Foreword
About This Book
Contents
Editors and Contributors
Problems
Transparency of Digital Providers and Digital Divide
1 Towards the Consolidation of the Single European Market
2 A New Liability Regime: From the Model of Dir. 2000/31/CE to Date
3 Transparency in the Digital Providers’ Activity
3.1 Transparency in the GDPR
3.2 The Transparency of the Digital Services Act
4 The Web User as a Consumer
5 Conclusions
References
Authorities and Private Companies in Regulating Software Technologies
1 From the Public Control of the Data to the Regulation of Its Flow
2 Personal Data Flow and Qualification of the Underlying Relationship
3 The Contract and the Definition of the Models
4 The Data Market Affected by the Regulation
References
Liability and Accountability in the ‘Digital’ Relationships
1 The Complexity of the Liability Regulation Within the Digital Relationships in the EU Law and the Domestic Law
2 The Liability of the Data Controller and the Principle of Accountability. Article 82 of the GDPR
3 The Nature of Responsibility Under Art. 82 GDPR
References
Social Media, Mobile Apps and Children Protection
1 The Role of the ‘Environment’ for Child Development
2 The Contribution of Education
3 Hard Law and Soft Law
4 Protecting Children in the Digital Age
5 Child Vulnerability in the Digital World
6 Cyberbullying and Digital Contents
7 The EU’s Audiovisual Media Services Directive
8 Concluding Remarks
References
Perspectives
Personal Data, Non-personal Data, Anonymised Data, Pseudonymised Data, De-identified Data
1 Personal Data, Non-personal Data
2 Anonymised Data
3 Pseudonymised Data, De-identified Data
References
Personal Data as Counter-Performance
1 Introduction
2 The Development of the Notion of Personal Data and the Requirements for Their Processing
3 The Circulation of Personal Data from the Perspective of the Law of Obligations
3.1 Personal Data as Counter-Performance and the Notion of Price
3.2 The Role of the Consent to the Processing of Personal Data
3.3 Personal Data as Counter-Performance and Coordination with Directive 2011/83/EU on Consumer Rights and with Directive 2005/29/EC on Unfair Commercial Practices
3.4 The Withdrawal of Consent to the Processing of Personal Data: Effects on the Contract for the Supply of Digital Content and Digital Services and the Problematic Coordination with the Directive 2011/83/EU on Consumer Rights
4 Concluding Remarks
References
Cookies and the Passive Role of the Data Subject
1 Technological Features and Legal Regulation of Cookies
2 The Problem of Consent to Cookies
3 Technological and Legal Future of Cookies
References
Data Management Tools and Privacy by Design and by Default
1 Data Management Tools (DMTs) and Main Legal Issues on Data Protection Law
2 Privacy by Design and by Default. Privacy Design Pattern and Privacy Dashboard
3 Application Issues
3.1 Excessive Vagueness of the Obligation and Difficult Identification of Contents
3.2 Doubts on the Existence of the ‘Hardcoding’ Obligation
3.3 On the Appropriateness Criteria of the Measures
3.4 On the Recipients of the Obligation
4 A Look Forward: European Data Governance
References
Reconciling Data Protection and Cybersecurity: An Operational Approach for Business Sector
1 The Legal Framework. A Business Perspective
2 Datasets: Data Minimisation, Storage Limitation, and Confidentiality
3 Risk Assessment and Security Management
4 Reporting Obligations
5 Business Continuity, Disaster Recovery, and Resilience
6 Conclusions
References
Copyright and Data Protection
1 Objects of Exploration
1.1 Protection Granted to Software
1.2 Protection Granted to Data
2 Personal and Non-personal Data, Data Protection and Copyright
2.1 Personal Data ‘Per se’ and Copyright
2.2 Copy of Personal Data and Copyright
2.3 Copy of Personal Data and Copyright Protection of Software
2.4 Copy of Personal Data, Sui Generis Database Protection and Copyright
2.5 Right of Rectification and Copyright
3 Processing of Data, Data Analytics and Machine Learning
3.1 Data Mining for Training the Algorithmic Process
3.2 Data Generated Works Performed by the Algorithmic Process
References
Applicable Solutions
eHealth and Data
1 eHealth and the Development of Multiple Technological Solutions to Improve Health and Medical Care
2 Health Data and Their Necessary Qualification in Practice
3 Lawfulness of the Processing of Health Data and Mitigation of the Participatory Dimension of the Data Subject
4 The Rights of the Data Subject Relating to the Control of the Flow of Health Data: In Particular, the Right of Access to Data Relating to His State of Health
4.1 A Unique Form of Access to Data: The Electronic Health File Is One of the Mainstays of eHealth
4.2 The Main Problematic Issues of the ESF. The Central Role of Metadata in the Effective Interoperability of ESF
4.3 The Implementation of the Operability of the ESF and the Mitigation of the Limitation of the Right to Data Portability. The Right to Erasure: Limitations. The Impact of the Right to Request for Obscuration of Health Data on the Right to Erasure
5 The Role Played by Artificial Intelligence on the Processing of Personal Data. Problematic Aspects
5.1 The Legal Basis of the Processing by Artificial Intelligence in the Case of Support to the Healthcare Professional and in the Case of Automated Processing of Health Data
5.2 The Silence of the Legislator, Either European or National, on the Delicate Issue of the Automated Processing of Health Data by Artificial Intelligence. The Re-use of Health Data by an Intelligent Health System. The Adoption of Specific Measures to Guarantee the Data Subject in the Case of Health Care and Development of Scientific Research. The Confirmation of the Centrality and Delicate Role of the Interpreter Who Will Have to Balance the Needs of Privacy and Data Protection with the Prevailing Requests for Health Protection
References
Location Data and Privacy
1 About Location Data
2 European Framework
3 Some Selected Cases
3.1 Location of Employees
3.2 Smart Vehicles
3.3 Contact Tracing
References
Rise and Fall of Tracing Apps
1 Introduction
2 The Complexity of Legal Transplants
3 Technical Inadequacies
4 Digital Divide
5 Organizational Failures
6 The GDPR Totem
7 The Issue of Public Trust
8 Some Lessons for the Future
References
Privacy, Software and Insurance
1 Definitions
2 Software in Distribution: Profiling Clients, Checklists, and Compliance
3 Software to Reduce Risk and Monitor Claims
4 Key Points on GDPR and Insurance
References
IoT and Privacy
1 IoT in the Current Digital Society
2 Data Flow in IoT
3 The Application Limits of the GDPR
4 Privacy by Design and Security by Design in IoT
5 Conclusions
References
Blockchain and Privacy
1 Blockchain and Data Protection: A Twofold Relation
2 Blockchain and Data Exposure
3 The Problematic Regulation of Blockchains and the Example of Smart Contracts
4 Rules and Principles on Privacy Matters and the Blockchain: The Case of EU Data Protection Laws
5 Conclusions
References
Enhancing Transparency of Data Processing and Data Subject’s Rights Through Technical Tools: The PIMS and PDS Solution
1 Increasing User Awareness in the Era of Datafication
2 A Matter of Transparency: the PIMS Technical Standard
3 A Matter of ‘Design’: How to Choose Transparency Enhancing Tools
4 PDS: A Winning Model?
5 Transparency as a ‘Tool’ for the Democratic Regulation of Technology
References
Explainability Due Process: Legal Guidelines for AI-Based Business Decisions
1 Introduction
2 Article 22(1) and (2) GDPR: Scope of Application and Exceptions
3 Article 22(3) GDPR: Suitable Safeguards and the Right to a Two-Phase Explanation
4 Pre-Claim Explanatory Duties
5 Post-Claim Explanatory Duties
References