EU data protection law is of great practical relevance for any company doing business in today's global information economy. This book provides a detailed and practical exposition of European data protection law in the context of the issues that arise in electronic commerce and dataprocessing. It analyses the relevant EU legislation and case-law, and makes particular reference to the EU Data Protection Directives as well as to the national regulatory systems in Europe and the US. Numerous examples are taken from practice, and advice is given on how the relevant data protectionlaws apply to and impact upon business in Europe, the US, and worldwide. Beginning with a detailed description of the legislative process, the book goes on to discuss the basic legal concepts underlying data protection law. It then focuses on how to determine whether EU law applies to particular electronic commerce and online activities, and how to transfer personal dataoutside Europe so as to comply with EU law. The book also includes a comprehensive analysis of how to deal with complex compliance challenges, including notification of databases, processing of employee data, privacy policies, and website compliance and standardization. The key legislative texts needed to deal with complex data protection issues are included in the appendices, along with forms and precedents, contact information for data protection authorities, and links to useful websites. The book is fully up-to-date with the amendments to the TelecommunicationsData Protection Directive passed in the summer of 2002.

This book focuses on various problems arising as a result of China’s e-business development. These include e-commerce aspects of the internet industry and e-governance aspects of the presiding agencies. E-privacy and online IPR protection will be of particular interest to readers, as these are important international problems that China has been trying its best to deal with for many years. Each paper in this book presents valuable guidelines and suggestions to allow readers to form a sound understanding of China’s e-business development.

Although Europe has a significant legal data protection framework, built up around EU Directive 95/46/EC and the Charter of Fundamental Rights, the question of whether data protection and its legal framework are ‘in good health’ is increasingly being posed. Advanced technologies raise fundamental issues regarding key concepts of data protection. Falling storage prices, increasing chips performance, the fact that technology is becoming increasingly embedded and ubiquitous, the convergence of technologies and other technological developments are broadening the scope and possibilities of applications rapidly. Society however, is also changing, affecting the privacy and data protection landscape. The ‘demand’ for free services, security, convenience, governance, etc, changes the mindsets of all the stakeholders involved. Privacy is being proclaimed dead or at least worthy of dying by the captains of industry; governments and policy makers are having to manoeuvre between competing and incompatible aims; and citizens and customers are considered to be indifferent. In the year in which the plans for the revision of the Data Protection Directive will be revealed, the current volume brings together a number of chapters highlighting issues, describing and discussing practices, and offering conceptual analysis of core concepts within the domain of privacy and data protection. The book’s first part focuses on surveillance, profiling and prediction; the second on regulation, enforcement, and security; and the third on some of the fundamental concepts in the area of privacy and data protection. Reading the various chapters it appears that the ‘patient’ needs to be cured of quite some weak spots, illnesses and malformations. European data protection is at a turning point and the new challenges are not only accentuating the existing flaws and the anticipated difficulties, but also, more positively, the merits and the need for strong and accurate data protection practices and rules in Europe, and elsewhere.

Conflicts of laws arising from injuries to rights of personality—such as defamation or invasion of privacy—have always been difficult, if only because they implicate conflicting societal values about the rights of freedom of speech and access to information, on the one hand, and protection of reputation and privacy, on the other hand. The ubiquity of the internet has dramatically increased the frequency and intensity of these conflicts. This book explores the ways in which various Western countries have addressed these conflicts, but also advances new, practical ideas about how these conflicts should be resolved. These ideas are part of an international model law unanimously adopted by a Resolution of the Institut de droit international, which addresses jurisdiction, choice of law, and recognition and enforcement of foreign judgments. The book provides extensive article-by-article commentary, which explains the philosophy and intended operation of the Resolution.

In the contemporary information society, organisations increasingly rely on the collection and analysis of large-scale data (popularly called ‘big data’) to make decisions. These processes, which take place largely beyond the individual’s knowledge, produce a cascade of effects that go beyond privacy and data protection. Should we focus on the possibilities of tackling these often negative effects through other areas of law, or maybe even find new solutions to cope with the dark side of big data? This ground-breaking book is the first to address this crucially important question in detail. Among the issues raised in the analysis are such vital elements as the following: − what is meant by ‘big data’; – ‘privacy’ according to the European Court of Human Rights and the Court of Justice of the European Union; – what the European Union legal framework on privacy and data protection consists of and how it functions in the light of big data; – what companies, governments and other organisations are permitted to do with big data under the current regulatory framework; – the central importance of personal autonomy; – circumstances that influence whether or not the right to privacy is triggered; – big data’s possible impact on democracy through, inter alia, potentially limiting freedom of expression; – how governmental or corporate surveillance chills the receiver’s gathering of information and ideas; – selective offering of choices or information, or manipulation of people’s ideas; – procedural aspects that influence the extrapolation of normative concepts of privacy and data protection; and – how discrimination occurs in big data. This book foregrounds a critical scrutiny of commercial uses of big data – its scale, its limited capacity for independent oversight and the expected prevalence of interference with individuals’ rights. The author’s conclusions explore possible legal alternatives to mitigate the negative impact of big data, using legal instruments, case law and legal academic literature in her analysis. Because the amount of digital data keeps growing and the private lives of individuals are increasingly taking place online – and because of the opacity of the big data process, the fundamental values that are at stake, and the speed of technological developments compared to the pace of legal reform – this comprehensive assessment of flaws in the current framework and possible practical solutions will be warmly welcomed by practitioners, policymakers and government officials in all legal fields related to privacy and data protection.

Personal data protection has become one of the central issues in any understanding of the current world system. In this connection, the European Union (EU) has created the most sophisticated regime currently in force with the General Data Protection Regulation (GDPR) of 2016. This book on this major data protection reform offers a comprehensive discussion of all principles of personal data processing, obligations of data controllers and rights of data subjects. This is the core of the personal data protection regime. GDPR is applicable directly in all Member States, providing for a unification of data protection rules within the EU. However, it poses a problem in enabling international trade and data transfers outside the EU between economies which have different data protection models in place. Among the broad spectrum of aspects of the subject covered are the following: – summary of the changes introduced by the GDPR; – new territorial scope; – key principles of personal data processing; – legal bases for the processing of personal data; – marketing, cookies and profiling; – new information clauses; – new Subject Access Requests (SARs), including the ‘right to be forgotten’ on the Internet, the right to data portability and the right to object to profiling; – new data protection by design and by default; – benefits from implementing a data protection certificate; and – data transfers outside the EU, including BCRs, SCCs and special features of EU–US arrangements. This book references many rulings of European courts, as well as interpretations and guidelines formulated by European data protection authorities, examples and best practices, making it of great practical value to lawyers and business leaders. Because of the increase in legal certainty in this area guaranteed by the GDPR, multinational corporations and their customers and contractors will benefit enormously from consulting and using this book. For practitioners and academics, researching or advising clients on this area, and government policy advisors, this book provides an indispensable source of guidance and information for many years to come.

GDPR: Personal Data Protection in the European Union Mariusz Krzysztofek Personal data protection has become one of the central issues in any understanding of the current world system. In this connection, the European Union (EU) has created the most sophisticated regime currently in force with the General Data Protection Regulation (GDPR) (EU) 2016/679. Following the GDPR’s recent reform – the most extensive since the first EU laws in this area were adopted and implemented into the legal orders of the Member States – this book offers a comprehensive discussion of all principles of personal data processing, obligations of data controllers, and rights of data subjects, providing a thorough, up-to-date account of the legal and practical aspects of personal data protection in the EU. Coverage includes the recent Court of Justice of the European Union (CJEU) judgment on data transfers and new or updated data protection authorities’ guidelines in the EU Member States. Among the broad spectrum of aspects of the subject covered are the following: – right to privacy judgments of the CJEU and the European Court of Human Rights; – scope of the GDPR and its key definitions, key principles of personal data processing; – legal bases for the processing of personal data; – direct and digital marketing, cookies, and online behavioural advertising; – processing of personal data of employees; – sensitive data and criminal records; – information obligation & privacy notices; – data subjects rights; – data controller, joint controllers, and processors; – data protection by design and by default, data security measures, risk-based approach, records of personal data processing activities, notification of a personal data breach to the supervisory authority and communication to the data subject, data protection impact assessment, codes of conduct and certification; – Data Protection Officer; – transfers of personal data to non-EU/EEA countries; and – privacy in the Internet and surveillance age. Because the global scale and evolution of information technologies have changed the data processing environment and brought new challenges, and because many non-EU jurisdictions have adopted equivalent regimes or largely analogous regulations, the book will be of great usefulness worldwide. Multinational corporations and their customers and contractors will benefit enormously from consulting and using this book, especially in conducting case law, guidelines and best practices formulated by European data protection authorities. For lawyers and academics researching or advising clients on this area, this book provides an indispensable source of practical guidance and information for many years to come.

This comprehensive textbook by the editor of Law and the Internet seeks to provide students, practitioners and businesses with an up-to-date and accessible account of the key issues in internet law and policy from a European and UK perspective. The internet has advanced in the last 20 years from an esoteric interest to a vital and unavoidable part of modern work, rest and play. As such, an account of how the internet and its users are regulated is vital for everyone concerned with the modern information society. This book also addresses the fact that internet regulation is not just a matter of law but increasingly intermixed with technology, economics and politics. Policy developments are closely analysed as an intrinsic part of modern governance. Law, Policy and the Internet focuses on two key areas: e-commerce, including the role and responsibilities of online intermediaries such as Google, Facebook and Uber; and privacy, data protection and online crime. In particular there is detailed up-to-date coverage of the crucially important General Data Protection Regulation which came into force in May 2018.

Privacy is a growing concern in the United States and around the world. The spread of the Internet and the seemingly boundaryless options for collecting, saving, sharing, and comparing information trigger consumer worries. Online practices of business and government agencies may present new ways to compromise privacy, and e-commerce and technologies that make a wide range of personal information available to anyone with a Web browser only begin to hint at the possibilities for inappropriate or unwarranted intrusion into our personal lives. Engaging Privacy and Information Technology in a Digital Age presents a comprehensive and multidisciplinary examination of privacy in the information age. It explores such important concepts as how the threats to privacy evolving, how can privacy be protected and how society can balance the interests of individuals, businesses and government in ways that promote privacy reasonably and effectively? This book seeks to raise awareness of the web of connectedness among the actions one takes and the privacy policies that are enacted, and provides a variety of tools and concepts with which debates over privacy can be more fruitfully engaged. Engaging Privacy and Information Technology in a Digital Age focuses on three major components affecting notions, perceptions, and expectations of privacy: technological change, societal shifts, and circumstantial discontinuities. This book will be of special interest to anyone interested in understanding why privacy issues are often so intractable.

The European Community (EC) has embarked on an ambitious legislative program for the new economy. In European Community Law for the New Economy professor Lucas Bergkamp analyzes the EC's current and proposed new economy legislation. The new economy, according to Bergkamp, is not only the internet, the information society, and biotechnology, but also a different kind of "old" economy, a different kind of corporate governance, and a different kind of government. Accordingly, in addition to the EC e-commerce, data protection, and biotechnology legislation, this book discusses also the grand principles of EC policy making (such as sustainable development and the precautionary principle), the theory of corporate social responsibility, and EC government reform. With its wide-ranging, insightful, and engaging analyses, and devoid of obliquity, EC Law for the New Economy is a unique publication. This book must be read by everybody who wants to gain a deeper understanding of the effects of EC legislation, the root causes of regulatory failures, and possible solutions to these problems. It is of interest to lawyers, politicians, policy makers, government officials, political scientists, advanced students and autodidacts. Lucas Bergkamp is a lawyer at the Brussels Bar and Professor of International Liability Law, Erasmus University Rotterdam - The Netherlands.