang daarmee is gediend. Deze afweging is vergelijkbaar met die voor algemene privacy inbreuken door de pers geldt.
|
| Bodó, B., Dobber, T., Fahy, R., Irion, K., Kruikemeier, S., Möller, J., Vreese, C.H. de, Zuiderveen Borgesius, F.
Online Political Microtargeting: Promises and Threats for Democracy Utrecht Law Review, 14 (1), pp. 82-96, 2018. @article{Borgesius2018,
title = {Online Political Microtargeting: Promises and Threats for Democracy}, author = {Zuiderveen Borgesius, F. and M\"{o}ller, J. and Kruikemeier, S. and Fahy, R. and Irion, K. and Dobber, T. and Bod\'{o}, B. and Vreese, C.H. de}, url = {https://www.ivir.nl/publicaties/download/UtrechtLawReview.pdf}, year = {2018}, date = {2018-02-13}, journal = {Utrecht Law Review}, volume = {14}, number = {1}, pages = {82-96}, abstract = {Online political microtargeting involves monitoring people’s online behaviour, and using the collected data, sometimes enriched with other data, to show people-targeted political advertisements. Online political microtargeting is widely used in the US; Europe may not be far behind. This paper maps microtargeting’s promises and threats to democracy. For example, microtargeting promises to optimise the match between the electorate’s concerns and political campaigns, and to boost campaign engagement and political participation. But online microtargeting could also threaten democracy. For instance, a political party could, misleadingly, present itself as a different one-issue party to different individuals. And data collection for microtargeting raises privacy concerns. We sketch possibilities for policymakers if they seek to regulate online political microtargeting. We discuss which measures would be possible, while complying with the right to freedom of expression under the European Convention on Human Rights.}, keywords = {}, pubstate = {published}, tppubtype = {article} } Online political microtargeting involves monitoring people’s online behaviour, and using the collected data, sometimes enriched with other data, to show people-targeted political advertisements. Online political microtargeting is widely used in the US; Europe may not be far behind. This paper maps microtargeting’s promises and threats to democracy. For example, microtargeting promises to optimise the match between the electorate’s concerns and political campaigns, and to boost campaign engagement and political participation. But online microtargeting could also threaten democracy. For instance, a political party could, misleadingly, present itself as a different one-issue party to different individuals. And data collection for microtargeting raises privacy concerns. We sketch possibilities for policymakers if they seek to regulate online political microtargeting. We discuss which measures would be possible, while complying with the right to freedom of expression under the European Convention on Human Rights.
|
| Dommering, E.
De Intocht van Boniklasius in Dokkum, dertien eeuwen later Mediaforum, 2017 (7/8), pp. 217, 2018, (Opinie). @article{Dommering2018b,
title = {De Intocht van Boniklasius in Dokkum, dertien eeuwen later}, author = {Dommering, E.}, url = {https://www.ivir.nl/publicaties/download/Mediaforum_2017_7_8_opinie.pdf}, year = {2018}, date = {2018-02-13}, journal = {Mediaforum}, volume = {2017}, number = {7/8}, pages = {217}, note = {Opinie}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Brkan, M., Castets-Renard, C., Cole, M.D., Dommering, E., Forgo, N., Korff, D., Kosta, E., Ligeti, K., Mariottini, C.M., Metille, S., Mitrou, L., Pollicino, O., Pretschner, A., Robinson, G., Ryngaert, C., Spindler, G., Valcke, P., Van Calster, G., van Eijk, N., Weber, R., Zuiderveen Borgesius, F.
Brief of EU Data Protection and Privacy Scholars as Amici Curiae in Support of Respondent 2018. @article{Brkan2018,
title = {Brief of EU Data Protection and Privacy Scholars as Amici Curiae in Support of Respondent}, author = {Brkan, M. and Castets-Renard, C. and Cole, M.D. and Dommering, E. and Forgo, N. and Korff, D. and Kosta, E. and Ligeti, K. and Mariottini, C.M. and Metille, S. and Mitrou, L. and Pollicino, O. and Pretschner, A. and Robinson, G. and Ryngaert, C. and Spindler, G. and Valcke, P. and Van Calster, G. and van Eijk, N. and Weber, R. and Zuiderveen Borgesius, F.}, url = {https://www.ivir.nl/publicaties/download/amicusbrief_2018.pdf}, year = {2018}, date = {2018-01-18}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Dommering, E.
Annotatie bij EHRM 8 november 2016 (Bizottság / Hongarije) Nederlandse Jurisprudentie, 2017 (49/50), pp. 6574-6576, 2017. @article{Dommering2017i,
title = {Annotatie bij EHRM 8 november 2016 (Bizotts\'{a}g / Hongarije)}, author = {Dommering, E.}, url = {https://www.ivir.nl/publicaties/download/Annotatie_NJ_2017_431.pdf}, year = {2017}, date = {2017-12-19}, journal = {Nederlandse Jurisprudentie}, volume = {2017}, number = {49/50}, pages = {6574-6576}, abstract = {Het EHRM erkent onder voorwaarden dat er een recht op openbaarheid van bestuur uit artikel 10 is af te leiden.}, keywords = {}, pubstate = {published}, tppubtype = {article} } Het EHRM erkent onder voorwaarden dat er een recht op openbaarheid van bestuur uit artikel 10 is af te leiden.
|
| Poort, J., Zuiderveen Borgesius, F.
Online prijsdiscriminatie en de Algemene Verordening Gegevensbescherming pp. 55-62, 2017, (Hoofdstuk in: Big Data. Honderd jaar Juridische Faculteitsvereniging Grotius / N.P. van der Elst (ed.), 2017). @inbook{Borgesius2017f,
title = {Online prijsdiscriminatie en de Algemene Verordening Gegevensbescherming}, author = {Zuiderveen Borgesius, F. and Poort, J.}, url = {https://www.ivir.nl/publicaties/download/Prijsdiscriminatie.pdf}, year = {2017}, date = {2017-11-28}, pages = {55-62}, note = {Hoofdstuk in: Big Data. Honderd jaar Juridische Faculteitsvereniging Grotius / N.P. van der Elst (ed.), 2017}, keywords = {}, pubstate = {published}, tppubtype = {inbook} } |
| Dommering, E.
Annotatie bij Hof van Justitie EU 19 oktober 2016 (Breyer, C-2016/779) Nederlandse Jurisprudentie, 2017 (392), pp. 6020-6021, 2017. @article{Dommering2017b,
title = {Annotatie bij Hof van Justitie EU 19 oktober 2016 (Breyer, C-2016/779)}, author = {Dommering, E.}, url = {https://www.ivir.nl/publicaties/download/Annotatie_NJ_2017_392.pdf}, year = {2017}, date = {2017-11-14}, journal = {Nederlandse Jurisprudentie}, volume = {2017}, number = {392}, pages = {6020-6021}, abstract = {Is een 'dynamisch' IP adres een persoonsgegeven? Verzoek om een prejudici\"{e}le beslissing ingediend door het Bundesgerichtshof (hoogste federale rechter in burgerlijke en strafzaken, Duitsland) bij beslissing van 28 oktober 2014. Verwerking van persoonsgegevens. Begrip, persoonsgegevens’. Internetprotocoladressen. Bewaring door een aanbieder van onlinemediadiensten. Nationale regeling volgens welke geen rekening kan worden gehouden met het gerechtvaardigde belang van de voor de verwerking verantwoordelijke persoon.}, keywords = {}, pubstate = {published}, tppubtype = {article} } Is een 'dynamisch' IP adres een persoonsgegeven?
Verzoek om een prejudiciële beslissing ingediend door het Bundesgerichtshof (hoogste federale rechter in burgerlijke en strafzaken, Duitsland) bij beslissing van 28 oktober 2014. Verwerking van persoonsgegevens. Begrip, persoonsgegevens’. Internetprotocoladressen. Bewaring door een aanbieder van onlinemediadiensten. Nationale regeling volgens welke geen rekening kan worden gehouden met het gerechtvaardigde belang van de voor de verwerking verantwoordelijke persoon. |
| Yakovleva, S.
World Trade Review, 2018 , pp. 477-508, 2017. @article{Yakovleva2017b,
title = {Should Fundamental Rights to Privacy and Data Protection be a Part of the EU's International Trade "Deals"?}, author = {Yakovleva, S.}, url = {https://www.ivir.nl/publicaties/download/WTR_2018.pdf}, doi = {https://doi.org/10.1017/S1474745617000453}, year = {2017}, date = {2017-11-09}, journal = {World Trade Review}, volume = {2018}, pages = {477-508}, abstract = {This article discusses ways in which the General Agreement on Trade in Services (GATS) and post-GATS free trade agreements may limit the EU's ability to regulate privacy and personal data protection as fundamental rights. After discussing this issue in two dimensions \textendash the vertical relationship between trade and national and European Union (EU) law, and the horizontal relationship between trade and human rights law \textendash the author concludes that these limits are real and pose serious risks. Inspired by recent developments in safeguarding labour, and environmental standards and sustainable development, the article argues that privacy and personal data protection should be part of, and protected by, international trade deals made by the EU. The EU should negotiate future international trade agreements with the objective of allowing them to reflect the normative foundations of privacy and personal data protection. This article suggests a specific way to achieve this objective.}, keywords = {}, pubstate = {published}, tppubtype = {article} } This article discusses ways in which the General Agreement on Trade in Services (GATS) and post-GATS free trade agreements may limit the EU's ability to regulate privacy and personal data protection as fundamental rights. After discussing this issue in two dimensions – the vertical relationship between trade and national and European Union (EU) law, and the horizontal relationship between trade and human rights law – the author concludes that these limits are real and pose serious risks.
Inspired by recent developments in safeguarding labour, and environmental standards and sustainable development, the article argues that privacy and personal data protection should be part of, and protected by, international trade deals made by the EU. The EU should negotiate future international trade agreements with the objective of allowing them to reflect the normative foundations of privacy and personal data protection. This article suggests a specific way to achieve this objective. |
| Arnbak, A.
Het Financieele Dagblad, 2017 , 2017. @article{Arnbak2017b,
title = {Referendum 'sleepnetwet' voorbode digitale perikelen Rutte III: D66 zal achterban herhaaldelijk moeten teleurstellen rond digitale dossiers}, author = {Arnbak, A.}, url = {https://axelarnbak.nl/2017/11/02/41e-fd-column-referendum-sleepwet-voorbode-digitale-perikelen-rutte-iii/}, year = {2017}, date = {2017-11-02}, journal = {Het Financieele Dagblad}, volume = {2017}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| van Eijk, N.
About finding practical solutions (without the GDPR) European Data Protection Law Review, 2017 (3), pp. 310-312, 2017, (Foreword.). @article{vanEijk2017b,
title = {About finding practical solutions (without the GDPR)}, author = {van Eijk, N.}, url = {https://www.ivir.nl/publicaties/download/edpl_2017_03_foreword.pdf}, doi = {https://doi.org/10.21552/edpl/2017/3/5}, year = {2017}, date = {2017-10-19}, journal = {European Data Protection Law Review}, volume = {2017}, number = {3}, pages = {310-312}, note = {Foreword.}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Hoofnagle, C.J., Kannekens, E., van Eijk, N.
Unfair Commercial Practices: A Complementary Approach to Privacy Protection European Data Protection Law Review, 2017 (3), pp. 325-337, 2017. @article{vanEijk2017b,
title = {Unfair Commercial Practices: A Complementary Approach to Privacy Protection}, author = {van Eijk, N. and Hoofnagle, C.J. and Kannekens, E.}, url = {https://www.ivir.nl/publicaties/download/edpl_2017_03.pdf}, doi = {https://doi.org/10.21552/edpl/2017/3/7}, year = {2017}, date = {2017-10-19}, journal = {European Data Protection Law Review}, volume = {2017}, number = {3}, pages = {325-337}, abstract = {Millions of European internet users access online platforms where their personal data is being collected, processed, analysed or sold. The existence of some of the largest online platforms is entirely based on data driven business models. In the European Union, the protection of personal data is considered a fundamental right. Under Article 8(3) of the EU Charter of Fundamental Rights, compliance with data protection rules should be subject to control by an independent authority. In the EU, enforcement of privacy rules almost solely takes place by the national data protection authorities. They typically apply sector-specific rules, based on the EU Data Protection Directive. In the United States, the Federal Trade Commission is the primary enforcer of consumers’ (online) privacy interests. The agency’s competence is not based on the protection of fundamental rights, but on the basis that maintenance of a competitive, fair marketplace will provide the right choices for consumers to take. In this Article the US legal framework will be discussed and compared to the EU legal framework, which forms our finding that in the EU rules on unfair commercial practices could be enforced in a similar manner to protect people’s privacy. In the EU, the many frictions concerning the market/consumer-oriented use of personal data form a good reason to actually deal with these frictions in a market/consumer legal framework.}, keywords = {}, pubstate = {published}, tppubtype = {article} } Millions of European internet users access online platforms where their personal data is being collected, processed, analysed or sold. The existence of some of the largest online platforms is entirely based on data driven business models. In the European Union, the protection of personal data is considered a fundamental right. Under Article 8(3) of the EU Charter of Fundamental Rights, compliance with data protection rules should be subject to control by an independent authority. In the EU, enforcement of privacy rules almost solely takes place by the national data protection authorities. They typically apply sector-specific rules, based on the EU Data Protection Directive. In the United States, the Federal Trade Commission is the primary enforcer of consumers’ (online) privacy interests. The agency’s competence is not based on the protection of fundamental rights, but on the basis that maintenance of a competitive, fair marketplace will provide the right choices for consumers to take. In this Article the US legal framework will be discussed and compared to the EU legal framework, which forms our finding that in the EU rules on unfair commercial practices could be enforced in a similar manner to protect people’s privacy. In the EU, the many frictions concerning the market/consumer-oriented use of personal data form a good reason to actually deal with these frictions in a market/consumer legal framework.
|
| Boerman, S.C., Helberger, N., Kruikemeier, S., Zuiderveen Borgesius, F.
Tracking walls, take-it-or-leave-it choices, the GDPR, and the ePrivacy regulation European Data Protection Law Review, 2017 (3), pp. 353-368, 2017. @article{Borgesius2017b,
title = {Tracking walls, take-it-or-leave-it choices, the GDPR, and the ePrivacy regulation}, author = {Zuiderveen Borgesius, F. and Kruikemeier, S. and Boerman, S.C. and Helberger, N.}, url = {https://www.ivir.nl/publicaties/download/EDPL_2017_03.pdf}, doi = {https://doi.org/10.21552/edpl/2017/3/9}, year = {2017}, date = {2017-10-19}, journal = {European Data Protection Law Review}, volume = {2017}, number = {3}, pages = {353-368}, abstract = {On the internet, we encounter take-it-or-leave-it choices regarding our privacy on a daily basis. In Europe, online tracking for targeted advertising generally requires the internet users’ consent to be lawful. Some websites use a tracking wall, a barrier that visitors can only pass if they consent to tracking by third parties. When confronted with such a tracking wall, many people click ‘I agree’ to tracking. A survey that we conducted shows that most people find tracking walls unfair and unacceptable. We analyse under which conditions the ePrivacy Directive and the General Data Protection Regulation allow tracking walls. We provide a list of circumstances to assess when a tracking wall makes consent invalid. We also explore how the EU lawmaker could regulate tracking walls, for instance in the ePrivacy Regulation. It should be seriously considered to ban tracking walls, at least in certain circumstances.}, keywords = {}, pubstate = {published}, tppubtype = {article} } On the internet, we encounter take-it-or-leave-it choices regarding our privacy on a daily basis. In Europe, online tracking for targeted advertising generally requires the internet users’ consent to be lawful. Some websites use a tracking wall, a barrier that visitors can only pass if they consent to tracking by third parties. When confronted with such a tracking wall, many people click ‘I agree’ to tracking. A survey that we conducted shows that most people find tracking walls unfair and unacceptable. We analyse under which conditions the ePrivacy Directive and the General Data Protection Regulation allow tracking walls. We provide a list of circumstances to assess when a tracking wall makes consent invalid. We also explore how the EU lawmaker could regulate tracking walls, for instance in the ePrivacy Regulation. It should be seriously considered to ban tracking walls, at least in certain circumstances.
|
| Helberger, N., Reyna, A., Zuiderveen Borgesius, F.
The perfect match? A closer look at the relationship between EU consumer law and data protection law Common Market Law Review, 2017 (5), pp. 1427-1466, 2017. @article{Helberger2017b,
title = {The perfect match? A closer look at the relationship between EU consumer law and data protection law}, author = {Helberger, N. and Zuiderveen Borgesius, F. and Reyna, A. }, url = {https://www.ivir.nl/publicaties/download/CMLR_2017_5.pdf}, year = {2017}, date = {2017-10-06}, journal = {Common Market Law Review}, volume = {2017}, number = {5}, pages = {1427-1466}, abstract = {In modern markets, many companies offer so-called “free” services and monetize consumer data they collect through those services. This paper argues that consumer law and data protection law can usefully complement each other. Data protection law can also inform the interpretation of consumer law. Using consumer rights, consumers should be able to challenge excessive collection of their personal data. Consumer organizations have used consumer law to tackle data protection infringements. The interplay of data protection law and consumer protection law provides exciting opportunities for a more integrated vision on “data consumer law”.}, keywords = {}, pubstate = {published}, tppubtype = {article} } In modern markets, many companies offer so-called “free” services and monetize consumer data they collect through those services. This paper argues that consumer law and data protection law can usefully complement each other. Data protection law can also inform the interpretation of consumer law. Using consumer rights, consumers should be able to challenge excessive collection of their personal data. Consumer organizations have used consumer law to tackle data protection infringements. The interplay of data protection law and consumer protection law provides exciting opportunities for a more integrated vision on “data consumer law”.
|
| Arnbak, A.
Het Financieele Dagblad, 2017 , 2017. @article{Arnbak2017b,
title = {Ziekenhuizen en energiebedrijven gaan wellicht boeten voor beveiligingsfouten: Nieuwe IT-wet bedoeld om 'potenti\"{e}le maatschappelijke ontwrichting' te voorkomen}, author = {Arnbak, A.}, url = {https://axelarnbak.nl/2017/10/05/40e-fd-column-ziekenhuizen-en-energiebedrijven-gaan-wellicht-boeten-voor-beveiligingsfouten/}, year = {2017}, date = {2017-10-05}, journal = {Het Financieele Dagblad}, volume = {2017}, keywords = {}, pubstate = {published}, tppubtype = {article} } |
| Irion, K., Thompson, M., van Hoboken, J., Yakovleva, S.
A Roadmap to Enhancing User Control via Privacy Dashboards 2017, (Amsterdam / Hong Kong: IViR, 2017.). @techreport{Irion2017b,
title = {A Roadmap to Enhancing User Control via Privacy Dashboards}, author = {Irion, K. and Yakovleva, S. and van Hoboken, J. and Thompson, M.}, url = {https://www.ivir.nl/publicaties/download/PrivacyBridgesUserControls2017.pdf}, year = {2017}, date = {2017-09-26}, abstract = {This report presents and draws on multidisciplinary insights into what characterises effective user control over the collection and use of personal data. User controls arise from the interplay of a number of conditions. These are partly technical but also connected to different aspects of user behaviour, the intricacies of design, as well as the internal and external incentives in privacy governance that exist today. Our review of the state of research underscores that devising effective user controls require close collaboration between different disciplines, clear regulatory guidance and scientifically-backed assessments. }, note = {Amsterdam / Hong Kong: IViR, 2017.}, keywords = {}, pubstate = {published}, tppubtype = {techreport} } This report presents and draws on multidisciplinary insights into what characterises effective user control over the collection and use of personal data. User controls arise from the interplay of a number of conditions. These are partly technical but also connected to different aspects of user behaviour, the intricacies of design, as well as the internal and external incentives in privacy governance that exist today. Our review of the state of research underscores that devising effective user controls require close collaboration between different disciplines, clear regulatory guidance and scientifically-backed assessments.
|
| Kostić, B., Vargas Penagos, E.
The freely given consent and the "bundling" provision under the GDPR Computerrecht, 2017 (4), pp. 217-222, 2017. @article{Kosti\'{c}2017,
title = {The freely given consent and the "bundling" provision under the GDPR}, author = {Kosti\'{c}, B. and Vargas Penagos, E.}, url = {https://www.ivir.nl/publicaties/download/Computerrecht_2017_4.pdf}, year = {2017}, date = {2017-09-15}, journal = {Computerrecht}, volume = {2017}, number = {4}, pages = {217-222}, abstract = {Under European data protection law, consent of the data subject is one of the six grounds for lawful processing of personal data. It is such an important ground that lawmakers considered it necessary to provide a legal definition of consent. One of the conditions under this definition is that it needs to be “freely given.” The General Data Protection Regulation (GDPR) 3 has further expanded on this concept in Article 7(4). It refers to a situation under which consent might not be considered “freely given.” If consent is invalid because it is not freely given, the processing is usually unlawful. Consequently, a legal basis for processing is missing. Therefore, this is an important provision. Yet the wording of this new provision is vague and its scope is unclear. Thus, the question arises as to how Article 7(4) should be applied. In this paper, the authors tease out the assessment criteria for the application of this provision on the basis of its text, structure and history. These criteria will then be applied to hypothetical cases in the final section. }, keywords = {}, pubstate = {published}, tppubtype = {article} } Under European data protection law, consent of the data subject is one of the six grounds for lawful processing of personal data. It is such an important ground that lawmakers considered it necessary to provide a legal definition of consent. One of the conditions under this definition is that it needs to be “freely given.” The General Data Protection Regulation (GDPR) 3 has further expanded on this concept in Article 7(4). It refers to a situation under which consent might not be considered “freely given.” If consent is invalid because it is not freely given, the processing is usually unlawful. Consequently, a legal basis for processing is missing. Therefore, this is an important provision. Yet the wording of this new provision is vague and its scope is unclear. Thus, the question arises as to how Article 7(4) should be applied. In this paper, the authors tease out the assessment criteria for the application of this provision on the basis of its text, structure and history. These criteria will then be applied to hypothetical cases in the final section.
|
| Sax, M.
Book Review: The Crisis of Presence in Contemporary Culture European Data Protection Law Review, 3 (2), pp. 293-296, 2017. @article{Sax2017,
title = {Book Review: The Crisis of Presence in Contemporary Culture}, author = {Sax, M.}, url = {https://edpl.lexxion.eu/article/EDPL/2017/2/27}, doi = {https://doi.org/10.21552/edpl/2017/2/27}, year = {2017}, date = {2017-08-01}, journal = {European Data Protection Law Review}, volume = {3}, number = {2}, pages = {293-296}, keywords = {}, pubstate = {published}, tppubtype = {article} } |