Search results for "Data Protection"
showing 10 items of 73 documents
Self-validating bundles for flexible data access control
2016
Modern cloud-based services offer free or low-cost content sharing with significant advantages for the users but also new issues in privacy and security. To protect sensitive contents (i.e., copyrighted, top secret, and personal data) from the unauthorized access, sophisticated access management systems or/and decryption schemes have been proposed, generally based on trusted applications at client side. These applications work also as access controllers, verifying specific permissions and restrictions accessing user’s resources. We propose secure bundles (S-bundles), which encapsulate a behavioral model (provided as bytecode) to define versatile stand-alone access controllers and encoding/d…
Mass data gathering and surveillance: the fight against facial recognition technology in the globalized world
2020
The growing use of facial recognition technologies has put them under the regulatory spotlight all around the world. The EU considers to regulate facial regulation technologies as a part of initiative of creating ethical and legal framework for trustworthy artificial intelligence. These technologies are attracting attention of the EU data protection authorities, e.g. in Sweden and the UK. In May, San Francisco was the first city in the US to ban police and other government agencies from using facial recognition technology, soon followed by other US cities. The paper aims to analyze the impact of facial recognition technology on the fundamental rights and values as well as the development of…
COVID-19 Contact Tracing and Data Protection Can Go Together
2020
We discuss the implementation of app-based contact tracing to control the coronavirus disease (COVID-19) pandemic and discuss its data protection and user acceptability aspects.
Garantías legales del concepto de privacidad: Entre el derecho al olvido y el nuevo reglamento europeo de protección de datos
2018
The operation of new technologies and the supply of digital goods involves for users to disclose their personal data. The market data is already a reality with the danger that this entails for the privacy of citizens. The new General Data Protection Regulation has created a new legal framework that aims to radically change the current model, giving users greater powers to control their data. A good example of this is the express statement, and for the first time, of the right to be forgotten, which allows citizens to digitally erase their data when other fundamental rights are endangered.
Reflexiones a propósito de la protección de datos en el escenario global digital: El derecho de daños en la litigiosidad internacional
2021
La circulación internacional de datos personales constituye un sector pujante en la esfera socio-económica. En tales condiciones, ante la existencia de un tratamiento ilícito de aquellos, el agraviado está legitimado para exigir una indemnización por los daños y perjuicios que se hubieran podido originar en el marco transfronterizo. Tal situación plantea dos cuestiones fundamentales: por un lado, determinar el órgano jurisdiccional competente para conocer de un eventual litigio, y, por otro, precisar la Ley aplicable para resolver la controversia suscitada. En la presente investigación cabe destacar las significativas novedades que introduce el Reglamento (UE) 2016/679, de 27 de abril de 20…
Electronic identity verification: personal data protection challenges and risks
2020
This work highlights the clash of GDPR, eIDAS Regulation and PSD2 Directive, as well as tackles challenges of implementation in practice, specifically the challenges of securing personal data whilst ensuring an electronic identity. A comparative analysis on practical case studies which are concerned with electronic identity verification, electronic identity establishment and use electronic identity verification in the process of providing services is carried out in order to understand how such businesses tackle personal data challenges, how successfully and to what manner. The work concludes with findings of legal uncertainty between all three regulatory acts, as they lack unified definitio…
Application of the Article 28 (3) of the General Data Protection Regulation in contemporary Software as a Service (“SaaS”) business.
2019
For the purposes of this thesis, regulatory requirements associated with the Data Processing Agreement (DPA) are subject to interpretation in the context of SaaS delivery models widely adopted by prominent SaaS providers. In addition, the author argues that, multiple parties processing personal data leads to problems in determining the correct processing role. Thereby, parties may struggle in meeting the requirements of Article 28 (3) of the General Data Protection Regulation (GDPR). Failure to ensure that processing is covered by the proper DPA is regarded as an infringement of the GDPR. For that reason, the thesis seeks to stress out complications associated with structuring DPA’s and pro…
Challenges of free data flow between the EU and US: can EU-US privacy shield ensure co-operation?
2020
The following thesis aims to provide an insight into the way US and EU data protection regulations compare to each other and how those can harmonized in the future with an idea to make it easier to understand how cross-country business might operate in this environment and whether there could be any harmonization opportunities to provide less burden on businesses in trying to comply with different laws across Atlantics. The research question of the thesis therefore is “Is current framework for data transfers between EU-US relevant and stable for future challenges in data protection field?” and “If not, then how two legal systems can be better harmonized based on the analysis of both of them…
Data as an asset in an insolvency procedure
2021
When a business becomes insolvent, assets that has selling value prevails within the insolvency process. Understanding if personal data can be classified as an asset and whether it can be sold when facing insolvency proceedings is determined in this Thesis. General Data Protection Regulation safeguards personal data of the EU data subjects including processing of such data. This regulation protects the EU data subjects also outside of the EU or EEA. Processing that includes sale of personal data is made possible if full compliance with the Regulation is applied. Legal basis for such processing that is required for the processing to be legal includes legal obligation arising from insolvency.…
Mobile Phone Data Statistics as Proxy Indicator for Regional Economic Activity Assessment
2019
The mobile data analysis is an authoritative source of information for problems solving in the fields of human activity recognition, population dynamics, tourism, transport planning, traffics measuring, public administration and other activities and could be the source for valuable information as a proxy indicator. One of the obstacles to user data from mobile operators is compliance to the General Data Protection Regulation, so the development of data analytics approach that protects personal data without a necessity to identify mobility of particular persons was developed, that still provides economically relevant data. In the present research, the method for the economic activity assessm…