Data protection and the legitimate interest of data controllers: much ado about nothing or the winter of rights?

EU data protection law is in a process of reform to meet the challenges of the modern economy and rapid technological developments. This study analyses the legitimate interest of data controllers as a legal basis for processing personal data under both the current data protection legislation and its proposed reform. The relevant provision expands the scope of lawful processing, but is formulated ambiguously, creating legal uncertainty and loopholes in the law. The new proposed regime does not resolve the problem.Taking a“rights” perspective, the paper aims to show that the provision should be narrowly interpreted in light of the ECJ case law, and to give effect to the Charter of Fundamental Rights; a rephrasing of the norm is desirable. The provision on the legitimate interest of data controllers weakens the legal protection of data subjects

A European perspective on data processing consent through the re-conceptualization of European data protection’s looking glass after the Lisbon Treaty: Taking rights seriously

Copyright @ 2012 Kluwer Law International. Reprinted from European Review of Private Law, 20(2): 473 - 506, 2012, with permission of Kluwer Law International.EU data protection law is undergoing a process of reform to meet the challenges of the modern economy and rapid technological developments. This study re-conceptualizes data protection in the EU in light of the enactment of the Treaty of Lisbon and the Charter of Fundamental Rights of the EU. It focuses on data subjects' consent as a key component of data processing legislation - alongside the principles of purpose specification and data quality - to reinforce the view that it is a necessary, though not sufficient, tool to guarantee the declared high level of protection of individuals. To prevent confusion, conflation, or abuse of consent and safeguard the fundamental values to which it is tied, this paper puts forward that additional legal constraints and qualifications would be necessary for the enhancement of its application and enforcement. Soft or libertarian paternalism may be the key to nudge individuals towards the desired social outcome while preserving their individual autonomy. The ultimate suggestion is that EU policy makers should take rights seriously and not be seduced by and surrender to conflicting economic interests

General Data Protection Regulation (GDPR) – Revolution Coming to European Data Protection Laws in 2018. What’s New for Ordinary Citizens?

This Article concerns the EU data protection reform which will come into effect from 25th of May 2018 and will be directly applicable in all Member States. The EU data protection reform aims to build a modern and comprehensive data protection framework for the European Union. The GDPR makes a number of changes in data protection laws, e.g. it introduces new obligations for data controllers and processors, brings new status and new tasks for Data Protection Officers (DPOs), gives more rights to data subjects and most importantly completely changes the perception of data protection law by introducing rules such as privacy by design, privacy by default. The Author describes selected changes, in general, from the viewpoint of an ordinary citizen

CONSTITUTIONALSM - REFORM ON DATA PROTECTION LAW AND HUMAN RIGHTS

The purpose of this paper is to address one of the most Fundamental Freedom and Human Rights the protection of privacy, particularly under the provisions of the European Convention on Human Rights as interpreted by the Strasbourg institutions and by national courts. Article 8 of the Convention provides in its first paragraph that everyone has the right to respect for his private and family life, his home and his correspondence. This paper is focused to one of the central issues of the problem of “human rights and scientific and technological developments” i.e., the protection of the privacy. This paper is intended to achieve to explain the legal measures and the state efforts to regulate and to protect the privacy. It tries to interpret the Directive 95/46/EC of the European Parliament and of the Council and to present the major reasons for the movement towards comprehensive privacy and data protection laws.This paper seeks to arrive at conclusions that the problem is continuing even with the adoption of legal and other protections measurements, violations of privacy remain a concern. In many countries, laws have not kept up with the technology, leaving significant gaps in protections. In other countries, law enforcement and intelligence agencies have been given significant exemptions. Finally, in the absence of adequate oversight and enforcement, the mere presence of a law may not provide adequate protection.human rights, privacy, data protection, threat, technological developments.

Politik Hukum Perlindungan Anak Di Indonesia

The child is a trust and a gift from God Almighty who inherent in dignity and dignity as a human being upheld and every child born should get his rights. Child Protection is an effort by the government to reform laws aimed at ensuring the fulfillment of children's rights in order to grow, develop and participate optimally, according to human dignity and protection and violence. Identification of issues raised in this study are: (1) What is the political regulation of child protection law in Indonesia ?, (2) How is the implementation of child protection politics politics in Indonesia ?, and (3) How is the policy that can be done by government in giving protection to children which will come?The approach method used in the preparation of this research is the normative juridical approach, with secondary data as the source. The results show that the political regulation of child protection law in Indonesia begins with the existence of the Convention on the Rights of the Child expressed in Indonesia since October 5, 1990, and then Law no. 3 of 1999 concerning Juvenile Court, Law Number 39 Year 1999 on Human Rights, Law Number 23 Year 2002 on Child Protection, Law no. 35 Year 2014, until the issuance of Law No. 1 Year 2016 on Child Protection. The implementation of child protection law politics in Indonesia is still far from expected, still lack of legal protection for children either as victim or as perpetrator of crime. Policies that can be taken by the government in providing child protection in the future with legal reform efforts in Indonesia, the development of diversion and restorative justice concepts in the implementation of the Indonesian criminal justice system, and law enforcement that embodies substantive justice.Keywords: Political Law, Child Protection, In Indonesi

Employment Protection Reform, Enforcement in Collective Agreements and Worker Flows

Differential enforcement of employment protection by explicit design of the legislation, for example through exemptions for small firms, has been exploited in a growing body of research. However, little is known about the effects of differential enforcement that is not defined by the letter of the law, presumably due to the lack of data. Our study incorporates aspects of both types of differential enforcement as we combine the evaluation of a partial reform with information on the more difficult-to-observe enforcement of the same reform in collective agreements. We analyse a reform of notice periods for employer-initiated separations in Sweden, which reduced the notice periods for newly hired older workers substantially but implied minor or no changes in the notices for younger workers. The reform was initiated at different times depending on collective agreement. These circumstances provide ample opportunity for the identification of its effects. Our findings indicate heterogeneous effects across collective agreements. Despite differences in terms of dynamics and size, a positive effect on hirings is found for all agreements. In most cases, our results also show an increase in separations, indicating an increase in employment turnover. A salient feature of the results is that the estimated effects increase with the treatment dose, i.e., the size of the reduction in notice periods across different age groups.Employment protection; Hirings; Separations; Collective agreements; Matched employer-employee data

The issue of data protection and data security in the (pre-Lisbon) EU third pillar

The key functional operability in the pre-Lisbon PJCCM pillar of the EU is the exchange of intelligence and information amongst the law enforcement bodies of the EU. The twin issues of data protection and data security within what was the EU’s third pillar legal framework therefore come to the fore. With the Lisbon Treaty reform of the EU, and the increased role of the Commission in PJCCM policy areas, and the integration of the PJCCM provisions with what have traditionally been the pillar I activities of Frontex, the opportunity for streamlining the data protection and data security provisions of the law enforcement bodies of the post-Lisbon EU arises. This is recognised by the Commission in their drafting of an amending regulation for Frontex , when they say that they would prefer “to return to the question of personal data in the context of the overall strategy for information exchange to be presented later this year and also taking into account the reflection to be carried out on how to further develop cooperation between agencies in the justice and home affairs field as requested by the Stockholm programme.” The focus of the literature published on this topic, has for the most part, been on the data protection provisions in Pillar I, EC. While the focus of research has recently sifted to the previously Pillar III PJCCM provisions on data protection, a more focused analysis of the interlocking issues of data protection and data security needs to be made in the context of the law enforcement bodies, particularly with regard to those which were based in the pre-Lisbon third pillar. This paper will make a contribution to that debate, arguing that a review of both the data protection and security provision post-Lisbon is required, not only in order to reinforce individual rights, but also inter-agency operability in combating cross-border EU crime. The EC’s provisions on data protection, as enshrined by Directive 95/46/EC, do not apply to the legal frameworks covering developments within the third pillar of the EU. Even Council Framework Decision 2008/977/JHA, which is supposed to cover data protection provisions within PJCCM expressly states that its provisions do not apply to “Europol, Eurojust, the Schengen Information System (SIS)” or to the Customs Information System (CIS). In addition, the post Treaty of Prüm provisions covering the sharing of DNA profiles, dactyloscopic data and vehicle registration data pursuant to Council Decision 2008/615/JHA, are not to be covered by the provisions of the 2008 Framework Decision. As stated by Hijmans and Scirocco, the regime is “best defined as a patchwork of data protection regimes”, with “no legal framework which is stable and unequivocal, like Directive 95/46/EC in the First pillar”. Data security issues are also key to the sharing of data in organised crime or counterterrorism situations. This article will critically analyse the current legal framework for data protection and security within the third pillar of the EU

Systems thinking, big data, and data protection law: Using Ackoff’s Interactive Planning to respond to emergent policy challenges.

This document is the Accepted Manuscript of the following article: Henry Pearce, ‘Systems Thinking, Big Data, and Data Protection Law Using Ackoff’s Interactive Planning to Respond to Emergent Policy Challenges’, European Journal of Law Reform, Issue 4, 2016, available online at: https://www.elevenjournals.com/tijdschrift/ejlr/2016/4/EJLR_1387-2370_2016_018_004_004This article examines the emergence of big data and how it poses a number of significant novel challenges to the smooth operation of some the European data protection framework’s fundamental tenets. Building on previous research in the area, the article argues that recent proposals for reform in this area, as well as proposals based on conventional approaches to policy making and regulatory design more generally, will likely be ill-equipped to deal with some of big data’s most severe emergent difficulties. Instead, it is argued that novel, and possibly unorthodox approaches to regulation and policy design premised on systems thinking methodologies may represent attractive and alternative ways forward. As a means of testing this general hypothesis, the article considers Interactive Planning, a systems thinking methodology popularised by the organisational theorist Russel Ackoff, as a particular embryonic example of one such methodological approach, and, using the challenges posed by big data to the principle of purpose limitation as a case study, explores whether its usage may be beneficial in the development of data protection law and policy in the big data environment.Peer reviewedFinal Accepted Versio

Protecting Information Privacy

This report for the Equality and Human Rights Commission (the Commission) examines the threats to information privacy that have emerged in recent years, focusing on the activities of the state. It argues that current privacy laws and regulation do not adequately uphold human rights, and that fundamental reform is required. It identifies two principal areas of concern: the state’s handling of personal data, and the use of surveillance by public bodies. The central finding of this report is that the existing approach to the protection of information privacy in the UK is fundamentally flawed, and that there is a pressing need for widespread legislative reform in order to ensure that the rights contained in Article 8 are respected. The report argues for the establishment of a number of key ‘privacy principles’ that can be used to guide future legal reforms and the development of sector-specific regulation. The right to privacy is at risk of being eroded by the growing demand for information by government and the private sector. Unless we start to reform the law and build a regulatory system capable of protecting information privacy, we may soon find that it is a thing of the past

Misuse of Personal Data as a Crime from a Cyber Law Perspective

The purpose of this research report is to establish legal protection rules for the use of personal data to ensure legal certainty for the community and the role of law enforcement in preventing future crimes related to misuse of personal data. on personal criminal law the right to reform. The research method uses normative legal research. Opinion of these comments, to guarantee legal certainty, it is necessary to stipulate a special Perpu that establishes and harmonizes the protection of personal data in a detailed, clear, systematic and comprehensive manner, in order to create a coordinating mechanism. law enforcement agency. In this context, the researcher proposes to make rules governing the application of criminal sanctions with a warning effect, as well as restructuring and drafting rules related to current regulations in the field of personal data