Privacy
|
van der Sloot, B. Book Review: Smart Technologies and the End(s) of Law Miscellaneous 2015. @misc{,
title = {Book Review: Smart Technologies and the End(s) of Law}, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1697.pdf}, year = {2015}, date = {2015-12-15}, journal = {European Data Protection Law Review}, number = {2}, pages = {148-150.}, keywords = {}, pubstate = {published}, tppubtype = {misc} } |
|
van der Sloot, B. Annotatie bij Hof van Justitie EU 16 juli 2015 (Coty / Stadtsparkasse) Miscellaneous 2015. @misc{,
title = {Annotatie bij Hof van Justitie EU 16 juli 2015 (Coty / Stadtsparkasse)}, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1698.pdf}, year = {2015}, date = {2015-12-15}, journal = {European Human Rights Cases}, number = {10}, keywords = {}, pubstate = {published}, tppubtype = {misc} } |
|
van der Sloot, B. 2015, (<p> @misc{,
title = {Is the Human Rights Framework Still Fit for the Big Data Era? A Discussion of the ECtHR's Case Law on Privacy Violations Arising from Surveillance Activities}, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1701.pdf}, year = {2015}, date = {2015-12-15}, abstract = { Human rights protect humans. This seemingly uncontroversial axiom might become quintessential over time, especially with regard to the right to privacy. Article 8 of the European Convention on Human Rights grants natural persons> a right to complain, in order to protect their individual interests, such as those related to personal freedom, human dignity and individual autonomy. With Big Data processes, however, individuals are mostly unaware that their personal data are gathered and processed and even if they are, they are often unable to substantiate their specific individual interest in these large data gathering systems. When the European Court of Human Rights assesses these types of cases, mostly revolving around (mass) surveillance activities, it finds itself stuck between the human rights framework on the one hand and the desire to evaluate surveillance practices by states on the other. Interestingly, the Court chooses to deal with these cases under Article 8 ECHR, but in order to do so, it is forced to go beyond the fundamental pillars of the human rights framework.
}, <p>
Human rights protect humans. This seemingly uncontroversial axiom might become quintessential over time, especially with regard to the right to privacy. Article 8 of the European Convention on Human Rights grants natural persons> a right to complain, in order to protect their individual interests, such as those related to personal freedom, human dignity and individual autonomy. With Big Data processes, however, individuals are mostly unaware that their personal data are gathered and processed and even if they are, they are often unable to substantiate their specific individual interest in these large data gathering systems. When the European Court of Human Rights assesses these types of cases, mostly revolving around (mass) surveillance activities, it finds itself stuck between the human rights framework on the one hand and the desire to evaluate surveillance practices by states on the other. Interestingly, the Court chooses to deal with these cases under Article 8 ECHR, but in order to do so, it is forced to go beyond the fundamental pillars of the human rights framework.</p> |
|
F.J. Zuiderveen Borgesius; M.M.M. van Eechoud Open Data, Privacy, and Fair Information Principles: Towards a Balancing Framework Journal Article 2015. @article{,
title = {Open Data, Privacy, and Fair Information Principles: Towards a Balancing Framework}, author = {F.J. Zuiderveen Borgesius and M.M.M. van Eechoud}, url = {http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2695005}, year = {2015}, date = {2015-12-03}, abstract = { Open data are held to contribute to a wide variety of social and political goals, including strengthening transparency, public participation and democratic accountability, promoting economic growth and innovation, and enabling greater public sector efficiency and cost savings. However, releasing government data that contain personal information may threaten privacy and related rights and interests. In this paper we ask how these privacy interests can be respected, without unduly hampering benefits from disclosing public sector information. We propose a balancing framework to help public authorities address this question in different contexts. The framework takes into account different levels of privacy risks for different types of data. It also separates decisions about access and re-use, and highlights a range of different disclosure routes. A circumstance catalogue lists factors that might be considered when assessing whether, under which conditions, and how a dataset can be released. While open data remains an important route for the publication of government information, we conclude that it is not the only route, and there must be clear and robust public interest arguments in order to justify the disclosure of personal information as open data.
}, Open data are held to contribute to a wide variety of social and political goals, including strengthening transparency, public participation and democratic accountability, promoting economic growth and innovation, and enabling greater public sector efficiency and cost savings. However, releasing government data that contain personal information may threaten privacy and related rights and interests. In this paper we ask how these privacy interests can be respected, without unduly hampering benefits from disclosing public sector information. We propose a balancing framework to help public authorities address this question in different contexts. The framework takes into account different levels of privacy risks for different types of data. It also separates decisions about access and re-use, and highlights a range of different disclosure routes. A circumstance catalogue lists factors that might be considered when assessing whether, under which conditions, and how a dataset can be released. While open data remains an important route for the publication of government information, we conclude that it is not the only route, and there must be clear and robust public interest arguments in order to justify the disclosure of personal information as open data.
|
|
A.M. Arnbak Safe Harbor 2.0 gedoemd te mislukken Miscellaneous 2015. @misc{,
title = {Safe Harbor 2.0 gedoemd te mislukken}, author = {A.M. Arnbak}, url = {https://www.axelarnbak.nl/2015/11/05/16e-column-financieele-dagblad-privacy-week-safe-harbor-2-0-gedoemd-te-mislukken/}, year = {2015}, date = {2015-11-05}, note = { Column in Het Financieele Dagblad van 4 november 2015.
}, |
|
F.J. Zuiderveen Borgesius; A.M. Arnbak New Data Security Requirements and the Proceduralization of Mass Surveillance Law after the European Data Retention Case Journal Article 2015. @article{,
title = {New Data Security Requirements and the Proceduralization of Mass Surveillance Law after the European Data Retention Case}, author = {F.J. Zuiderveen Borgesius and A.M. Arnbak}, url = {http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2678860}, year = {2015}, date = {2015-10-27}, abstract = { This paper discusses the regulation of mass metadata surveillance in Europe through the lens of the landmark judgment in which the Court of Justice of the European Union struck down the Data Retention Directive. The controversial directive obliged telecom and Internet access providers in Europe to retain metadata of all their customers for intelligence and law enforcement purposes, for a period of up to two years. In the ruling, the Court declared the directive in violation of the human rights to privacy and data protection. The Court also confirmed that the mere collection of metadata interferes with the human right to privacy. In addition, the Court developed three new criteria for assessing the level of data security required from a human rights perspective: security measures should take into account the risk of unlawful access to data, and the data’s quantity and sensitivity. While organizations that campaigned against the directive have welcomed the ruling, we warn for the risk of proceduralization of mass surveillance law. The Court did not fully condemn mass surveillance that relies on metadata, but left open the possibility of mass surveillance if policymakers lay down sufficient procedural safeguards. Such proceduralization brings systematic risks for human rights. Government agencies, with ample resources, can design complicated systems of procedural oversight for mass surveillance – and claim that mass surveillance is lawful, even if it affects millions of innocent people.
}, This paper discusses the regulation of mass metadata surveillance in Europe through the lens of the landmark judgment in which the Court of Justice of the European Union struck down the Data Retention Directive. The controversial directive obliged telecom and Internet access providers in Europe to retain metadata of all their customers for intelligence and law enforcement purposes, for a period of up to two years. In the ruling, the Court declared the directive in violation of the human rights to privacy and data protection. The Court also confirmed that the mere collection of metadata interferes with the human right to privacy. In addition, the Court developed three new criteria for assessing the level of data security required from a human rights perspective: security measures should take into account the risk of unlawful access to data, and the data’s quantity and sensitivity. While organizations that campaigned against the directive have welcomed the ruling, we warn for the risk of proceduralization of mass surveillance law. The Court did not fully condemn mass surveillance that relies on metadata, but left open the possibility of mass surveillance if policymakers lay down sufficient procedural safeguards. Such proceduralization brings systematic risks for human rights. Government agencies, with ample resources, can design complicated systems of procedural oversight for mass surveillance – and claim that mass surveillance is lawful, even if it affects millions of innocent people.
|
|
K. Irion Cloud services made in Europe after Snowden and Schrems Journal Article 2015. @article{,
title = {Cloud services made in Europe after Snowden and Schrems}, author = {K. Irion}, url = {http://policyreview.info/articles/news/cloud-services-made-europe-after-snowden-and-schrems/377}, year = {2015}, date = {2015-10-27}, note = { Comment in Internet Policy Review, 23 October 2015.
}, |
|
A.M. Arnbak Datatransport - Hof EU nog steeds niet volwassen Miscellaneous 2015. @misc{,
title = {Datatransport - Hof EU nog steeds niet volwassen}, author = {A.M. Arnbak}, url = {https://www.axelarnbak.nl/2015/10/07/15e-column-financieele-dagblad-datatransport-hof-eu-nog-steeds-niet-volwassen/}, year = {2015}, date = {2015-10-09}, note = { Column in Het Financieele Dagblad van 7 oktober 2015.
}, |
|
Irion, K. International Journal of Law and Information Technology, 23 (4), pp. 348-371., 2015, ((2015) International Journal of Law and Information Technology 23(4): 348-371, DOI: 10.1093/ijlit/eav015, available at http://ijlit.oxfordjournals.org/content/23/4/348.abstract). @article{,
title = {Your Digital Home is No Longer Your Castle: How Cloud Computing Transforms the (Legal) Relationship between Individuals and Their Personal Records}, author = {Irion, K.}, url = {http://www.ivir.nl/publicaties/download/1584.pdf}, doi = {10.1093/ijlit/eav015}, year = {2015}, date = {2015-09-29}, journal = {International Journal of Law and Information Technology}, volume = {23}, number = {4}, pages = {348-371.}, abstract = {In line with the overall trend individuals’ personal affairs, too, are composed of digital records to an increasing amount. At about the same time, the era of local storage in end user equipment is about to give way to remote computing where data resides on third party equipment (cloud computing). Once information, and even the most personal one, is no longer stored on personal equipment the relationship between individual users and their digital assets belonging to them is becoming increasingly abstract. This contribution focuses on the implications of cloud computing for individuals’ unpublicized digital records. The question to be answered is whether - taken together - the progressing virtualization and the disruption of physical control produce a backslide for individual positions of rights. The paper introduces the legal treatment of users’ digital personal records and how a technical transformation in combination with disparate legal protection and prevailing commercial practices are bound to impact the distribution of rights and obligations. }, note = {(2015) International Journal of Law and Information Technology 23(4): 348-371, DOI: 10.1093/ijlit/eav015, available at http://ijlit.oxfordjournals.org/content/23/4/348.abstract}, keywords = {}, pubstate = {published}, tppubtype = {article} } In line with the overall trend individuals’ personal affairs, too, are composed of digital records to an increasing amount. At about the same time, the era of local storage in end user equipment is about to give way to remote computing where data resides on third party equipment (cloud computing). Once information, and even the most personal one, is no longer stored on personal equipment the relationship between individual users and their digital assets belonging to them is becoming increasingly abstract.
This contribution focuses on the implications of cloud computing for individuals’ unpublicized digital records. The question to be answered is whether - taken together - the progressing virtualization and the disruption of physical control produce a backslide for individual positions of rights. The paper introduces the legal treatment of users’ digital personal records and how a technical transformation in combination with disparate legal protection and prevailing commercial practices are bound to impact the distribution of rights and obligations. |
|
F.J. Zuiderveen Borgesius Freedom of Expression and 'Right to Be Forgotten' Cases in the Netherlands after Google Spain Journal Article European Data Protection Law Review, (2), pp. 113-125., 2015. @article{,
title = {Freedom of Expression and 'Right to Be Forgotten' Cases in the Netherlands after Google Spain}, author = {F.J. Zuiderveen Borgesius}, url = {http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2652171}, year = {2015}, date = {2015-09-17}, journal = {European Data Protection Law Review}, number = {2}, pages = {113-125.}, abstract = { Since the Google Spain judgment of the Court of Justice of the European Union, Europeans have, under certain conditions, the right to have search results for their name delisted. This paper examines how the Google Spain judgment has been applied in the Netherlands. Since the Google Spain judgment, Dutch courts have decided on two cases regarding delisting requests. In both cases, the Dutch courts considered freedom of expression aspects of delisting more thoroughly than the Court of Justice. However, the effect of the Google Spain judgment on freedom of expression is difficult to assess, as search engine operators decide about most delisting requests without disclosing much about their decisions.
}, Since the Google Spain judgment of the Court of Justice of the European Union, Europeans have, under certain conditions, the right to have search results for their name delisted. This paper examines how the Google Spain judgment has been applied in the Netherlands. Since the Google Spain judgment, Dutch courts have decided on two cases regarding delisting requests. In both cases, the Dutch courts considered freedom of expression aspects of delisting more thoroughly than the Court of Justice. However, the effect of the Google Spain judgment on freedom of expression is difficult to assess, as search engine operators decide about most delisting requests without disclosing much about their decisions.
|
|
A.M. Arnbak Afluisterwet is juridische gatenkaas Miscellaneous 2015. @misc{,
title = {Afluisterwet is juridische gatenkaas}, author = {A.M. Arnbak}, url = {https://www.axelarnbak.nl/wp-content/uploads/2015/09/FD14.pdf}, year = {2015}, date = {2015-09-10}, note = { Column in Het Financieele Dagblad van 9 september 2015.
}, |
|
van der Sloot, B. Big data bieden geen keus Miscellaneous 2015, (<p> @misc{,
title = {Big data bieden geen keus}, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1620.pdf}, year = {2015}, date = {2015-09-04}, journal = {Rechtspraak}, number = {3}, pages = {22-24.}, note = {<p> Interview in <em>Rechtspraak, </em>Magazine van de Raad voor de Rechtspraak.</p> }, keywords = {}, pubstate = {published}, tppubtype = {misc} } |
|
F.J. Zuiderveen Borgesius Online Price Discrimination and Data Protection Law Journal Article 2015. @article{,
title = {Online Price Discrimination and Data Protection Law}, author = {F.J. Zuiderveen Borgesius}, url = {http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2652665}, year = {2015}, date = {2015-09-01}, abstract = { Online shops can offer each website customer a different price – a practice called first degree price discrimination, or personalised pricing. An online shop can recognise a customer, for instance through a cookie, and categorise the customer as a rich or a poor person. The shop could, for instance, charge rich people higher prices. From an economic perspective, there are good arguments in favour of price discrimination. But many regard price discrimination as unfair or manipulative. This paper examines whether European data protection law applies to personalised pricing. Data protection law applies if personal data are processed. This paper argues that personalised pricing generally entails the processing of personal data. Therefore, data protection law generally applies to personalised pricing. That conclusion has several implications. For instance, data protection law requires a company to inform people about the purpose of processing their personal data. A company must inform customers if it personalises prices.
}, Forthcoming as a conference paper for the Amsterdam Privacy Conference 23-26 October 2015.
}, Online shops can offer each website customer a different price – a practice called first degree price discrimination, or personalised pricing. An online shop can recognise a customer, for instance through a cookie, and categorise the customer as a rich or a poor person. The shop could, for instance, charge rich people higher prices. From an economic perspective, there are good arguments in favour of price discrimination. But many regard price discrimination as unfair or manipulative. This paper examines whether European data protection law applies to personalised pricing. Data protection law applies if personal data are processed. This paper argues that personalised pricing generally entails the processing of personal data. Therefore, data protection law generally applies to personalised pricing. That conclusion has several implications. For instance, data protection law requires a company to inform people about the purpose of processing their personal data. A company must inform customers if it personalises prices.
|
|
A.W. Hins Onno Hoes vs. PowNed: ook een burgemeester heeft recht op privacy Miscellaneous 2015. @misc{,
title = {Onno Hoes vs. PowNed: ook een burgemeester heeft recht op privacy}, author = {A.W. Hins}, url = {http://jnmblog.nl/articles/onno-hoes-vs.-powned-ook-een-burgemeester-heeft-recht-op-privacy}, year = {2015}, date = {2015-08-20}, note = { Bijdrage aan webblog Journalistiek en Nieuwe Media van de Universiteit Leiden.
}, |
|
F.J. Zuiderveen Borgesius Privacy van consumenten Miscellaneous 2015. @misc{,
title = {Privacy van consumenten}, author = {F.J. Zuiderveen Borgesius}, url = {http://www.ivir.nl/publicaties/download/1589.pdf}, year = {2015}, date = {2015-07-17}, note = { Hoofdstuk in: Handboek Consumentenrecht: Een overzicht van de rechtspositie van de consument, prof. mr. E.H. Hondius, mr. G.J. Rijken (red.), 2015. ISBN 9789462510753.
}, |
|
A.M. Arnbak Europa gaat te traag met beleid voor versleuteling Miscellaneous 2015. @misc{,
title = {Europa gaat te traag met beleid voor versleuteling}, author = {A.M. Arnbak}, url = {http://www.ivir.nl/publicaties/download/1588.pdf}, year = {2015}, date = {2015-07-16}, note = { Column in Het Financieele Dagblad van 15 juli 2015.
}, |
|
Zuiderveen Borgesius, F. European Journal of Migration and Law, pp. 259-272., 2015, (<p> @article{,
title = {Access to Personal Data and the Right to Good Governance during Asylum Procedures after the CJEU's YS and M. and S. judgment (C-141/12 and C-372/12)}, author = {Zuiderveen Borgesius, F.}, url = {http://booksandjournals.brillonline.com/content/journals/10.1163/15718166-12342080}, year = {2015}, date = {2015-07-10}, journal = {European Journal of Migration and Law}, pages = {259-272.}, abstract = { In the YS. and M. and S. judgment, the Court of Justice of the European Union ruled on three procedures in which Dutch judges asked for clarification on the right of asylum seekers to have access to the documents regarding the decision on asylum applications. The judgment is relevant for interpreting the concept of personal data and the scope of the right of access under the Data Protection Directive, and the right to good administration in the eu Charter of Fundamental Rights. At first glance, the judgment seems disappointing from the viewpoint of individual rights. Nevertheless, in our view the judgment provides sufficient grounds for effective access rights to the minutes in future asylum cases.
}, <p>
In the YS. and M. and S. judgment, the Court of Justice of the European Union ruled on three procedures in which Dutch judges asked for clarification on the right of asylum seekers to have access to the documents regarding the decision on asylum applications. The judgment is relevant for interpreting the concept of personal data and the scope of the right of access under the Data Protection Directive, and the right to good administration in the eu Charter of Fundamental Rights. At first glance, the judgment seems disappointing from the viewpoint of individual rights. Nevertheless, in our view the judgment provides sufficient grounds for effective access rights to the minutes in future asylum cases.</p> |
|
F.J. Zuiderveen Borgesius Personal data processing for behavioural targeting: which legal basis? Journal Article International Data Privacy Law, 2015. @article{,
title = {Personal data processing for behavioural targeting: which legal basis?}, author = {F.J. Zuiderveen Borgesius}, url = {http://idpl.oxfordjournals.org/content/early/2015/06/23/idpl.ipv011.abstract?keytype=ref&ijkey=vlrPCGCUMXW8kAz}, year = {2015}, date = {2015-06-25}, journal = {International Data Privacy Law}, abstract = { Key Points: The European Union Charter of Fundamental Rights only allows personal data processing if a data controller has a legal basis for the processing. This paper argues that, in most circumstances, the only available legal basis for the processing of personal data for behavioural targeting is the data subject's unambiguous consent. Furthermore, the paper argues that the cookie consent requirement from the e-Privacy Directive does not provide a legal basis for the processing of personal data. Therefore, even if companies could use an opt-out system to comply with the e-Privacy Directive's consent requirement for using a tracking cookie, they would generally have to obtain the data subject's unambiguous consent if they process personal data for behavioural targeting.
}, Key Points: The European Union Charter of Fundamental Rights only allows personal data processing if a data controller has a legal basis for the processing. This paper argues that, in most circumstances, the only available legal basis for the processing of personal data for behavioural targeting is the data subject's unambiguous consent. Furthermore, the paper argues that the cookie consent requirement from the e-Privacy Directive does not provide a legal basis for the processing of personal data. Therefore, even if companies could use an opt-out system to comply with the e-Privacy Directive's consent requirement for using a tracking cookie, they would generally have to obtain the data subject's unambiguous consent if they process personal data for behavioural targeting.
|
|
A.M. Arnbak Lobby in Europa zorgt voor absurd internetbeleid Miscellaneous 2015. @misc{,
title = {Lobby in Europa zorgt voor absurd internetbeleid}, author = {A.M. Arnbak}, url = {https://www.axelarnbak.nl/wp-content/uploads/2015/06/fd11.pdf}, year = {2015}, date = {2015-06-18}, note = { Column in Het Financieele Dagblad van 17 juni 2015.
}, |
|
F.J. Zuiderveen Borgesius; S. Kulk De implicaties van het Google Spain-arrest voor de vrijheid van meningsuiting Journal Article NJCM-Bulletin, (1), pp. 3-19., 2015. @article{,
title = {De implicaties van het Google Spain-arrest voor de vrijheid van meningsuiting}, author = {F.J. Zuiderveen Borgesius and S. Kulk}, url = {http://www.ivir.nl/publicaties/download/1566.pdf}, year = {2015}, date = {2015-06-04}, journal = {NJCM-Bulletin}, number = {1}, pages = {3-19.}, abstract = { In deze bijdrage wordt het \emph{Google Spain-}arrest van het Hof van Justitie van de Europese Unie besproken, evenals de ontwikkelingen na het arrest. Centraal staat de vraag naar de gevolgen van het arrest voor de vrijheid van meningsuiting. De auteurs betogen dat het Hof onvoldoende aandacht schenkt aan de vrijheid van meningsuiting.
}, In deze bijdrage wordt het Google Spain-arrest van het Hof van Justitie van de Europese Unie besproken, evenals de ontwikkelingen na het arrest. Centraal staat de vraag naar de gevolgen van het arrest voor de vrijheid van meningsuiting. De auteurs betogen dat het Hof onvoldoende aandacht schenkt aan de vrijheid van meningsuiting.
|
|
van der Sloot, B. Privacy as Personality Right: Why the ECtHR's Focus on Ulterior Interests Might Prove Indispensable in the Age of Journal Article Utrecht Journal of International and European Law, (80), pp. 25-50., 2015, (<p> @article{,
title = {Privacy as Personality Right: Why the ECtHR's Focus on Ulterior Interests Might Prove Indispensable in the Age of }, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1555.pdf}, year = {2015}, date = {2015-05-22}, journal = {Utrecht Journal of International and European Law}, number = {80}, pages = {25-50.}, abstract = { Article 8 ECHR was adopted as a classic negative right, which provides the citizen protection from unlawful and arbitrary interference by the state with his private and family life, home and communication. The ECtHR, however, has gradually broadened its scope so that the right to privacy encroaches upon other provisions embodied in the Convention, includes rights and freedoms explicitly left out of the ECHR by the drafters of the Convention and functions as the main pillar on which the Court has built its practice of opening up the Convention for new rights and freedoms. Consequently, Article 8 ECHR has been transformed from a classic privacy right to a personality right, providing protection to the personal development of individuals. Apart from its theoretical significance, this shift might prove indispensable in the age of Big Data, as personality rights protect a different type of interest, which is far more easy to substantiate in the new technological paradigm than those associated with the right to privacy.
}, <p>
Article 8 ECHR was adopted as a classic negative right, which provides the citizen protection from unlawful and arbitrary interference by the state with his private and family life, home and communication. The ECtHR, however, has gradually broadened its scope so that the right to privacy encroaches upon other provisions embodied in the Convention, includes rights and freedoms explicitly left out of the ECHR by the drafters of the Convention and functions as the main pillar on which the Court has built its practice of opening up the Convention for new rights and freedoms. Consequently, Article 8 ECHR has been transformed from a classic privacy right to a personality right, providing protection to the personal development of individuals. Apart from its theoretical significance, this shift might prove indispensable in the age of Big Data, as personality rights protect a different type of interest, which is far more easy to substantiate in the new technological paradigm than those associated with the right to privacy.</p> |
|
van der Sloot, B. Book review: 'Reforming European Data Protection Law' Miscellaneous 2015, (<p> @misc{,
title = {Book review: 'Reforming European Data Protection Law'}, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1556.pdf}, year = {2015}, date = {2015-05-21}, journal = {European Data Protection Law Review}, number = {1}, pages = {85-87.}, note = {<p> Boekbespreking van <em>Reforming European Data Protection Law</em>, S. Gutwirth, R. Leenes en P. de Hert (eds.), Springer 2015.</p> }, keywords = {}, pubstate = {published}, tppubtype = {misc} } |
|
F.J. Zuiderveen Borgesius Het mijnenveld van het informatierecht Journal Article Mr., (5), pp. 62-67, 2015. @article{,
title = {Het mijnenveld van het informatierecht}, author = {F.J. Zuiderveen Borgesius}, url = {http://www.ivir.nl/publicaties/download/1552.pdf}, year = {2015}, date = {2015-05-12}, journal = {Mr.}, number = {5}, pages = {62-67}, abstract = { In theorie lijkt de bescherming van persoonsgegevens op orde: internetbedrijven moeten mensen informeren over wat er met hun gegevens gebeurt, en doorgaans toestemming vragen voor ze die gegevens gebruiken. Maar in de praktijk schiet die ‘geïnformeerde toestemming’ als privacybeschermingsmaatregel tekort. Om privacy beter te beschermen moet volgens onderzoeker Frederik Borgesius de privacywetgeving beter worden nageleefd en gehandhaafd én op de schop. Hij pleit voor een breder privacydebat. “We móeten dat mijnenveld in.”
}, Interview.
}, In theorie lijkt de bescherming van persoonsgegevens op orde: internetbedrijven moeten mensen informeren over wat er met hun gegevens gebeurt, en doorgaans toestemming vragen voor ze die gegevens gebruiken. Maar in de praktijk schiet die ‘geïnformeerde toestemming’ als privacybeschermingsmaatregel tekort. Om privacy beter te beschermen moet volgens onderzoeker Frederik Borgesius de privacywetgeving beter worden nageleefd en gehandhaafd én op de schop. Hij pleit voor een breder privacydebat. “We móeten dat mijnenveld in.”
|
|
E.J. Dommering; N.A.N.M. van Eijk Verzameldrift 'big data' grijpt om zich heen Miscellaneous 2015. @misc{,
title = {Verzameldrift 'big data' grijpt om zich heen}, author = {E.J. Dommering and N.A.N.M. van Eijk}, url = {http://www.ivir.nl/publicaties/download/1550.pdf}, year = {2015}, date = {2015-05-05}, abstract = { Het bewaren van communicatiegegevens van alle Nederlandse telefoon- en internetgebruikers is terecht door het Europese Hof van Justitie verboden.
}, Opinie in De Volkskrant van 5 mei 2015.
}, Het bewaren van communicatiegegevens van alle Nederlandse telefoon- en internetgebruikers is terecht door het Europese Hof van Justitie verboden.
|
|
van der Sloot, B. Do privacy and data protection rules apply to legal persons and should they? A proposal for a two-tiered system Journal Article Computer Law & Security Review, (1), pp. 26-45, 2015. @article{,
title = {Do privacy and data protection rules apply to legal persons and should they? A proposal for a two-tiered system}, author = {van der Sloot, B.}, url = {http://www.sciencedirect.com/science/article/pii/S0267364914001812}, year = {2015}, date = {2015-04-24}, journal = {Computer Law & Security Review}, number = {1}, pages = {26-45}, abstract = { Privacy and data protection rules are usually said to protect the individual against intrusive governments and nosy companies. These rights guarantee the individual's freedom, personal autonomy and human dignity, among others. More and more, however, legal persons are also allowed to invoke the rights to privacy and data protection. Prima facie, it seems difficult to reconcile this trend with the standard interpretation of those rights, as legal persons do not enjoy freedom, personal autonomy or human dignity and it seems uncertain why business interests should be protected under privacy and data protection rules. On second thoughts, however, it appears rather unproblematic to grant legal persons partial protection under these regimes, especially when it recognizes general duties of care for data processors and governmental agencies.
}, <p>
Privacy and data protection rules are usually said to protect the individual against intrusive governments and nosy companies. These rights guarantee the individual's freedom, personal autonomy and human dignity, among others. More and more, however, legal persons are also allowed to invoke the rights to privacy and data protection. Prima facie, it seems difficult to reconcile this trend with the standard interpretation of those rights, as legal persons do not enjoy freedom, personal autonomy or human dignity and it seems uncertain why business interests should be protected under privacy and data protection rules. On second thoughts, however, it appears rather unproblematic to grant legal persons partial protection under these regimes, especially when it recognizes general duties of care for data processors and governmental agencies.</p> |
|
van der Sloot, B. Annotatie bij Hof van Justitie van de EU 11 december 2014 (Ryneš / Úřad pro ochranu osobních údajů) Miscellaneous 2015, (<p> @misc{,
title = {Annotatie bij Hof van Justitie van de EU 11 december 2014 (Ryne\v{s} / \'{U}\v{r}ad pro ochranu osobn\'{i}ch \'{u}dajr{u})}, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1542.pdf}, year = {2015}, date = {2015-04-24}, journal = {European Human Rights Cases}, number = {3}, note = {<p> C-212/13.</p> }, keywords = {}, pubstate = {published}, tppubtype = {misc} } |
|
B. Bodó Hacktivism 1-2-3: how privacy enhancing technologies change the face of anonymous hacktivism Journal Article Internet Policy Review, 3 (4), 2015. @article{,
title = {Hacktivism 1-2-3: how privacy enhancing technologies change the face of anonymous hacktivism}, author = {B. Bod\'{o}}, url = {http://policyreview.info/articles/analysis/hacktivism-1-2-3-how-privacy-enhancing-technologies-change-face-anonymous}, year = {2015}, date = {2015-04-24}, journal = {Internet Policy Review}, volume = {3}, number = {4}, abstract = { This short essay explores how the notion of hacktivism changes due to easily accessible, military grade Privacy Enhancing Technologies (PETs). Privacy Enhancing Technologies, technological tools which provide anonymous communications and protect users from online surveillance enable new forms of online political activism. Through the short summary of the ad-hoc vigilante group Anonymous, this article describes hacktivism 1.0 as electronic civil disobedience conducted by outsiders. Through the analysis of Wikileaks, the anonymous whistleblowing website, it describes how strong PETs enable the development of hacktivism 2.0, where the source of threat is shifted from outsiders to insiders. Insiders have access to documents with which power can be exposed, and who, by using PETs, can anonymously engage in political action. We also describe the emergence of a third generation of hacktivists who use PETs to disengage and create their own autonomous spaces rather than to engage with power through anonymous whistleblowing.
}, This short essay explores how the notion of hacktivism changes due to easily accessible, military grade Privacy Enhancing Technologies (PETs). Privacy Enhancing Technologies, technological tools which provide anonymous communications and protect users from online surveillance enable new forms of online political activism. Through the short summary of the ad-hoc vigilante group Anonymous, this article describes hacktivism 1.0 as electronic civil disobedience conducted by outsiders. Through the analysis of Wikileaks, the anonymous whistleblowing website, it describes how strong PETs enable the development of hacktivism 2.0, where the source of threat is shifted from outsiders to insiders. Insiders have access to documents with which power can be exposed, and who, by using PETs, can anonymously engage in political action. We also describe the emergence of a third generation of hacktivists who use PETs to disengage and create their own autonomous spaces rather than to engage with power through anonymous whistleblowing.
|
|
O.L. van Daalen Burgers tegen Plasterk: het Nederlandse staartje van de Snowden-saga Journal Article Ars Aequi, (4), pp. 287-293., 2015. @article{,
title = {Burgers tegen Plasterk: het Nederlandse staartje van de Snowden-saga}, author = {O.L. van Daalen}, url = {http://www.ivir.nl/publicaties/download/1535.pdf}, year = {2015}, date = {2015-04-17}, journal = {Ars Aequi}, number = {4}, pages = {287-293.}, abstract = { De Snowden-onthullingen haalden niet alleen wereldwijd de media en het parlementair debat. Ze leidden zelfs tot een Nederlandse rechtszaak over communicatieprivacy. Een principiële rechtszaak over burgerrechtenactivisme, surveillance en politieke intrige, met een verrassende, maar ook teleurstellende uitkomst. Dit moet je weten.
}, De Snowden-onthullingen haalden niet alleen wereldwijd de media en het parlementair debat. Ze leidden zelfs tot een Nederlandse rechtszaak over communicatieprivacy. Een principiële rechtszaak over burgerrechtenactivisme, surveillance en politieke intrige, met een verrassende, maar ook teleurstellende uitkomst. Dit moet je weten.
|
|
F.J. Zuiderveen Borgesius Privacybescherming online kan beter: De mythe van geïnformeerde toestemming Journal Article Nederlands Juristenblad, (14), pp. 878-883., 2015. @article{,
title = {Privacybescherming online kan beter: De mythe van ge\"{i}nformeerde toestemming}, author = {F.J. Zuiderveen Borgesius}, url = {http://www.ivir.nl/publicaties/download/1536.pdf}, year = {2015}, date = {2015-04-17}, journal = {Nederlands Juristenblad}, number = {14}, pages = {878-883.}, abstract = { De huidige privacyregels leggen veel nadruk op de geïnformeerde toestemming van internetgebruikers. Met zulke toestemmingsregels probeert de wet mensen in staat te stellen om keuzes te maken in hun eigen belang. Maar inzichten uit gedragsstudies trekken de effectiviteit van deze wetgevingstactiek in twijfel. Zo klikken internetgebruikers in de praktijk 'OK' op vrijwel elk toestemmingsverzoek dat op hun scherm verschijnt. De wet zou meer aandacht moeten geven aan de daadwerkelijke bescherming van de privacy van mensen die het internet opgaan.
}, De huidige privacyregels leggen veel nadruk op de geïnformeerde toestemming van internetgebruikers. Met zulke toestemmingsregels probeert de wet mensen in staat te stellen om keuzes te maken in hun eigen belang. Maar inzichten uit gedragsstudies trekken de effectiviteit van deze wetgevingstactiek in twijfel. Zo klikken internetgebruikers in de praktijk 'OK' op vrijwel elk toestemmingsverzoek dat op hun scherm verschijnt. De wet zou meer aandacht moeten geven aan de daadwerkelijke bescherming van de privacy van mensen die het internet opgaan.
|
|
van der Sloot, B. Privacy as human flourishing: Could a shift towards virtue ethics strengthen privacy protection in the age of Big Data? Journal Article JIPITEC, (3), pp. 230-244., 2015. @article{,
title = {Privacy as human flourishing: Could a shift towards virtue ethics strengthen privacy protection in the age of Big Data?}, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1558.pdf}, year = {2015}, date = {2015-04-14}, journal = {JIPITEC}, number = {3}, pages = {230-244.}, abstract = { Privacy is commonly seen as an instrumental value in relation to negative freedom, human dignity and personal autonomy. Article 8 ECHR, protecting the right to privacy, was originally coined as a doctrine protecting the negative freedom of citizens in vertical relations, that is between citizen and state. Over the years, the Court has extended privacy protection to horizontal relations and has gradually accepted that individual autonomy is an equally important value underlying the right to privacy. However, in most of the recent cases regarding Article 8 ECHR, the Court goes beyond the protection of negative freedom and individual autonomy and instead focuses self-expression, personal development and human flourishing. Accepting this virtue ethical notion, in addition to the traditional Kantian focus on individual autonomy and human dignity, as a core value of Article 8 ECHR may prove vital for the protection of privacy in the age of Big Data.
}, <p>
Privacy is commonly seen as an instrumental value in relation to negative freedom, human dignity and personal autonomy. Article 8 ECHR, protecting the right to privacy, was originally coined as a doctrine protecting the negative freedom of citizens in vertical relations, that is between citizen and state. Over the years, the Court has extended privacy protection to horizontal relations and has gradually accepted that individual autonomy is an equally important value underlying the right to privacy. However, in most of the recent cases regarding Article 8 ECHR, the Court goes beyond the protection of negative freedom and individual autonomy and instead focuses self-expression, personal development and human flourishing. Accepting this virtue ethical notion, in addition to the traditional Kantian focus on individual autonomy and human dignity, as a core value of Article 8 ECHR may prove vital for the protection of privacy in the age of Big Data.</p> |
|
van der Sloot, B. Annotatie bij Rb. 's-Gravenhage 23 juli 2014 (Strafadvocaten e.a. / Staat der Nederlanden) Miscellaneous 2015. @misc{,
title = {Annotatie bij Rb. 's-Gravenhage 23 juli 2014 (Strafadvocaten e.a. / Staat der Nederlanden)}, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1559.pdf}, year = {2015}, date = {2015-04-13}, journal = {Mediaforum}, number = {11/12}, pages = {306-309.}, keywords = {}, pubstate = {published}, tppubtype = {misc} } |
|
A.M. Arnbak Emotie domineert verstand na aanslagen in Parijs Miscellaneous 2015. @misc{,
title = {Emotie domineert verstand na aanslagen in Parijs}, author = {A.M. Arnbak}, url = {http://www.ivir.nl/publicaties/download/1529.pdf}, year = {2015}, date = {2015-04-01}, note = { Column in Het Financieele Dagblad van 28 januari 2015.
}, |
|
A.M. Arnbak Neem heft in eigen hand na hack Gemalto Miscellaneous 2015. @misc{,
title = {Neem heft in eigen hand na hack Gemalto}, author = {A.M. Arnbak}, url = {http://www.ivir.nl/publicaties/download/1530.pdf}, year = {2015}, date = {2015-04-01}, note = { Column in Het Financieele Dagblad van 25 februari 2015.
}, |
|
A.M. Arnbak Nederlandse polder als model voor regulering internet Miscellaneous 2015. @misc{,
title = {Nederlandse polder als model voor regulering internet}, author = {A.M. Arnbak}, url = {http://www.ivir.nl/publicaties/download/1531.pdf}, year = {2015}, date = {2015-04-01}, note = { Column in Het Financieele Dagblad van 25 maart 2015.
}, |
|
O.L. van Daalen Tien privacytrends van 2014 Journal Article Mediaforum, (2), pp. 50-54., 2015. @article{,
title = {Tien privacytrends van 2014}, author = {O.L. van Daalen}, url = {http://www.ivir.nl/publicaties/download/1533.pdf}, year = {2015}, date = {2015-04-01}, journal = {Mediaforum}, number = {2}, pages = {50-54.}, abstract = { Het privacyrecht is inmiddels een serieus specialisme met jaarlijks tientallen beschikkingen, vonnissen en richtsnoeren. Een overzicht daarvan is nuttig, maar kan je daarin ook bredere ontwikkelingen ontdekken? Het afgelopen jaar in tien privacytrends.
}, Het privacyrecht is inmiddels een serieus specialisme met jaarlijks tientallen beschikkingen, vonnissen en richtsnoeren. Een overzicht daarvan is nuttig, maar kan je daarin ook bredere ontwikkelingen ontdekken? Het afgelopen jaar in tien privacytrends.
|
|
K. Irion Venture into the future of privacy Journal Article ELSA Synergy Magazine, (57), pp. 28-31., 2015. @article{,
title = {Venture into the future of privacy}, author = {K. Irion}, url = {http://www.ivir.nl/publicaties/download/1526.pdf}, year = {2015}, date = {2015-03-26}, journal = {ELSA Synergy Magazine}, number = {57}, pages = {28-31.}, abstract = { At the time of writing I am at the Computer Privacy and Data Protection Conference, for insiders just CPDP 2015, one of several mega-events with more than 1,000 participants from governments, European Union (EU) institutions, corporations, civil society and privacy advocates, and plenty of lawyers and academics just like me. This is emblematic of the transformation privacy and data protection have undergone from a somewhat dull area of law to a very visible cutting-edge legal expertise.
}, At the time of writing I am at the Computer Privacy and Data Protection Conference, for insiders just CPDP 2015, one of several mega-events with more than 1,000 participants from governments, European Union (EU) institutions, corporations, civil society and privacy advocates, and plenty of lawyers and academics just like me. This is emblematic of the transformation privacy and data protection have undergone from a somewhat dull area of law to a very visible cutting-edge legal expertise.
|
|
Hins, A. Annotatie bij EHRM 1 juli 2014 (A.B. / Zwitserland) Miscellaneous 2015. @misc{,
title = {Annotatie bij EHRM 1 juli 2014 (A.B. / Zwitserland)}, author = {Hins, A.}, url = {http://www.ivir.nl/publicaties/download/1495.pdf}, year = {2015}, date = {2015-02-20}, journal = {European Human Rights Cases}, number = {9}, abstract = { In Zwitserland was een journalist strafrechtelijk veroordeeld wegens het publiceren van gegevens uit een strafdossier. De kleinst mogelijke meerderheid van het EHRM acht diens klacht op grond van artikel 10 EVRM gegrond. Botsing van de persvrijheid met het recht op een eerlijk proces en met het recht op privacy van de verdachte.
}, <p>
In Zwitserland was een journalist strafrechtelijk veroordeeld wegens het publiceren van gegevens uit een strafdossier. De kleinst mogelijke meerderheid van het EHRM acht diens klacht op grond van artikel 10 EVRM gegrond. Botsing van de persvrijheid met het recht op een eerlijk proces en met het recht op privacy van de verdachte.</p> |
|
N.A.N.M. van Eijk; E.J. Dommering Bijdrage aan Rondetafelgesprek inzake dataretentie 29 januari 2015, Vaste commissie voor Veiligheid en Justitie Presentation 03.02.2015. @misc{,
title = {Bijdrage aan Rondetafelgesprek inzake dataretentie 29 januari 2015, Vaste commissie voor Veiligheid en Justitie}, author = {N.A.N.M. van Eijk and E.J. Dommering}, url = {http://www.ivir.nl/publicaties/download/1490.pdf}, year = {2015}, date = {2015-02-03}, note = { Zie ook 'Vertekend beeld door afschaflobby bewaarplicht' in Netkwesties, 29 januari 2015, met commentaar van Egbert Dommering 'Niet verzamelen is uitgangspunt'.
}, |
|
K. Irion The Court of Justice and the Data Retention Directive in Digital Rights Ireland Journal Article European Law Review, (6), pp. 835-850., 2015. @article{,
title = {The Court of Justice and the Data Retention Directive in Digital Rights Ireland}, author = {K. Irion}, url = {http://www.ivir.nl/publicaties/download/1456.pdf}, year = {2015}, date = {2015-01-15}, journal = {European Law Review}, number = {6}, pages = {835-850.}, abstract = { In Digital Rights Ireland, the Court of Justice invalidated the 2006 Data Retention Directive, which required private providers to retain for a considerable period electronic communication metadata for law enforcement purposes. In this landmark ruling, the EU judiciary introduced a strict scrutiny test for EU legislative acts that interfere seriously with important rights protected by the Charter of Fundamental Rights and the European Convention on Human Rights—in this case, the rights to privacy and data protection—and applied a rigorous assessment of the proportionality of the measure under the Charter, criticising numerous aspects of the Directive. This article presents and analyses the judgment, discussing its implications for constitutional review and constitutionalism in the European Union, and the substantive and procedural constraints that it imposes on EU and national data retention schemes. It concludes by reflecting on the ruling’s impact on European integration and data related policies.
}, In Digital Rights Ireland, the Court of Justice invalidated the 2006 Data Retention Directive, which required private providers to retain for a considerable period electronic communication metadata for law enforcement purposes. In this landmark ruling, the EU judiciary introduced a strict scrutiny test for EU legislative acts that interfere seriously with important rights protected by the Charter of Fundamental Rights and the European Convention on Human Rights—in this case, the rights to privacy and data protection—and applied a rigorous assessment of the proportionality of the measure under the Charter, criticising numerous aspects of the Directive. This article presents and analyses the judgment, discussing its implications for constitutional review and constitutionalism in the European Union, and the substantive and procedural constraints that it imposes on EU and national data retention schemes. It concludes by reflecting on the ruling’s impact on European integration and data related policies.
|
|
F.J. Zuiderveen Borgesius Kinderen worden gevolgd op websites en in apps Miscellaneous 2015. @misc{,
title = {Kinderen worden gevolgd op websites en in apps}, author = {F.J. Zuiderveen Borgesius}, url = {http://kassa.vara.nl/tv/afspeelpagina/fragment/kinderen-worden-gevolgd-op-websites-en-in-apps/speel/1/}, year = {2015}, date = {2015-01-08}, note = { Frederik Borgesius te gast bij het programma Kassa over websites en apps voor kinderen. Zie ook het artikel in De Correspondent van Dimitri Tokmetzis, Dit zijn de virtuele stalkers van uw kind, waar o.a. Ot van Daalen aan het woord komt.
}, |
|
F.J. Zuiderveen Borgesius New Forms of Commercial Communications and Data Protection Law Miscellaneous 2015. @misc{,
title = {New Forms of Commercial Communications and Data Protection Law}, author = {F.J. Zuiderveen Borgesius}, url = {http://www.ivir.nl/publicaties/download/1481.pdf}, year = {2015}, date = {2015-01-08}, note = { In: New Forms of Commercial Communications in a Converged Audiovisual Sector, IRIS Special, p. 67-76. Ook beschikbaar in het Duits en Frans.
}, |
|
(Ed.) Bescherm je cliënten tegen de staat, versleutel je mail Periodical 2015. @periodical{,
title = {Bescherm je cli\"{e}nten tegen de staat, versleutel je mail}, author = {O.L. van Daalen}, url = {http://www.nrc.nl/handelsblad/van/2014/december/22/bescherm-je-clienten-tegen-de-staat-versleutel-je-1450964}, year = {2015}, date = {2015-01-06}, abstract = { De AIVD houdt zich niet aan aftapbevoegdheden. Een gezonde dosis paranoia zou advocaten daarom niet misstaan, meent Ot van Daalen.
}, Opinie in NRC Handelsblad op 22 december 2014.
}, De AIVD houdt zich niet aan aftapbevoegdheden. Een gezonde dosis paranoia zou advocaten daarom niet misstaan, meent Ot van Daalen.
|
|
F.J. Zuiderveen Borgesius Improving Privacy Protection in the area of Behavioural Targeting / Betere privacybescherming op het gebied van behavioural targeting Journal Article 2014. @article{,
title = {Improving Privacy Protection in the area of Behavioural Targeting / Betere privacybescherming op het gebied van behavioural targeting}, author = {F.J. Zuiderveen Borgesius}, url = {http://www.ivir.nl/publicaties/download/1455.pdf}, year = {2014}, date = {2014-12-16}, note = { Short summary of PhD thesis in English and Dutch.
}, |
|
(Ed.) De unieke sleutel tot onze digitale informatie Periodical 2014. @periodical{,
title = {De unieke sleutel tot onze digitale informatie}, author = {A.M. Arnbak}, url = {http://www.ivir.nl/publicaties/download/1442.pdf}, year = {2014}, date = {2014-11-25}, journal = {Financieel Dagblad}, note = { Column van 25 november 2014.
}, |
|
Irion, K. Accountability unchained: Bulk Data Retention, Preemptive Surveillance, and Transatlantic Data Protection Miscellaneous 2014, (In: M. Rotenberg, J. Horwitz & J. Scott, eds., Visons of Privacy in a Modern Age, New York: New Press, 2015. ). @misc{Irion2014,
title = {Accountability unchained: Bulk Data Retention, Preemptive Surveillance, and Transatlantic Data Protection}, author = {Irion, K.}, url = {https://www.ivir.nl/accountability-unchained-kristina-irion_final/}, year = {2014}, date = {2014-11-21}, abstract = {The innovations on which today’s Internet proliferated have been a major gift from its founders and the US government to the world. Ever since the rise of the Internet it has attracted utopian ideas of a free and borderless cyberspace, a men-made global commons that serves an international community of users. First commercialization and now the prevalence of state surveillance have significantly depreciated the utopist patina. Internet’s borderless nature which was once heralded to rise above the nation state has actually enabled some states to rise above their borders when engaging in mass surveillance that affects users on a global scale. International human rights law and emerging Internet governance principles have not been authoritative enough to protect users’ privacy and the confidentiality of communications. More or less openly, Western democracies embarked on the path of mass surveillance with the aim to fight crime and defend national security. This chapter’s focus is on the safeguards and accountability of mass surveillance in Europe and the US and how this affects transatlantic relations. It queries whether national systems of checks and balances are still adequate in relation to the growth and the globalization of surveillance capabilities. Lacking safeguards and accountability at the national level can exacerbate in the context of transnational surveillance. It can lead to asymmetries between countries which are precisely at the core of the transatlantic rift over mass surveillance. The chapter concludes with a brief review of proposals how to reduce them. }, The innovations on which today’s Internet proliferated have been a major gift from its founders and the US government to the world. Ever since the rise of the Internet it has attracted utopian ideas of a free and borderless cyberspace, a men-made global commons that serves an international community of users. First commercialization and now the prevalence of state surveillance have significantly depreciated the utopist patina. Internet’s borderless nature which was once heralded to rise above the nation state has actually enabled some states to rise above their borders when engaging in mass surveillance that affects users on a global scale. International human rights law and emerging Internet governance principles have not been authoritative enough to protect users’ privacy and the confidentiality of communications.
More or less openly, Western democracies embarked on the path of mass surveillance with the aim to fight crime and defend national security. This chapter’s focus is on the safeguards and accountability of mass surveillance in Europe and the US and how this affects transatlantic relations. It queries whether national systems of checks and balances are still adequate in relation to the growth and the globalization of surveillance capabilities. Lacking safeguards and accountability at the national level can exacerbate in the context of transnational surveillance. It can lead to asymmetries between countries which are precisely at the core of the transatlantic rift over mass surveillance. The chapter concludes with a brief review of proposals how to reduce them. |
|
A.M. Arnbak Deltaplan voor online privacy & beveiliging Journal Article Het Financieele Dagblad, 2014. @article{,
title = {Deltaplan voor online privacy & beveiliging}, author = {A.M. Arnbak}, url = {https://www.axelarnbak.nl/2014/11/04/derde-column-in-financieele-dagblad-deltaplan-online-privacy-en-beveiliging/}, year = {2014}, date = {2014-11-06}, journal = {Het Financieele Dagblad}, note = { Column, 28 oktober 2014.
}, |
|
F.J. Zuiderveen Borgesius; S. Kulk Google Spain v. González: Did the Court forget about freedom of expression? Journal Article European Journal of Risk Regulation, (3), 2014. @article{,
title = {Google Spain v. Gonz\'{a}lez: Did the Court forget about freedom of expression?}, author = {F.J. Zuiderveen Borgesius and S. Kulk}, url = {http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2491486}, year = {2014}, date = {2014-10-30}, journal = {European Journal of Risk Regulation}, number = {3}, abstract = { In this note we discuss the controversial judgment in Google Spain v. González of the Court of Justice of the European Union (CJEU). Our focus is on the judgment’s implications for freedom of expression. First, the facts of the case and the CJEU’s judgment are summarised. We then argue that the CJEU did not give enough attention to the right to freedom of expression. By seeing a search engine operator as a controller regarding the processing of personal data on third party web pages, the CJEU assigns the operator the delicate task of balancing the fundamental rights at stake. However, such an operator may not be the most appropriate party to balance the rights of all involved parties, in particular in cases where such a balance is hard to strike. Furthermore, it is a departure from human rights doctrine that according to the CJEU privacy and data protection rights override, “as a rule”, the public’s right to receive information. In addition, after the judgement it has become unclear whether search engine operators have a legal basis for indexing websites that contain special categories of data. We also discuss steps taken by Google to comply with the judgment.
}, In this note we discuss the controversial judgment in Google Spain v. González of the Court of Justice of the European Union (CJEU). Our focus is on the judgment’s implications for freedom of expression. First, the facts of the case and the CJEU’s judgment are summarised. We then argue that the CJEU did not give enough attention to the right to freedom of expression. By seeing a search engine operator as a controller regarding the processing of personal data on third party web pages, the CJEU assigns the operator the delicate task of balancing the fundamental rights at stake. However, such an operator may not be the most appropriate party to balance the rights of all involved parties, in particular in cases where such a balance is hard to strike. Furthermore, it is a departure from human rights doctrine that according to the CJEU privacy and data protection rights override, “as a rule”, the public’s right to receive information. In addition, after the judgement it has become unclear whether search engine operators have a legal basis for indexing websites that contain special categories of data. We also discuss steps taken by Google to comply with the judgment.
|
|
F.J. Zuiderveen Borgesius Behavioural Sciences and the Regulation of Privacy on the Internet Miscellaneous 2014. @misc{,
title = {Behavioural Sciences and the Regulation of Privacy on the Internet}, author = {F.J. Zuiderveen Borgesius}, url = {http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2513771}, year = {2014}, date = {2014-10-30}, abstract = { This chapter examines the policy implications of behavioural sciences insights for the regulation of privacy on the Internet, by focusing in particular on behavioural targeting. This marketing technique involves tracking people’s online behaviour to use the collected information to show people individually targeted advertisements. Enforcing data protection law may not be enough to protect privacy in this area. I argue that, if society is better off when certain behavioural targeting practices do not happen, policymakers should consider banning them.
}, Draft chapter for the book 'Nudging and the Law - What can EU Law learn from Behavioural Sciences?', editors A-L. Sibony & A. Alemanno, Hart Publishing.
}, This chapter examines the policy implications of behavioural sciences insights for the regulation of privacy on the Internet, by focusing in particular on behavioural targeting. This marketing technique involves tracking people’s online behaviour to use the collected information to show people individually targeted advertisements. Enforcing data protection law may not be enough to protect privacy in this area. I argue that, if society is better off when certain behavioural targeting practices do not happen, policymakers should consider banning them.
|
|
van der Sloot, B. De noodzaak om privacy als publiek belang te herfomuleren Journal Article Christen Democratische Verkenningen, (3), pp. 125-132., 2014. @article{,
title = {De noodzaak om privacy als publiek belang te herfomuleren}, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1428.pdf}, year = {2014}, date = {2014-10-30}, journal = {Christen Democratische Verkenningen}, number = {3}, pages = {125-132.}, abstract = { Privacy wordt tegenwoordig geformuleerd als individueel recht dat bescherming biedt aan persoonlijke belangen. Deze benadering is echter niet langer houdbaar in Big Data-processen, die niet op specifieke individuen zijn gericht, maar potentieel eenieder betreffen. Privacy zou dan ook moeten worden geherformuleerd als maatschappelijke waarde. Een dergelijke benadering ondervangt de knelpunten van het huidige privacyparadigma en kan voorkomen dat grootscheepse gegevensverzameling door inlichtingendiensten en instellingen elementaire rechtsbeginselen schendt.
}, <p>
Privacy wordt tegenwoordig geformuleerd als individueel recht dat bescherming biedt aan persoonlijke belangen. Deze benadering is echter niet langer houdbaar in Big Data-processen, die niet op specifieke individuen zijn gericht, maar potentieel eenieder betreffen. Privacy zou dan ook moeten worden geherformuleerd als maatschappelijke waarde. Een dergelijke benadering ondervangt de knelpunten van het huidige privacyparadigma en kan voorkomen dat grootscheepse gegevensverzameling door inlichtingendiensten en instellingen elementaire rechtsbeginselen schendt.</p> |
|
van der Sloot, B. Welcome to the jungle: de aansprakelijkheid van internet-intermediairs voor privacyschendingen in Europa Journal Article SEW - Tijdschrift voor Europees en economisch recht, (10), pp. 420-431., 2014. @article{,
title = {Welcome to the jungle: de aansprakelijkheid van internet-intermediairs voor privacyschendingen in Europa}, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1429.pdf}, year = {2014}, date = {2014-10-30}, journal = {SEW - Tijdschrift voor Europees en economisch recht}, number = {10}, pages = {420-431.}, abstract = { In Europa zijn globaal drie regimes van toepassing op de aansprakelijkheid van internetintermediairs voor privacyschendingen begaan door hun gebruikers via hun netwerk. Dit zijn de e-commercerichtlijn, die providers onder bepaalde voorwaarden uitsluit van aansprakelijkheid, de Richtlijn bescherming persoonsgegevens, die providers die actief persoonsgegevens verwerken tal van plichten en verantwoordelijkheden oplegt, en de in het EVRM vervatte vrijheid van meningsuiting, die internetproviders onder voorwaarden bepaalde privileges en vrijheden toekent. Deze stelsels zijn ieder op een eigen gebied van toepassing, maar kennen ook een gedeeltelijke overlap, terwijl ze elk een geheel eigen ration en beschermingsregime kennen. In de praktijk brengt dit rechtsongelijkheid en onzekerheid met zich mee, voornamelijk voor providers die actief betrokken zijn bij de inrichting van online platforms.
}, <p>
In Europa zijn globaal drie regimes van toepassing op de aansprakelijkheid van internetintermediairs voor privacyschendingen begaan door hun gebruikers via hun netwerk. Dit zijn de e-commercerichtlijn, die providers onder bepaalde voorwaarden uitsluit van aansprakelijkheid, de Richtlijn bescherming persoonsgegevens, die providers die actief persoonsgegevens verwerken tal van plichten en verantwoordelijkheden oplegt, en de in het EVRM vervatte vrijheid van meningsuiting, die internetproviders onder voorwaarden bepaalde privileges en vrijheden toekent. Deze stelsels zijn ieder op een eigen gebied van toepassing, maar kennen ook een gedeeltelijke overlap, terwijl ze elk een geheel eigen ration en beschermingsregime kennen. In de praktijk brengt dit rechtsongelijkheid en onzekerheid met zich mee, voornamelijk voor providers die actief betrokken zijn bij de inrichting van online platforms.</p> |