Data protection law Books

Book SynopsisElgar Advanced Introductions are stimulating and thoughtful introductions to major fields in the social sciences, business and law, expertly written by the world’s leading scholars. Designed to be accessible yet rigorous, they offer concise and lucid surveys of the substantive and policy issues associated with discrete subject areas.This timely Advanced Introduction traces the evolution of consumer data privacy laws in the US through a historical lens, and then sets out the current state of play. Waldman describes how privacy laws benefit corporate interests, and highlights the deficiencies of the present approach to the surveillance economy. In looking to the future, the author advocates a radical new way of thinking about the goals and tools of privacy law and provides a roadmap for avoiding privacy nihilism by rejuvenating public governance and protecting privacy in the digital age.Key Features: Concise and accessible approach to a fast-changing area Novel conceptualisation of first, second, and third waves of privacy law In-depth critique of current and historic privacy law, challenging traditional literature Focuses on practical ways to address.– deficiencies of current laws The Advanced Introduction to U.S. Data Privacy Law will be an invaluable resource for students and scholars of privacy, as well as those in information, media and technology law. It will also be an essential guide for policy-makers and privacy lawyers seeking to understand the past, present, and future of data privacy.Trade Review‘Waldman has given us an indispensable critical reflection on US privacy law. This concise book is beautifully written, and its description and diagnosis are crystal clear. It provides a compelling alternative to our failed “notice and choice” and managerial approaches to privacy law. This is a vital intervention.’ -- Woodrow Hartzog, Boston University, US and author of Privacy’s Blueprint: The Battle to Control the Design of New Technologies‘Ari Waldman has written a superb and insightful critique of privacy law, chronicling where it has been, where it is now, and where it needs to go to achieve the kind of privacy all people need to flourish. And, importantly, this book is accessible. Policymakers need to read this. Students and professors will find it illuminating and clear. Anyone interested in privacy will learn from it.’ -- Danielle Keats Citron, University of Virginia School of Law, US, and author of The Fight for Privacy‘Professor Waldman provides a superb overview of the complex body of law regulating privacy. He offers a blistering critique of the law for often doing more harm than good. Accessible and succinct, Waldman’s account of privacy law is illuminating and thought-provoking.’ -- Daniel J. Solove, George Washington University Law School, US, and author of Understanding PrivacyTable of ContentsContents: Preface 1. Introduction to U.S. data privacy law PART I PRIVACY LAW’S FIRST WAVE. 2. The first wave of notice-and-consent 3. The illusions of the first wave PART II PRIVACY LAW’S SECOND WAVE 4. Rights and compliance 5. The weaknesses of individual privacy rights 6. Symbolic compliance and the managerialization of privacy law PART III PRIVACY LAW’S THIRD WAVE 7. Alternatives to the first and second waves 8. Conclusions on U.S. Data Privacy Law Bibliography Index

Read more less

Book SynopsisData Protection, Privacy and Information Lawprovides clear and accessible guidance on thenumerous aspects of information law commonly encountered by legal practitioners.

Read more less

Book SynopsisThis Research Handbook is an insightful overview of the key rules, concepts and tensions in privacy and data protection law. It highlights the increasing global significance of this area of law, illustrating the many complexities in the field through a blend of theoretical and empirical perspectives. Providing an excellent in-depth analysis of global privacy and data protection law, it explores multiple regional and national jurisdictions, bringing together interdisciplinary international contributions from Europe and beyond. Chapters cover critical topics in the field, including key features of the General Data Protection Regulation (GDPR), border surveillance, big data, artificial intelligence, and biometrics. It also investigates the relationship between privacy and data protection law and other fields of law, such as consumer law and competition law. With its detailed exploration and insights into privacy and data protection, this Research Handbook will prove a useful resource for information and media law students as well as academics researching fields such as data protection and privacy law and surveillance or security studies.Trade Review‘The editors, three leaders in the field, have structured this Research Handbook well, starting with a global survey of developments in key regions. The relationships between data protection and other disciplines (or other branches of law) continue this comprehensive approach. Finally, issues concerning key types of personal data, or situations of their use, are highlighted. Many chapter contributors are well known leaders in the field, and the others are emerging scholars expert in the cutting-edge issues that they cover.’ -- Graham Greenleaf, University of New South Wales, AustraliaTable of ContentsContents: Introduction to Research Handbook on Privacy and Data Protection Law 1 Gloria González Fuster, Rosamunde Van Brakel and Paul De Hert PART I GEOGRAPHICAL PERSPECTIVES 1 Privacy and data protection in Europe: Council of Europe’s Convention 108+ and the European Union’s GDPR 10 Cécile de Terwangne 2 Post-Brexit data protection in the UK – leaving the EU but not EU data protection law behind 35 Karen McCullagh 3 Understanding American privacy 59 Neil Richards, Andrew Serwin and Tyler Blake 4 The justiciability of data privacy issues in Europe and the US 72 Karlijn van den Heuvel and Joris van Hoboken 5 Canadian privacy law and the post war freedom of information paradigm 108 Jonathon W. Penney 6 Data protection laws in Japan 127 Hiroshi Miyashita 7 Data protection in Latin America 139 Mónica Arenas Ramiro PART II INTER-AND TRANS-DISCIPLINARY PERSPECTIVES ON PRIVACY AND DATA PROTECTION 8 Social values and privacy law and policy 160 Priscilla M. Regan 9 Media and communication studies, privacy and public values: Future challenges 175 Jo Pierson 10 From law to engineering: A computer science perspective on privacy and data protection 196 Ninja Marnau and Christoph Sorge 11 Privacy, data protection, and security studies 213 Matthias Leese 12 Data protection and consumer protection: The empowerment of the citizen-consumer 228 Damian Clifford 13 Data protection and competition law: The dawn of ‘uberprotection’ 248 Gabriela Zanfir-Fortuna and Sînziana Ianc PART III HOT TOPICS IN PRIVACY AND DATA PROTECTION 14 Privacy, data protection and the role of European Courts: Towards judicialisation and constitutionalisation of European privacy and data protection framework 273 Maja Brkan 15 Surveillance at the borders: Travellers and their data protection rights 302 Diana Dimitrova 16 Big data and data protection 335 Alessandro Mantelero 17 Data protection and children’s online privacy 354 Valerie Steeves and Milda Mačėnaitė 18 Biometric data processing: Is the legislator keeping up or just keeping up appearances? 371 E.J. Kindt 19 Co-regulation and competitive advantage in the GDPR: Data protection certification mechanisms, codes of conduct and data protection-by-design 398 Maximilian von Grafenstein 20 Automated decision-making and data protection in Europe 428 Gianclaudio Malgieri Index

Read more less

Book SynopsisDr Paul Lambert BA LLB LLM, TMA, CTMA, professor, visiting research fellow, qualified lawyer, PhD, CDPO, CIPP/E, CRISC, and editor, has been publishing articles in legal and business journals (including the European Intellectual Property Review) on topics such as data protection, the internet, intellectual property and courtroom broadcasting for many years. He was nominated for the Picasso Privacy Award and the Inner Temple Book Prize.Paul is the author of a number of books, including Data Protection and Data Transfers Law (2023), Gringras: The Laws of the Internet (6th edition, 2022), and Data Protection, Privacy Regulators and Supervisory Authorities (2020), all published by Bloomsbury Professional.

Read more less

Book SynopsisProviding comparative analysis that examines both Western and non-Western legal systems, this wide-ranging Handbook expands and enriches the existing privacy and defamation law literature and addresses the fundamental issues facing today's scholars and practitioners. Comparative Privacy and Defamation provides insightful commentary on issues of theory and doctrine, including the challenges of General Data Protection Regulations (GDPR) and the impact of new technologies on the law. Chapters explore the origins and development of the right to privacy, privacy rights of photographic subjects and defamation by photo-manipulation, and the right to be forgotten. Containing contributions from expert international scholars, this comprehensive Handbook investigates the liability of internet intermediaries in cases of defamation and the emerging problem of global injunctions before concluding with eight country focussed studies. Engaging and accessible, this Handbook will be a key resource for students and scholars researching in the fields of privacy and defamation law, internet and technological law and information and media law. Contributors include: T.D.C. Bennett, S. Bretthauer, J. Campbell, P. Coe, M. Cornils, S.C. Ekaratne, A. Gajda, G. Gil, A. Koltay, R. Krotoszynski, J. Kulesza, D. Mangan, D. Milo, R. Moosavian, J. Oster, K.S. Park, M. Pearson, J. Reichel, D. Rolph, J. Shimizu, D.N. Staiger, R.L. Weaver, R.H. Weber, P. Wragg, M.N. Yan, V. Zeno-ZencovichTrade Review'Comparative Privacy and Defamation couldn't be more timely and relevant to freedom of expression academics and practitioners in the global 21st century. More wide-ranging and in-depth than other similar publications, the book is a remarkable contribution to international, foreign, and comparative law. Its topical comprehensiveness and authorial diversity and prestige will make the volume a must read for those interested in the subject.' --Kyu Ho Youm, University of Oregon, US'Wragg and Koltay's thought-provoking book makes an important contribution to the literature. They have brought together an impressive group of experts from the world scene. Whereas most books speak narrowly to the Western picture of defamation and privacy law, theirs is a refreshing take by bringing in wider, global perspectives. In doing so, they are strikingly effective in raising new ideas and asking new questions at a time when the political climate is calling out for both.' --Alastair Mullis, University of Leeds, UKTable of ContentsContents: Introduction Paul Wragg and András Koltay Theoretical considerations 1. The origins and development of the right to privacy John Campbell 2. Privacy and incrementalism Thomas D.C. Bennett 3. Theories of reputation Jan Oster 4. Separated by a common language: The anti-paternalism principle in US and English defamation and privacy law Paul Wragg Privacy laws compared 5. Weighing content: Can expression be more or less important? Categorical or case by case balancing and its (respective) disposition to rank relevance of communication Matthias Cornils 6. What is it the public has a right to know? The right to privacy for public officials and the right access to official documents – European and Swedish perspectives Jane Reichel 7. Do we need to separate privacy and reputation? USA, Europe and Korea compared Kyung Sin Park 8. Public Image (Un)Limited: Privacy rights of the photographic subject in England and New York compared Rebecca Moosavian 9. What newsworthiness means Amy Gajda 10. Defamation by photo-manipulation under New Zealand law S. Che Ekaratne Data protection 11. A European and German perspective on data protection law in a digitised world Sebastian Bretthauer 12. Right to be forgotten in the global information economy Joanna Kulesza 13. Enforcing privacy through individual data access rights – a comparative study Rolf H. Weber and Dominic N. Staiger Defamation laws compared 14. Defamation: A half-century of changes (more or less) Russell L. Weaver 15. A comparative analysis of the treatment of corporate reputation in Australia and the UK Peter Coe Defamation, PRIVACY and New technologies 16. Liability of Internet intermediaries for defamation: Beyond publication and innocent dissemination David Rolph 17. Defamation on the Internet: The role and responsibilities of gatekeepers András Koltay 18. Privacy, remedies and comity: The emerging problem of global injunctions and some preliminary thoughts on how best to address it Ron Krotoszynski Country chapters 19. Free speech and the rights relating to the personality involving politicians in French law Guilhem Gil 20. Italian defamation and privacy law from a comparative perspective Vincenzo Zeno-Zencovich 21. Canadian defamation and privacy law in comparative context David Mangan 22. Privacy and defamation in Australia: A post-colonial tango, or the operation of privacy and defamation in Australia without formal constitutional free expression protections Mark Pearson and Virginia Leighton-Jackson 23. South Africa’s reasonable publication defence and the United Kingdom’s public interest defence: Two sides of the same coin? Dario Milo 24. Defamation and privacy law in Japan – from a comparative perspective Jun Shimizu 25. The Chinese defamation law four decades on (1979–2019): Legal rules versus political uncertainties Mei Ning Yan Index

Read more less

Book SynopsisThe Law Enforcement Directive 2016/680 (LED) is the first legal instrument in the EU which comprehensively regulates the use of personal data by law enforcement authorities, creating a minimum standard of privacy protection across the EU. Together with the General Data Protection Regulation (GDPR), it stands at the heart of the legal reform of the EU''s data protection law. Although it was adopted at the same time as the GDPR, the LED has not received the same scholarly attention, despite its significant impact and controversial implementation in Member States.The EU Law Enforcement Directive (LED): A Commentary addresses this by providing an article-by-article commentary on the Directive. Drawing on the expertise of leading scholars, regulators, and practitioners in the EU data protection field, it offers a detailed analysis of its legal provisions, drawing on relevant case law and scholarship to illuminate the key aspects and intricacies of each provision. It analyses national transpTable of ContentsTeresa Quintel and Eleni Kosta: Background and Evolution of the EU Law Enforcement Directive (LED) Paul de Hert and Juraj Sajfert: Council of Europe Nóra Ní Loideáin: Brexit Juraj Saifert: National Implementations Part 1: General Provisions (Articles 1-3) Magdalena Brewczy'nska: Article 1 Subject Matter and Objectives Plixavra Vogiazoglou: Article 2 Scope Luca Tosoni and Lee A. Bygrave: Article 3 Definitions Part II: Principles (Articles 4-11) Bart Van Der Sloot: Article 4 Principles Relating to Processing of Personal Data Mark Leiser and Bart Custers: Article 5 Time-Limits for Storage and Review Teresa Quintel and Valsamis Mitsilegas: Article 6 Distinction between Different Categories of Data Subject Maria Tzanou: Article 7 Distinction between Personal Data and Verification of Quality of Personal Data Maria Tzanou: Article 8 Lawfulness of Processing Maria Tzanou: Article 9 Specific Processing Conditions Catherine Jasserand: Article 10 Processing of Special Categories of Personal Data Thilo Gottschalk: Article 11 Automated Individual Decision-Making Part III: Rights of the Data Subjects (Articles 12-18) Gloria González Fuster: Article 12 Communication and Modalities for Exercising the Rights of the Data Subject Gloria González Fuster: Article 13 Information to be Made Avaliable or Given to the Data Subject Diana Dimitrova: Article 14 Right of Access by the Data Subject Diana Dimitrova: Article 15 Limitations to the Right of Access Diana Dimitrova: Article 16 Right to Rectification or Erasure of Personal Data and Restriction of Processing Vanessa Franssen and Marine Corhay: Article 17 Exercise of Rights by the Data Subject and Verification by the Supervisory Authority Vanessa Franssen and Marine Corhay: Article 18 Rights of the Data Subject in Criminal Investigations and Proceedings Part IV Controller and Processor (Articles 19-34) Thomas Zerdick: Article 19 Obligations of the Controller Lilian Mitrou: Article 20 Data Protection by Design and by Default Teresa Quintel: Article 21 Joint Controllers Anna Mo'scibroda: Article 22 Processor Anna Mo'scibroda: Article 23 Processing under the Authority of the Controller or Processor Mireille M. Caruana: Article 24 Records of Processing Activity Michael Veale: Article 25 Logging Maria Helen Murphy: Article 26 Cooperation with the Supervisory Authority Marit Hansen: Article 27 Data Protection Impact Assessment Marit Hansen: Article 28 Prior Consultation of the Supervisory Authority Christiana Markou: Article 29 Security of Processing Xavier Tracol: Article 30 Notification of a Personal Data Breach to the Supervisory Authority Xavier Tracol: Article 31 Communication of a Personal Data Breach to the Data Subject Christian Wiese Svanberg: Article 32 Designation of the Data Protection Officer Christian Wiese Svanberg: Article 33 Position of the Data Protection Officer Christian Wiese Svanberg: Article 34 Tasks of the Data Protection Officer Part V Transfers of Personal Data to Third Countries or International Organisations (Articles 35-40) Franziska Boehm: Article 35 General Principles for Transfers of Personal Data Laura Drechsler: Article 36 Transfers on the basis of an Adequacy Decision Laura Drechsler: Article 37 Transfers Subject to Appropriate Safeguards Irene Kamara: Article 38 Derogations for Specific Situations Thomas Marquenie: Article 39 Transfers of Personal Data to Recipients Established in Third Countries Joost Gerritsen: Article 40 International Cooperation for the Protection of Personal Data Part VI Independent Supervisory Authorities (Articles 41-49) Jeanne Pia Mifsud Bonnici and Ritumbra Manuvie: Article 41 Supervisory Authority Jeanne Pia Mifsud Bonnici and Ritumbra Manuvie: Article 42 Independence Hielke Hijmans and Rosamunde van Brakel: Article 43 General Conditions for the Members of the Supervisory Authority Hielke Hijmans and Rosamunde van Brakel: Article 44 Rules on the Establishment of the Supervisory Authority T.J. McIntyre: Article 45 Competence T.J. McIntyre: Article 46 Tasks T.J. McIntyre: Article 47 Powers Grigorios Tsolias: Article 48 Reporting of Infringements Grigorios Tsolias: Article 49 Activity Reports Part VII Cooperation (Articles 50-51) Mireille M. Caruana: Article 50 Mutual Assistance Ignacio Gómez Navarro: Article 51 Tasks of the Board Part VIII Remedies, Liability, and Penalties (Articles 52-57) Herke Kranenborg: Article 52 Right to Lodge a Complaint with a Supervisory Authority Herke Kranenborg: Article 53 Right to an Effective Judicial Remedy Against a Supervisory Authority Evelien Brouwer: Article 54 Right to an Effective Judicial Remedy Against a Controller or Processor Niovi Vavoula: Article 55 Representation of Data Subjects Niovi Vavoula: Article 56 Right to Compensation Niovi Vavoula: Article 57 Penalties Part IX Implementing Act (Article 58) Luca Tosoni: Articles 58 Committee Procedure Chapter X Final Provisions (Articles 59-65) Luca Tosoni: Article 59 Repeal of Framework Decision 2008/977/JHA Anna Mo'scibroda: Article 60 Union Legal Acts already in Force Anna Mo'scibroda: Article 61 Relationship with Previously Concluded International Agreements in the Field of Judicial Cooperation in Criminal Matters and Police Cooperation Anna Mo'scibroda: Article 62 Commission Reports Jonida Milaj: Article 63 Transposition Jonida Milaj: Article 64 Entry into Force Eleni Kosta: Article 65 Addressees

Read more less

Book SynopsisThis leading handbook offers practical guidance on data protection issues within the UK. Now fully updated with the Data Protection Act 2018 and the Brexit legislation, the handbook remains indispensable for students and professionals working on data protection compliance.Trade ReviewTo pull together such a comprehensive guide, Carey has worked with expert contributors from practice... Overall, I would highly recommend this book. It offers a comprehensive and timely guide to UK data protection law, which will be of real practical value to data protection practitioners, particularly in light of the UK's withdrawal from the EU. Furthermore, it would also be of value to academics specialising in this area of law who are interested in the practical interpretation and application of data protection legislation. * Dr Peter Coe, University of Reading, Computer and Telecommunications Law Review *[T]his is one of the most well-researched reference works on the subject ... The book overall makes an important addition to the library of every data privacy, data protection and security practitioner in the UK. * Ardi Kolah, Queen's University Belfast, Journal of Data Protection & Privacy *Table of Contents1: Historical Perspective, Territorial Scope, and Terminology 2: Data Protection Principles 3: Fair, Lawful, and Transparent Processing 4: Special Categories of Data 5: Data Security and Breach Notifications 6: International Data Transfers 7: The Rights of Individuals 8: Enforcement and the Role of the Regulator 9: Outsourcing Personal Data Processing 10: Electronic Communications 11: Data Protection Impact Assessments 12: Role of the Data Protection Officer 13: Creating a Data Protection Compliance Programme

Read more less

Book SynopsisStandardizing Personal Data Protection is the first book focusing on the role of technical standards in protecting individuals as regards the processing of their personal data. Through the lenses of legal pluralism and transnational private regulation, the book studies the interaction of standardization as a private semi-autonomous normative ordering, and data protection law. It traces the origins of standardization for EU policy and law, provides an evolutionary account of worldwide standardisation initiatives in the area of data protection, privacy, and information security, and delves into the concept of technical standards, its constitutive characteristics, and legal effects.The book addresses two key aspects. Firstly, it explores how data protection law, such as the General Data Protection Regulation (GDPR), works as a legal basis for technical standards. To identify standardization areas in data protection, the book proposes an analytical framework of standards for legal compliance, for beneficiaries, and meta-rules. Secondly, the book examines how procedural legitimacy issues, such as questions of transparency, representation, and accessibility, frame and limit the suitability of standardization to complement public law, especially law that protects fundamental rights, including the right to protection of personal data. Ultimately, it concludes by providing a comprehensive account of how a private regulation instrument may complement public law in pursuing its goals and where limits and conditions for such a role should be drawn.

Read more less

Book SynopsisThe information revolution has brought with it the technology for easily collecting personal information about individuals, a facility that inherently threatens personal privacy. Colin J. Bennett here examines political responses to the data protection issue in four Western democracies, comparing legislation that the United States, Britain...

Read more less

Book SynopsisAccess and Control in Digital Humanities explores a range of important questions about who controls data, who is permitted to reproduce or manipulate data, and what sorts of challenges digital humanists face in making their work accessible and useful. Contributors to this volume present case studies and theoretical approaches from their experience with applications for digital technology in classrooms, museums, archives, in the field and with the general public. Offering potential answers to the issues of access and control from a variety of perspectives, the volume acknowledges that access is subject to competing interests of a variety of stakeholders. Museums, universities, archives, and some communities all place claims on how data can or cannot be shared through digital initiatives and, given the collaborative nature of most digital humanities projects, those in the field need to be cognizant of the various and often competing interests and rights that shape the Table of Contents1. Introduction: access and control in digital humanitiesShane HawkinsPart I. Access, Control, and DH in Academia2. From Stone to Screen: the built-in obsolescence of digitizationKaitlyn Solberg, Lisa Tweten, and Chelsea A. M. Gardner3. Digital humanities and a new research culture: between promoting and practicing open research dataUrszula Pawlicka-DegerPart II. Networks of Access and Control4. Computational ontologies for accessing, controlling, and disseminating knowledge in the cultural heritage sector: a case studyJohn Roberto Rodríguez5. Digital approaches to the ‘Big Ancient Mediterranean’Ryan Horne6. Questioning authority: creation, use, and distribution of linked data in digital humanitiesLindsay Kistler Mattock & Anu ThapaPart III. Access, Control and Immersive Media7. Visuality as historical experience: immersive multi-directional narrative in the MIT Visualizing Cultures ProjectEllen Sebring8. Architectonic connections: virtual reconstruction to disseminate understanding of South and Southeast Asian templesDavid Beynon and Sambit Datta9. Postscript on the Ctrl+Alt society: protocols for locative mediaBrian GreenspanPart IV. Access, Control, and Indigenous Knowledge10. Cross-cultural collaborations in the digital world: a case study from the Great Lakes Research Alliance’s Knowledge Sharing DatabaseHeidi Bohaker, Lisa Truong, and Kate Higginson11. Issues and intersections of Indigenous knowledge protection and copyright for DHKim Paula NayyerPart V. Access, Control, and the Law12. The open access spectrum: redefining the access discourse for the electronic editions of literary worksSetsuko Yokoyama13. Ownership, copyright, and the ethics of the unpublishedEmily C. Friedman14. Digital humanities research under United States and European copyright laws: evolving frameworksErik Ketzan and Paweł Kamocki15. Trust is good, control is better? The GDPR and control over personal data in digital humanities researchPaweł Kamocki

Read more less

Book SynopsisWe are living in times of deep and disruptive change. Perhaps the most powerful vector of this change can be described by three related catchphrases: digitalization, artificial intelligence, and dataism. Drawing on considerable expertise from a wide range of scholars and practitioners, this interdisciplinary collection addresses the challenges, impacts, opportunities and regulation of this civilizational transformation from a variety of angles, including technology, philosophy, cultural studies, international law, sociology and economics. This book will be of special interest to scholars, students, analysts, policy planners, and decision-makers in think tanks, international organizations, and state agencies studying and dealing with the development and governance of disruptive technologies.

Read more less

Book SynopsisCybercrime continues to skyrocket but we are not combatting it effectively yet. We need more cybercrime investigators from all backgrounds and working in every sector to conduct effective investigations. This book is a comprehensive resource for everyone who encounters and investigates cybercrime, no matter their title, including those working on behalf of law enforcement, private organizations, regulatory agencies, or individual victims. It provides helpful background material about cybercrime''s technological and legal underpinnings, plus in-depth detail about the legal and practical aspects of conducting cybercrime investigations. Key features of this book include: Understanding cybercrime, computers, forensics, and cybersecurity Law for the cybercrime investigator, including cybercrime offenses; cyber evidence-gathering; criminal, private and regulatory law, and nation-state implications Cybercrime investigation from three key perspeTable of ContentsPart 1: Cyber Law. 1. Introduction. 2. Cybercrimes and Criminal Statutes. 3. Laws Pertaining to the Criminal Investigative Process. 4. Nation State and Terrorist Nexus. 5. Civil and Regulatory Issues Relating to Cybercrime. Part 2: The Criminal Investigation. 6. The Crime (Act). 7. Gathering Leads and Potential Evidence. 8. Following the Money. 9. Gathering Records and Evidence with an Eye towards Potential Trial. 10. Identification and Attribution of the Suspect. 11. Getting Technical. 12. Apprehending the Suspect and Follow on Actions. 13. The Criminal Investigation and Case Continues after Arrest. Part 3: The Civil Investigation. 14. Comparing the Civil Investigation to the Criminal Investigation. 15. Civil Legal Process Available. 16. E-Discovery. 17. Sharing with Law Enforcement. Part 4: Appendix. 18. Statutes. 19. Criminal Cases. 20. Civil Cases. 21. Cybercrime Investigation Organizations. 22. Cybersecurity Organizations.

Read more less

This timely volume provides a comprehensive examination of how the proposed new European Health Data Space (EHDS) legislation will impact upon health and genetic data, individual privacy, and providers of health services. Including contributions from some of the leading scholars in this area, this ground-breaking book will be key reading for students and researchers across Law and Public Health.

Read more less

Book SynopsisTable of ContentsContents: Foreword I by Adam Mitton Foreword II by Ingrid Ødegaard 1 GDPR for startups and scaleups: an introduction SETTING THE SCENE AND KEY CONCEPTS 2 Setting the scene and key concepts BEFORE YOU START YOUR DATA PROTECTION PROGRAMME 3 Before you start your data protection programme PHASE 1: FOUNDATIONS OF YOUR DATA PROTECTION PROGRAMME 4 Data protection user experience (UX) 5 Data maps and records of processing activity 6 Administrative matters 7 Respecting people’s rights 8 Marketing PHASE 2: DEVELOPING YOUR DATA PROTECTION PROGRAMME 9 International transfers of personal data 10 Data incidents and breaches 11 Accountability, assessments and record keeping 12 Cookies, pixels and tracking technologies 13 Contract negotiations 14 Online advertising ADDITIONAL MATTERS TO CONSIDER AND FINAL THOUGHTS 15 Additional matters to consider 16 Final thoughts Index

Read more less

Book SynopsisTable of ContentsContents: Foreword I by Adam Mitton Foreword II by Ingrid Ødegaard 1 GDPR for startups and scaleups: an introduction SETTING THE SCENE AND KEY CONCEPTS 2 Setting the scene and key concepts BEFORE YOU START YOUR DATA PROTECTION PROGRAMME 3 Before you start your data protection programme PHASE 1: FOUNDATIONS OF YOUR DATA PROTECTION PROGRAMME 4 Data protection user experience (UX) 5 Data maps and records of processing activity 6 Administrative matters 7 Respecting people’s rights 8 Marketing PHASE 2: DEVELOPING YOUR DATA PROTECTION PROGRAMME 9 International transfers of personal data 10 Data incidents and breaches 11 Accountability, assessments and record keeping 12 Cookies, pixels and tracking technologies 13 Contract negotiations 14 Online advertising ADDITIONAL MATTERS TO CONSIDER AND FINAL THOUGHTS 15 Additional matters to consider 16 Final thoughts Index

Read more less

Book SynopsisTrade Review‘The DPCSR Framework is the most prominent initiative so far to embed data protection and data security by design into organisational governance structures. That allows institutions to transform ethical principles into reality, which is essential to any responsible organisation.’ -- Thiago Guimaraes Moraes, Coordinator of Innovation and Research, ANPDTable of ContentsContents: PART I INTRODUCTION TO DATA PROTECTION AS CORPORATE SOCIAL RESPONSIBILITY 1 Introduction to Data Protection as Corporate Social Responsibility 2 Corporate social responsibility and related challenges PART II A NOVEL APPROACH FOR THE PROMOTION OF ETHICS IN THE DATA-DRIVEN ECONOMY – DATA PROTECTION AS A CORPORATE SOCIAL RESPONSIBILITY 3 Scope of the UM-DPCSR Framework 4 UM-DPCSR Framework principle 1: Embed data protection, fairness and security in the design of processes 5 UM-DPCSR Framework Principle 2: be transparent with individuals about the collection and further processing of their data 6 UM-DPCSR Framework Principle 3: balance profits with the actual benefits for citizens 7 UM-DPCSR Framework Principle 4: publish relevant findings based on statistical/anonymized data to improve society 8 UM-DPCSR Framework Principle 5: devote a portion of revenues to awareness campaigns for citizens with regards to the data-centric society PART III GOVERNANCE AND IMPLEMENTATION OF THE FRAMEWORK WITHIN ORGANISATIONS 9 Adherence to the UM-DPCSR Framework 10 Conclusion Annex A: UM DPCSR Data Protection Icons for high-risk processing activities Annex B: Complete set of Arts. 13 and 14 GDPR Data Protection Icons for Information Notices Bibliography Index

Read more less

Book SynopsisButterworth''s Data Protection Law Handbook is an essential addition to your legal library, and is part of LexisNexis'' popular and successful Handbook series. It provides an invaluable single source collection of UK primary and secondary legislation, as well as relevant European and international materials in one manageable volume, providing readers with the essentials at their fingertips.This Handbook is indispensable for practitioners in all different sectors and industries as, to an ever-increasing degree, it affects all individuals and businesses throughout the UK, the EU and beyond.The new fourth edition has been fully revised and updated to reflect key developments in this area.

Read more less

Book SynopsisThis comprehensive survey addresses the key issues and questions that arise under German data protection law. An essential reference work, it explores the fundamental principles of both German and European data protection law. It examines the role of the supervisory authorities, specifically those tasks of the Data Protection Supervisor. It gives crucial direction on how customer data can be handled for advertising purposes. It sets out the obligations of companies and corporations with regard to employee privacy. It also looks at the data transfer inside and outside the EU. A seminal text: it will be required reading for all practitioners in the field of data protection both within Germany and the wider European Union.

Read more less

Book SynopsisThe European Data Protection Basic Regulation brings a uniform data protection law directly applicable in all European Member States, which will also have to be complied with by numerous companies outside the EU with business in the EU. The existing national data protection laws are thus largely replaced. Companies have to adapt their business models and processes to the new requirements within a period of two years.This book is the ideal basis for legal advisors and all internationally affected companies to review existing business processes and to shape new processes and business models in accordance with data privacy.Trade ReviewI would highly recommend this book. It offers a comprehensive and timely guide to the GDPR, which will be of real practical value to data protection practitioners. Furthermore, it would also be of value to academics specialising in this area of law who are interested in the practical interpretation and application of the Regulation. -- Peter Coe * Computer and Telecommunications Law Review *

Read more less

Book SynopsisThis commentary covers all topics and critical aspects elicited by the new European General Data Protection Regulation and its interpretation. The commentary focuses on the regulation itself, including cross-references to further provisions (eg the Police and Criminal Justice Data Protection Directive, the E-Privacy-Directive or the former Data Protection Directive 95/46/EC). Article by article the purpose of a provision is classified, its background, function and structure analysed and its content interpreted. The commentary provides an independent view of all topics, presenting both an overview and specific interpretation that provide far-reaching arguments. The editors and authors are outstanding experts in the field of data protection law well known for their practical as well as structured and thorough approach to data protection issues. They offer suitable solutions and sound arguments especially for international companies, legal councils and corporate lawyers as well as data protection agencies, NGOs and legislators.

Read more less

Book SynopsisIs it possible to achieve cybersecurity while safeguarding the fundamental rights to privacy and data protection? Addressing this question is crucial for contemporary societies, where network and information technologies have taken centre stage in all areas of communal life. This timely book answers the question with a comprehensive approach that combines legal, policy and technological perspectives to capture the essence of the relationship between cybersecurity, privacy and data protection in EU law. The book explores the values, interconnections and tensions inherent to cybersecurity, privacy and data protection within the EU constitutional architecture and its digital agendas. The work’s novel analysis looks at the interplay between digital policies, instruments including the GDPR, NIS Directive, cybercrime legislation, e-evidence and cyber-diplomacy measures, and technology as a regulatory object and implementing tool. This original approach, which factors in the connections between engineering principles and the layered configuration of fundamental rights, outlines all possible combinations of the relationship between cybersecurity, privacy and data protection in EU law, from clash to complete reconciliation. An essential read for scholars, legal practitioners and policymakers alike, the book demonstrates that reconciliation between cybersecurity, privacy and data protection relies on explicit and brave political choices that require an active engagement with technology, so as to preserve human flourishing, autonomy and democracy.Table of ContentsIntroduction Part One: Introducing Cybersecurity, Privacy and Data Protection Law and their Interplay 1. Cybersecurity, Privacy and Data Protection: An Analytical Framework 2. The EU Cybersecurity Policy 3. Privacy: The Right to Respect for Private and Family Life 4. The Right to the Protection of Personal Data Part Two: Technology and the Triad in the DSM, the AFSJ and the EA 5. Cybersecurity, Privacy and Data Protection as Techno-Legal Objects: Investigating the Role of Technology 6. The DSM: Network and Information Security (NIS), Privacy and Data Protection 7. The AFSJ: The Fight against Cybercrime, e-Evidence, Privacy and Data Protection 8. The EA: ‘Cyber’ External Action, Privacy and Data Protection Conclusion

Read more less

Book SynopsisThis book brings together papers that offer conceptual analyses, highlight issues, propose solutions, and discuss practices regarding privacy, data protection and enforcing rights in a changing world. It is one of the results of the 14th annual International Conference on Computers, Privacy and Data Protection (CPDP), which took place online in January 2021. The pandemic has produced deep and ongoing changes in how, when, why, and the media through which, we interact. Many of these changes correspond to new approaches in the collection and use of our data - new in terms of scale, form, and purpose. This raises difficult questions as to which rights we have, and should have, in relation to such novel forms of data processing, the degree to which these rights should be balanced against other poignant social interests, and how these rights should be enforced in light of the fluidity and uncertainty of circumstances. The book covers a range of topics, such as: digital sovereignty; art and algorithmic accountability; multistakeholderism in the Brazilian General Data Protection law; expectations of privacy and the European Court of Human Rights; the function of explanations; DPIAs and smart cities; and of course, EU data protection law and the pandemic – including chapters on scientific research and on the EU Digital COVID Certificate framework. This interdisciplinary book has been written at a time when the scale and impact of data processing on society – on individuals as well as on social systems – is becoming ever starker. It discusses open issues as well as daring and prospective approaches and is an insightful resource for readers with an interest in computers, privacy and data protection.Table of Contents1. The Norm Development of Digital Sovereignty between China, Russia, the EU and the US: From the Late 1990s to the COVID Crisis 2020/21 as Catalytic Event Johannes Thumfart, Vrije Universiteit Brussel, Belgium 2. Artountability: Art & Algorithmic Accountability Peter Booth, BI Norwegian Business School, Norway, Lucas Evers, Waag Technology & Society Foundation, the Netherlands, Eduard Fosch Villaronga, Leiden University, the Netherlands, Christoph Lutz, BI Norwegian Business School, Norway, Fiona McDermott, Trinity College Dublin, Ireland, Piera Riccio, Politecnico di Torino, Italy, Vincent Rioux, National School of Fine Arts, France, Alan M Sears, Leiden University, the Netherlands, Aurelia Tamò-Larrieux, University of St. Gallen, Switzerland, and Maranke Wieringa, Utrecht University, the Netherlands 3. Expectations of Privacy: The Three Tests Deployed by the European Court of Human Rights Bart Van der Sloot, Tilburg University, the Netherlands 4. Multistakeholderism in the Brazilian General Data Protection Law: History and Learnings Bruno Bioni, University of Sao Paulo, Brazil, and Mariana Rielli, Data Privacy Brazil Research Association 5. The Dual Function of Explanations: Why Computing Explanations is of Value Niko Tsakalakis, University of Southampton, UK, Sophie Stalla-Bourdillon, University of Southampton, UK, Laura Carmichael, University of Southampton, UK, Dong Huynh, King’s College London, UK, Luc Moreau, King’s College London, UK and Ayah Helal, King’s College London, UK 6. COVID-19 Pandemic and GDPR: When Scientific Research Becomes a Component of Public Deliberation Ludovica Paseri, University of Bologna, Italy 7. The Pandemic Crisis as Test Case to Verify the European Union’s Personal Data Protection System Ability to Support Scientific Research Valentina Colcelli, Italian National Research Council 8. Data Protection Law and the EU Digital COVID Certificate Framework Daniela Dzurakova (nee Galatova), Pan-European University, Slovakia, and Olga Gkotsopoulou, Vrije Universiteit Brussel, Belgium 9. The DPIA: Clashing Stakeholder Interests in the Smart City? Laurens Vandercruysse, Michaël Dooms, and Caroline Buts, all at Vrije Universiteit Brussel, Belgium 10. Solidarity – ‘The Power of the Powerless’: Closing Remarks of the European Data Protection Supervisor Wojciech Wiewiorowski, European Data Protection Supervisor

Read more less

Book SynopsisThis collection examines one of the fastest growing fields of regulation: data rights. The book moves debates about data beyond data and privacy protecting statutes. In doing so, it asks what private law may have to say about these issues and explores how private law may influence the interpretation and the form of legislation dealing with data. Over five parts it: sets out an overview of the themes and problems; explores theoretical justifications and challenges in understanding data; considers data through the perspective of cognate private law doctrines; assesses the contribution of private law in understanding individual rights; and finally examines the potential of private law in providing individual remedies for wrongful data use, supplementing the work of regulators. The contributors are specialists in their respective fields of private law with long-standing expertise in the challenges to data privacy posed by emerging digital technologies.Table of ContentsForeword Acknowledgements List of Contributors Table of Cases Table of Legislation PART I INTRODUCTION 1. Introduction to Data and Private Law Damian Clifford, Kwan Ho Lau and Jeannie Marie Paterson PART II DATA AND PRIVATE LAW – THEORETICAL INSIGHTS 2. Private Law, Technology and Governance Roger Brownsword 3. Data in a Relational Setting Sally Wheeler PART III RIGHTS TO DEAL WITH DATA 4. The Predilection for Contract in Governing Digital Networks: Micro-Management’s Face Off with Accountability Lee A Bygrave 5. Data Rights and Contract Law: Formation, Incorporation and Vitiating Factors Damian Clifford and Jeannie Marie Paterson 6. Data Rights and Consumer Contracts: The Case of Personal Genomic Services Shmuel I Becher and Andelka M Phillips 7. Private Law Rights Mechanisms for Consumer Data – Filling the Gaps Chris Reed 8. Access to Platform Data and the Right to Research under US Law Niva Elkin-Koren, Maayan Perel and Ohad Somech PART IV USES OF DATA – RIGHTS AND OBLIGATIONS 9. Tort-Based Protections for Data Privacy Jelena Gligorijevic 10. Closing Off the Warren of Negligence Claims for Data Breaches Eoin O’Dell 11. Trust, Confidence and Data Rights Megan Richardson 12. IP and Data, IP in Data, IP as Data Kimberlee Weatherall 13. Duties for Datasets Jerrold Soh Tsin Howe PART V REMEDIES FOR BREACHES OF DATA RIGHTS 14. Private Enforcement of Data Rights Through Direct Rights of Action: A Comparative Review Normann Witzleb 15. Data Rights Incursions: Two Hurdles in the Pursuit of Damages Kwan Ho Lau Index

Read more less

Book SynopsisThis guide serves as the first point of reference for all those who have to comply with or apply the Data Governance Act (‘DGA’). Tightly structured within a clear framework it provides an overall view of the DGA as well as offering more detailed information on the individual articles. It goes further, addressing pressing follow up questions such as legal protection. This will be invaluable to companies, public authorities, and consultants as well as courts and research institutions coming to grips with the DGA.

Read more less

Book SynopsisThis book gathers contributions engaging with different data strategies along with their interdisciplinary (legal, economic, and ethical) implications. It aims to contribute to a well-founded discourse about current (and future) data strategies. It does this by using a multi-dimensional approach, combining insights from academia and governmental practice as well as legal and economic viewpoints. Data strategies from both the ‘Global North’ and the ‘Global South’ are covered. The international and comparative focus allows for a discussion of regulatory convergence and dissonance.

Read more less

Book Synopsis"An engrossing, story-packed takedown of the data industry...What Stays in Vegas offers a narrative that transforms Big Data from spreadsheet-dull to a racy read people will pay attention to."-Financial Times

Read more less

Book SynopsisA powerful argument for new laws and policies regarding cyber-security, from the former US Secretary of Homeland Security.The most dangerous threat we-individually and as a society-face today is no longer military, but rather the increasingly pervasive exposure of our personal information; nothing undermines our freedom more than losing control of information about ourselves. And yet, as daily events underscore, we are ever more vulnerable to cyber-attack. In this bracing book, Michael Chertoff makes clear that our laws and policies surrounding the protection of personal information, written for an earlier time, need to be completely overhauled in the Internet era. On the one hand, the collection of data-more widespread by business than by government, and impossible to stop-should be facilitated as an ultimate protection for society. On the other, standards under which information can be inspected, analysed or used must be significantly tightened. In offering his compelling call for action, Chertoff argues that what is at stake is not only the simple loss of privacy, which is almost impossible to protect, but also that of individual autonomy-the ability to make personal choices free of manipulation or coercion. Offering colourful stories over many decades that illuminate the three periods of data gathering we have experienced, Chertoff explains the complex legalities surrounding issues of data collection and dissemination today and charts a forceful new strategy that balances the needs of government, business and individuals alike.Trade ReviewEssential reading for leaders, legislators and those committed to preserving the balance between individual empowerment and individual freedom in the latest phase of our digital age. -- Rt Hon Lord (John) Reid, former UK Home Secretary and Secretary of State for DefenceMichael Chertoff provides an eye-opening account of just how effectively our personal data is being harvested by the private sector and how it can be used to manipulate us by hostile groups and governments. As a former Homeland Security Secretary and a distinguished lawyer his warnings, and advice on sensible steps that could be taken now to manage the risks, carry great weight. -- Sir David Omand, former Director of GCHQ/former UK Security and Intelligence CoordinatorThis important book offers highly intelligent commentary, of a kind I have not read elsewhere, on the challenges posed by the technology revolution and the accompanying 'explosion' of data...a 'must read' for experts and the general public alike. -- Sir John Scarlett, Chief of the Secret Intelligence Service (MI6) 2004-2009Important and insightful...an authoritative guide to understanding the legal and security challenges posed by the rapidly evolving digitally driven cyber landscape. * Washington Times *...works as both a Big Data primer and a clear-sighted road map for legislative changes * Publishers Weekly *A serious but accessible book on an important subject that affects us all. * Booklist *Few people - maybe only Michael Chertoff - could write a book like this. It combines his unique experience as Federal prosecutor, judge, assistant attorney general on 9/11 and then Secretary of Homeland Security to describe in layman's language the ubiquity of 'digital exhaust' we leave for others to learn about us and lawfully or unlawfully track us. This must-read book describes the barriers to 'opting out' and the need to modernise legal authorities if we are to protect both security and privacy. -- Jane Harman, CEO of the Wilson Center and former member of U.S. House of Representatives Intelligence and Homeland Security committeesWhen George Orwell wrote 1984, little did he suspect that most of us would willingly carry the tools of our surveillance in our pockets. Michael Chertoff brings his unmatched legal skills and experience to propose tougher restrictions on the use, retention and dissemination of the data that is exploding around us. This important book is a vote for sanity in the midst of chaotic change. -- Joseph S. Nye, Jr., author of THE FUTURE OF POWER

Read more less

Book SynopsisLarge-scale data loss and data privacy compliance breaches continue to make headline news, highlighting the need for stringent data protection policies, especially when personal or commercially sensitive information is at stake. While regulations and legislation exist to address these issues, how organisations can best tailor their compliance approaches to their own operational circumstances has remained an open question. The focus of this book is on operationalising a truly risk-based approach to data protection and compliance, beyond just emphasis on regulatory frameworks and legalistic compliance.Trade ReviewThe past few years has seen transformative changes in privacy, particularly in the UK, where GDPR and Brexit have created a host of new and potentially divergent data protection laws. In this book, Stewart and his team distill several decades of accumulated privacy, data protection and information governance experience and know-how into a guide that’s essential reading for data protection newcomers and experienced practitioners alike. -- Toby Hayes FBCS CITP FIP CIPP/E CIPMAn ideal resource and must read for new and seasoned privacy practitioners, Data Protection and Compliance provides a comprehensive overview of UK privacy requirements together with a practical focus on hot topics and emerging issues to watch out for. Uniquely, the book helps the reader understand how the breadth of the legal, policy and practical requirements all fit together with a contextual summary and tables, untangling the deluge of privacy data. -- Vivienne Artz OBE, NED, GLEIF, former CPO LSEG/Refinitiv/Thomson ReutersStewart Room and his team apply their extensive knowledge of data protection law and practice to provide an invaluable resource on data protection that rightly goes beyond interpreting and understanding the law, and unpacks what this means on the ground for compliance leaders and their advisors. Full of practical insights on governance, risk and compliance in the data protection domain, every DPO should have this on their desk! -- Stephen Deadman, VP, DPO, MetaIn a rapidly expanding digitised global economy, this book is a must-read and a go-to resource for legal and privacy professionals and all others interested in this field. Seeing data processing as a power for good, it contains a wealth of legal knowledge and practical insights into the key issues within the world of data protection. Highly recommended. -- Olivia Shirville CIPP/E CIPM, Lead Privacy Counsel (EMEA), AonOne of the biggest challenges to data protection law is how to effectively operationalise compliance and manage risk effectively within an evolving business structure. This book shows appreciation for this challenge and provides clear methods and concepts to address it. Operational landscape of data protection is summed up concisely and the concept of ‘Technology Reference Architecture’ linked to Privacy by Design, is incredibly insightful and relevant for businesses. I recommend this book for all data privacy practitioners, including in-house lawyers. -- Nargis Hassani, SolicitorData Protection and Compliance tackles a rapidly evolving and complex regulatory landscape, in an easy to understand and practical manner. With data driving the digital evolution for most organisations, the ability to comprehend and apply an appropriate compliance framework, with respect to people, processes and systems, is increasingly challenging. For those organisations putting data at the heart of their business strategy, this is a comprehensive resource, which pulls together a wealth of subject matter expertise, tried and tested practical compliance approaches and useful insights into the rationale behind the legislation. Highly recommended. -- Janine McKelvey, BT General Counsel - Digital & Innovation, BT Group Data Protection and Ethics OfficerThere are many misconceptions about what is and isn’t Data Protection, alongside the misinformation and scaremongering that arose in the early days of the GDPR. This book distils the considerable knowledge of its author and fellow contributors to deliver the key facts with clarity, supported with reference to landmark cases and regulatory texts. The chapter on Operational Data Protection is a timely reminder that Data Protection is people, paper (processes) and technology, and that all three are required to be effective. -- David Francis CIPP/E CIPT CIPM, Group Data Protection Officer, CanopiusStewart Room and his co-authors have certainly discovered the special sauce when seeking to create a book that will appeal to so many. Data Protection and Compliance, 2nd edition, is truly inimitable amongst a minefield of technical, legal, and business publications on data protection and privacy. Taking the reader on a journey through history to providing practical operational advice is not only educationally important but also invaluable to practitioners across the multidisciplinary spectrum, regardless of their sector or experience. -- Jane Wainwright, Director, Office of the Data Protection Officer, MetaThe 4th industrial revolution is upon us. Data Protection and Compliance provides a timely and thorough orientation of the regulatory landscape but then importantly turns to the pragmatic steps that must be taken to operationalise data protection. While the explanations of the laws are comprehensive, the book embraces the notion of data protection as a foundation for accelerating innovation – seminal reading for all data practitioners. -- Jason du Preez, CEO, PrivitarData Protection and Compliance provides a clear and practical guide to the operationalisation of the GDPR. It outlines a structured and measured approach that doesn’t focus on compliance for compliance sake, but encourages doing the right thing for the benefit of both the processing organisation and the data subject. It will serve as a useful reference manual on the bookshelf of any data protection professional. -- Lisa Townsend CIPP/E CIPP/US CIPM, DPO, Wella CompanyAn invaluable source of astute guidance and pragmatic advice from one of the leading practitioners in this area as he leads you through the world of data protection and compliance in a way that demystifies the complexities of the subject matter. This book justifies a spot on the bookshelves of anyone practicing the law of data protection or just seeking to understand this area and how it impacts your day-to-day life. -- John Skelton, General Counsel (Shared Specialist Services) & Group DPO, Centrica plcData Protection and Compliance is the book you need to bridge the gap between current legal developments and the practical steps companies can take to implement a successful data protection programme. The book offers something for everyone, whether you’re starting out in data protection or an experienced practitioner looking to fine tune your data protection compliance programme. -- Andrea Chard LLM LLB BA, Group Data Protection Officer, easyJetThis is your ‘one-stop shop’ resource for data protection guidance! This book effortlessly and coherently brings together the legislative and relevant case law on data protection into a well structured and easy to follow book. This is a must have for any data protection professional looking to operationalise and embed data protection compliance within an organisation through a risk-based approach. -- Harrison Barrett CIPM CIPP/E, Deputy Data Protection Officer, CanopiusCuts nicely through the “noise” of data protection regulation and developments, making this a uniquely comprehensive guide for any practitioner wanting to understand data protection practices better. The book provides detail where it needs to, and is succinct on more straightforward topics. The handy “tables” are a useful ready-reckoner that moves the fingertips to the nub of the topic in an instant, a winner for the busy privacy team! -- Sonal Khimji FIP CIPM CIPP/E, Director and Founder, Omnigov LimitedThis revised edition of a venerable classic is a welcome addition to the reference library of data protection professionals navigating the landscape of data protection in the UK, post-Brexit. -- Daragh O Brien FICS IAPP FIP, Managing Director, CastlebridgeData Protection and Compliance is an excellent resource for anyone working in a data protection role. It’s a rare text that balances theory, practical application and the social and political context in which the legal and regulatory framework is developing; key to designing and implementing an effective, risk-based approach to operationalising data protection. I’d highly recommend Data Protection and Compliance as a solid addition to anyone’s data protection bookshelf. -- Naureen Hussain, Director of Data Estate, Virgin Media O2An indispensable book for data protection practitioners. The text includes exceptional detail, historical context, and relatable, pragmatic insights for this vast and complicated field. The style is approachable and delivers accessible, common-sense tables and summaries that will be the go-to resource for those advising businesses. A particularly useful reference for in-house privacy professionals as we face the ‘regulatory bear market’ and the need to push privacy into the very fabric of our electronically mediated lives. Well done, Stewart and team! You have re-forged a much-needed tool for our increasingly complex world with this edition. -- Eric Heath, Chief Privacy Officer and Deputy General Counsel, AncestryAn excellent guide to data protection and compliance. Takes the reader through an easy to follow journey to achieve and maintain regulatory compliance. Naturally focuses on GDPR but keeps relevant to other international laws. Illustrates impact of Brexit, highlights issues of data sovereignty and discusses challenges with global data processing in an increasingly digital world. A great reference for ins and outs of data protection law and regulatory compliance, as well as for dealing with consequences of non-compliance and data breaches. -- Ashish Bhatt, Information and Data Management Officer, Queen’s University Kingston, ON Canada'Data Protection and Compliance: Second edition' is a must have companion for anyone involved in the data protection or compliance space. It begins with a useful introduction to data protection itself, the link into the General Data Protection Regulations (GDPR) and the Data Protection Act 2018 (DPA), providing an easy-to-read breakdown of the many complexities and challenges that organisations face when collecting, processing, and managing personal data. The book is full of useful guidance, advice, and good practice that all organisations should follow and is thoroughly recommended. -- Jim Fox CISM MBCS, Cyber & Information Security Risk Management ExecutiveA fascinating read, highly thought provoking and one that will be returned to as a phenomenal reference book. -- Angela McLoughlin MBCS, Business Analyst, Director Angel Analysis Ltd.Table of ContentsPart I - The Big Picture 1. Introduction to data protection 2. Introduction to the GDPR 3. Introduction to ePrivacy 4. Introduction to operational data protection Part II - Core Law 5. The principles of data protection 6. The rights of data subjects Part III - Operating Internationally 7. National supervision within an international framework 8. Transferring data between the GDPR landmass and third countries 9. Data protection beyond the GDPR landmass Part IV - Delivery 10. Mechanisms to support operational compliance 11. Programmatic approaches for delivering data protection by design and default 12. Being accountable for records of processing, legitimate interests and risk management 13. 'The journey to code' Part V - Adverse Scrutiny 14. How to prepare for the risks of challenge and 'adverse scrutiny' 15. Complaints, rights requests, regulatory investigations and litigation 16. Regulatory action 17. Handling personal data breaches

Read more less

Book SynopsisRecords Managers have tended to find themselves given the responsibility for managing requests under the Freedom of Information (FOI) and Data Protection Acts (DPA), without necessarily having training and/or an academic background in legal studies. This book aims to fill this knowledge gap by offering a fully up to date, accessible, comprehensive guide to information rights specifically for those without a legal background. Information Rights for Records Managers aims to be as comprehensive as possible, including coverage of the new General Data Protection Regulations (GDPR), so that the guidance practitioners can provide is as fully informed as possible. Content covered includes: Responding to FOI requests, including exemptions, internal reviews and benchmarking Coverage of DPA and GDPR regulations, where the differences lie and what the implications are for professionals operating under the acts Personal data requests and enquiries under GDPR Working with the European Information Regulations (EIR) and where the differences lie with FOI Discussion of the two strands of records management and information rights work and how the two interact in daily work Practical case studies from a range of organisations and institutions to demonstrate practice. The book will be useful reading for all professionals in the public and private sectors who have responsibility for information rights, particularly around FOI and DPA. Its introductory nature will also mean that it will be very useful students and new professionals seeking to increase their knowledge.Trade Review'This book is very well organised, and Maguire’s style is very accessible and straightforward. I think many professionals would feel less intimidated by the broad area of information rights law having read this book; I have certainly found that to be the case, despite having been in my (additional) role of Data Protection Officer for over two years.' -- Karen O'Connor * Catholic Archives *Table of Contents1 Introduction to information rights law Introduction What is information rights law? What else is available? Who works in information rights law? General access to information Access to personal information Access to environmental information Conclusion 2 Freedom of information Introduction Handling requests: the basic method The right to information: section Identifying a request: section Logging the request Determining who has the information and forwarding the request to them Requesting clarification and defining scope: section 16/15 duty to advise and assist Reminders Drafting the response and sign-off Conclusion 3 Freedom of information exemptions Introduction Refusing the request due to an exemption Section 12, The cost limit Section 21 (FoIA)/25 (FoISA), Information already available Section 22 (FoIA)/27 (FoISA), Information due for publication and research Sections 23, 24, 25, 26 (FoIA)/section 31 (FoISA), Security bodies, national security and defence Section 27 (FoIA)/section 32 (FoISA), International relations Section 28, Relations within the UK Section 29, (FoIA)/section 33(2) (FoISA), The economy Section 30 (FoIA)/section 34 (FoISA), Investigations and proceedings conducted by a [Scottish] public authority Section 31 (FoIA)/section 35 (FoISA), Law enforcement Section 32 (FoIA)/section 37 (FoISA), Court records, etc. Section 33 (FoIA)/section 40 (FoISA), Audit functions Section 34, Parliamentary privilege Section 35 (FoIA)/section 29 (FoISA), Formulation of government/ Scottish administration policy Section 36, Prejudice to the effective conduct of public affairs Section 37 (FoIA)/section 41(FoISA), Communications with Her Majesty, etc. and Honours Section 38 (FoIA)/section 39(1) (FoISA), Health and safety Section 39 (FoIA)/section 39(2) (FoISA), Environmental information Section 40 (FoIA)/section 38 (FoISA), Personal information Section 41 (FoIA)/section 36(2) (FoISA), Information provided in confidence/Confidentiality Section 42 (FoIA)/section 36(1) (FoISA), Legal professional privilege Section 43 (FoIA)/section 33 (FoISA), Commercial interests Section 44 (FoIA)/section 26 (FoISA), Prohibitions on disclosure Section 14, Vexatious and repeated requests Writing the refusal notice Dealing with complaints and follow-up requests Publication schemes and disclosure logs Conclusion 4 Data protection: principles and main features Introduction Regulations and Directives Data protection main features What is personal data? Definitions The data protection principles Previous principles turned articles Conditions for processing/lawfulness of processing Special categories of personal data Data controllers, joint data controllers and data processors Data controller responsibilities Conclusion 5 Data protection: rights of data subjects Introduction Recording requests Subject access requests: what you have to provide Subject access requests: scoping the request for copies of personal data Subject access requests: providing the response Requests for rectification Requests for deletion: the right to be forgotten Right to restrict processing Objections to processing Requests for data portability Automated processing and profiling Conclusion 6 Data protection: internal enquiries Introduction Privacy notices and consent forms Data protection or privacy impact assessments Transfers to other countries and within international organizations Dealing with internal enquiries Responding to the ICO Conclusion 7 Environmental Information Regulations Introduction Environmental information Who is covered by the EIR? Processing EIR requests Verbal requests Time to respond Clarification, transfers and formats Charging fees Exceptions: EIR-speak for exemptions Regulation 12(4)/10(4): the ‘administrative’ or class-based exceptions Regulation 12(5)/10(5): the subject-based exceptions Personal data and the EIR Complaints about EIR requests Conclusion 8 Other information-related laws Introduction Access to medical records Access to local government records Re-use of Public Sector Information Regulations Privacy and Electronic Communications Regulations and the ePrivacy Regulation Computer Misuse Act Public Records Act and the Code of Practice for Records Management INSPIRE Regulations Conclusion 9 Fitting information and records management into information rights work Introduction Information and records management: is it necessary? The section 46 FoIA/section 61 FoISA Code of Practice for Records Management Disposal/retention schedules Information asset registers Fitting in records management around other tasks Conclusion 10 Resources Introduction Legislation Guidance Legal cases Social media, blogs and listservs

Read more less

Book SynopsisRecords Managers have tended to find themselves given the responsibility for managing requests under the Freedom of Information (FOI) and Data Protection Acts (DPA), without necessarily having training and/or an academic background in legal studies. This book aims to fill this knowledge gap by offering a fully up to date, accessible, comprehensive guide to information rights specifically for those without a legal background. Information Rights for Records Managers aims to be as comprehensive as possible, including coverage of the new General Data Protection Regulations (GDPR), so that the guidance practitioners can provide is as fully informed as possible. Content covered includes: Responding to FOI requests, including exemptions, internal reviews and benchmarking Coverage of DPA and GDPR regulations, where the differences lie and what the implications are for professionals operating under the acts Personal data requests and enquiries under GDPR Working with the European Information Regulations (EIR) and where the differences lie with FOI Discussion of the two strands of records management and information rights work and how the two interact in daily work Practical case studies from a range of organisations and institutions to demonstrate practice. The book will be useful reading for all professionals in the public and private sectors who have responsibility for information rights, particularly around FOI and DPA. Its introductory nature will also mean that it will be very useful students and new professionals seeking to increase their knowledge.Trade Review'This book is very well organised, and Maguire’s style is very accessible and straightforward. I think many professionals would feel less intimidated by the broad area of information rights law having read this book; I have certainly found that to be the case, despite having been in my (additional) role of Data Protection Officer for over two years.' -- Karen O'Connor * Catholic Archives *Table of Contents1 Introduction to information rights law Introduction What is information rights law? What else is available? Who works in information rights law? General access to information Access to personal information Access to environmental information Conclusion 2 Freedom of information Introduction Handling requests: the basic method The right to information: section Identifying a request: section Logging the request Determining who has the information and forwarding the request to them Requesting clarification and defining scope: section 16/15 duty to advise and assist Reminders Drafting the response and sign-off Conclusion 3 Freedom of information exemptions Introduction Refusing the request due to an exemption Section 12, The cost limit Section 21 (FoIA)/25 (FoISA), Information already available Section 22 (FoIA)/27 (FoISA), Information due for publication and research Sections 23, 24, 25, 26 (FoIA)/section 31 (FoISA), Security bodies, national security and defence Section 27 (FoIA)/section 32 (FoISA), International relations Section 28, Relations within the UK Section 29, (FoIA)/section 33(2) (FoISA), The economy Section 30 (FoIA)/section 34 (FoISA), Investigations and proceedings conducted by a [Scottish] public authority Section 31 (FoIA)/section 35 (FoISA), Law enforcement Section 32 (FoIA)/section 37 (FoISA), Court records, etc. Section 33 (FoIA)/section 40 (FoISA), Audit functions Section 34, Parliamentary privilege Section 35 (FoIA)/section 29 (FoISA), Formulation of government/ Scottish administration policy Section 36, Prejudice to the effective conduct of public affairs Section 37 (FoIA)/section 41(FoISA), Communications with Her Majesty, etc. and Honours Section 38 (FoIA)/section 39(1) (FoISA), Health and safety Section 39 (FoIA)/section 39(2) (FoISA), Environmental information Section 40 (FoIA)/section 38 (FoISA), Personal information Section 41 (FoIA)/section 36(2) (FoISA), Information provided in confidence/Confidentiality Section 42 (FoIA)/section 36(1) (FoISA), Legal professional privilege Section 43 (FoIA)/section 33 (FoISA), Commercial interests Section 44 (FoIA)/section 26 (FoISA), Prohibitions on disclosure Section 14, Vexatious and repeated requests Writing the refusal notice Dealing with complaints and follow-up requests Publication schemes and disclosure logs Conclusion 4 Data protection: principles and main features Introduction Regulations and Directives Data protection main features What is personal data? Definitions The data protection principles Previous principles turned articles Conditions for processing/lawfulness of processing Special categories of personal data Data controllers, joint data controllers and data processors Data controller responsibilities Conclusion 5 Data protection: rights of data subjects Introduction Recording requests Subject access requests: what you have to provide Subject access requests: scoping the request for copies of personal data Subject access requests: providing the response Requests for rectification Requests for deletion: the right to be forgotten Right to restrict processing Objections to processing Requests for data portability Automated processing and profiling Conclusion 6 Data protection: internal enquiries Introduction Privacy notices and consent forms Data protection or privacy impact assessments Transfers to other countries and within international organizations Dealing with internal enquiries Responding to the ICO Conclusion 7 Environmental Information Regulations Introduction Environmental information Who is covered by the EIR? Processing EIR requests Verbal requests Time to respond Clarification, transfers and formats Charging fees Exceptions: EIR-speak for exemptions Regulation 12(4)/10(4): the ‘administrative’ or class-based exceptions Regulation 12(5)/10(5): the subject-based exceptions Personal data and the EIR Complaints about EIR requests Conclusion 8 Other information-related laws Introduction Access to medical records Access to local government records Re-use of Public Sector Information Regulations Privacy and Electronic Communications Regulations and the ePrivacy Regulation Computer Misuse Act Public Records Act and the Code of Practice for Records Management INSPIRE Regulations Conclusion 9 Fitting information and records management into information rights work Introduction Information and records management: is it necessary? The section 46 FoIA/section 61 FoISA Code of Practice for Records Management Disposal/retention schedules Information asset registers Fitting in records management around other tasks Conclusion 10 Resources Introduction Legislation Guidance Legal cases Social media, blogs and listservs

Read more less

Book SynopsisLibrary, information and knowledge professionals are often at the front line of managing and monitoring their organisation’s legal compliance and have roles and responsibilities in both complying with the law and taking advantage of its provisions. To do their jobs effectively, they need not only to understand the law, but also to develop the skills, confidence and organisational policy frameworks to apply the law’s principles to their context of use. They need the knowledge and skills to help them decide what is acceptable and to develop appropriate risk aware approaches when things are not clear-cut. Information Law: Compliance for librarians, information professionals and knowledge managers provides an overview of important information law issues along with tools and guidance to help readers establish a framework so that their organisation can both comply with its legal responsibilities and support a suitably risk aware environment which optimises access and use. Based on the authors’ many years in professional practice and on their proven ‘Compliance Methodology’, it will help readers understand the legal issues that are central to the information they hold or that they wish to access. Table of ContentsContents List of acronyms List of case studies List of figures and tables Introduction 1 Copyright and related rights Introduction What does copyright protect? Restricted acts Exceptions to copyright The new text and data mining exception Moral rights Database rights Performers’ rights Some problems arising from copyright Orphan works Managing copyright 2 Data protection Introduction Some details about the UK’s data protection law Some definitions in UK data protection law The rights of data subjects Exemptions under the law Transfer of data out of the EEA 0 A reminder of the changes introduced by the GDPR Top tips Further reading 3 Freedom of information Introduction Some details of the UK law Exemptions to FoI The Information Commissioner’s Office (ICO) The overlap between FoI and data protection Top tips Further reading 4 Governance, audits and risk assessment Introduction Information governance frameworks Roles in information governance Governance committees or boards Senior Responsible Officer Compliance officers Audits Forward planning Top tips 5 Policies Introduction What should the policy contain? How does one ensure the policies work? Information policy examples Checklist for an information law policy 6 Procedures: copyright and related rights Introduction Intellectual property rights Library, information and knowledge services and intellectual property rights Orphan works Rights management means risk management Acceptable use policies and procedures Notice and take-down procedures Performances in libraries Top tips 7 Procedures: using and negotiating licences for access to information resources Introduction The electronic information industry The licences you will encounter What’s in a typical licence? Top tips when negotiating licences presented to you by third parties Further reading 8 Procedures: data protection and freedom of information Introduction Practical implementation of the law for library, information and knowledge workers Data protection officers (DPOs) Documenting processing activities Data breaches Data protection impact assessments Responding to requests and complaints Freedom of information Publication schemes Recognising and responding to FoI requests Codes of practice Top tips 9 Tools and templates Introduction Copyright and licensing agreements Copyright compliance and risk management Copyright, licensing and library management systems Digital asset management systems Privacy By design Data protection compliance assessment Information audits and documentation Privacy notices Privacy impact assessments Reporting personal data breaches Freedom of information publication schemes Dealing with freedom of information requests Top tips 10 Awareness and engagement Introduction Benefits of engaging with information law issues Training Role of games Train the trainer Training needs analysis Developing a long-lasting and integrated approach to information law awareness and engagement Top tips 11 Some speculations about the future Appendix 1 Carrying out an information asset audit Appendix 2 Sample IP policy Appendix 3 Sample data protection policy Appendix 4 Possible contractual terms for online access to database service Appendix 5 Data protection privacy notice template Bibliography Index

Read more less

Book SynopsisLibrary, information and knowledge professionals are often at the front line of managing and monitoring their organisation’s legal compliance and have roles and responsibilities in both complying with the law and taking advantage of its provisions. To do their jobs effectively, they need not only to understand the law, but also to develop the skills, confidence and organisational policy frameworks to apply the law’s principles to their context of use. They need the knowledge and skills to help them decide what is acceptable and to develop appropriate risk aware approaches when things are not clear-cut. Information Law: Compliance for librarians, information professionals and knowledge managers provides an overview of important information law issues along with tools and guidance to help readers establish a framework so that their organisation can both comply with its legal responsibilities and support a suitably risk aware environment which optimises access and use. Based on the authors’ many years in professional practice and on their proven ‘Compliance Methodology’, it will help readers understand the legal issues that are central to the information they hold or that they wish to access. Table of ContentsContents List of acronyms List of case studies List of figures and tables Introduction 1 Copyright and related rights Introduction What does copyright protect? Restricted acts Exceptions to copyright The new text and data mining exception Moral rights Database rights Performers’ rights Some problems arising from copyright Orphan works Managing copyright 2 Data protection Introduction Some details about the UK’s data protection law Some definitions in UK data protection law The rights of data subjects Exemptions under the law Transfer of data out of the EEA 0 A reminder of the changes introduced by the GDPR Top tips Further reading 3 Freedom of information Introduction Some details of the UK law Exemptions to FoI The Information Commissioner’s Office (ICO) The overlap between FoI and data protection Top tips Further reading 4 Governance, audits and risk assessment Introduction Information governance frameworks Roles in information governance Governance committees or boards Senior Responsible Officer Compliance officers Audits Forward planning Top tips 5 Policies Introduction What should the policy contain? How does one ensure the policies work? Information policy examples Checklist for an information law policy 6 Procedures: copyright and related rights Introduction Intellectual property rights Library, information and knowledge services and intellectual property rights Orphan works Rights management means risk management Acceptable use policies and procedures Notice and take-down procedures Performances in libraries Top tips 7 Procedures: using and negotiating licences for access to information resources Introduction The electronic information industry The licences you will encounter What’s in a typical licence? Top tips when negotiating licences presented to you by third parties Further reading 8 Procedures: data protection and freedom of information Introduction Practical implementation of the law for library, information and knowledge workers Data protection officers (DPOs) Documenting processing activities Data breaches Data protection impact assessments Responding to requests and complaints Freedom of information Publication schemes Recognising and responding to FoI requests Codes of practice Top tips 9 Tools and templates Introduction Copyright and licensing agreements Copyright compliance and risk management Copyright, licensing and library management systems Digital asset management systems Privacy By design Data protection compliance assessment Information audits and documentation Privacy notices Privacy impact assessments Reporting personal data breaches Freedom of information publication schemes Dealing with freedom of information requests Top tips 10 Awareness and engagement Introduction Benefits of engaging with information law issues Training Role of games Train the trainer Training needs analysis Developing a long-lasting and integrated approach to information law awareness and engagement Top tips 11 Some speculations about the future Appendix 1 Carrying out an information asset audit Appendix 2 Sample IP policy Appendix 3 Sample data protection policy Appendix 4 Possible contractual terms for online access to database service Appendix 5 Data protection privacy notice template Bibliography Index

Read more less

Book SynopsisThe Data Protection Toolkit, 2nd edition offers updated advice on how to keep your practice compliant with the EU General Data Protection Regulation (GDPR) and the Data Protection Act (DPA), which came into force in May 2018.

Read more less

Book SynopsisThrough critical analysis of case law in European and national courts, this book reveals the significant role courts play in the protection of privacy and personal data within the new technological environment. It addresses the pressing question from a public who are increasingly aware of their privacy rights in a world of continual technological advances - namely, what can I do if my data privacy rights are breached? The expert contributors examine the jurisprudence of the Court of Justice of the European Union, the case law of the European Court of Human Rights and decisions by national courts. Together, they explore how judiciaries balance privacy and data protection rights against other interests and investigate the influence European courts have on national judges. This book also probes the ways in which courts deal with strategic litigation aimed at law and policy reform and, in doing so, sheds light on the role and ability of courts to safeguard privacy and data protection rights. This topical resource will benefit both academics and students of law, particularly those interested in the protection of fundamental rights and freedoms. Both policy makers and legal professionals alike will benefit from the insight into the judicial decision-making activities concerning data protection.Contributors include: M. Brkan, C. Cuijpers, P. De Hert, C. Di Cocco, J. Eichenhofer, G. González Fuster, C. Gusy, M. Husovec, T. Kyriakou, O. Lynskey, T. Ojanen, E. Psychogiopoulou, G. SartorTrade Review'With the attention given in recent years to reform of the European legislative framework for privacy and data protection, the crucial role of the courts has sometimes been neglected. This important book fills this gap by providing authoritative and insightful commentary by a team of renowned scholars on the jurisprudence of European and national courts relating to privacy and data protection, particularly in the digital environment. It will be of great interest to anyone working in this field.' --Christopher Kuner, Brussels Privacy Hub, Belgium and editor-in-chief, International Data Privacy LawTable of ContentsContents: Foreword I. Introduction: Courts, Privacy and Data Protection in the Digital Environment Evangelia Psychogiopoulou and Maja Brkan 2. The Court of Justice of the EU, Privacy and Data Protection: Judge-made law as a leitmotif in fundamental rights protection Maja Brkan 3. The European Court of Human Rights, Privacy and Data Protection in the digital era Evangelia Psychogiopoulou 4. Courts, Privacy and Data protection in Belgium: Fundamental rights that might as well be struck from the Constitution Paul De Hert 5. Courts, privacy and data protection in Finland: Making privacy and data protection real with a little help from the courts Tuomas Ojanen 6. Courts, Privacy and Data Protection in Germany: Informational self-determination in the digital environment Johannes Eichenhofer and Christoph Gusy 7. Courts, Privacy and Data Protection in Greece: Systemic inconsistencies and incoherence in a rapidly changing landscape Tania Kyriakou 8. Courts, Privacy and Data Protection in Italy: Implied Constitutional Rights Claudio Di Cocco and Giovanni Sartor 9. Courts, Privacy and Data Protection in The Netherlands: European influence and trends in litigation Colette Cuijpers 10. Courts, Privacy and Data Protection in Slovakia: A Hesitant Guardian? Martin Husovec 11. Courts, Privacy and Data Protection in Spain: Experiencing data protection’s dominance Gloria González Fuster 12. Courts, privacy and data protection in the UK: Why two wrongs don’t make a right Orla Lynskey Index

Read more less

Book SynopsisVital to the effective functioning of voluntary organisations is the trust of people - the beneficiaries, clients, regulators, donors, volunteers and paid staff. Open, fair and well-managed data protection practice is not just desirable in helping to achieve that trust, but essential. Get it wrong and there is reputational damage and costs attached. Data Protection for voluntary organisations will enable you to set a shining example of best practice and also comply with UK data legislation and the General Data Protection Regulation (GDPR) in force since 2018. This book will help you: * Understand the key principles and elements of data protection * Recognise your main responsibilities as a data controller * Distinguish when you can and can't retain data * Appreciate what the rights of the data subject are Who is this book for? A must-read for anyone in the UK voluntary sector who wants to get beyond tick-box data management. Invaluable to data managers or those who handle personal information such as IT, personnel, marketing and fundraising departments. For professional advisers, and academics it will also offers a valuable summary drawing out key data protection points by examining and interpreting the primary legislation.Trade Review'I have worked with Paul for many years now and I have always appreciated his ability to share his enthusiasm for this complex subject and how it applies to our sector. Written in a very understandable and user-friendly way, this book is truly accessible.' Jeni Woods, Quality Manager, Grace Eyre Foundation --------------------------------‘A detailed and methodical approach to data protection. This comprehensive guide is an accessible source of information filled with valid and relevant examples. I found it a particularly great help in getting to grips with specific areas, such as consent and contracts.’ Kirsty Cunningham, Head of Fundraising, St Martin-in-the-Fields Charity‘------------------There are not many people within the charity sector who are specialists in data protection. Paul uses simple, straightforward language to cover all key aspects of this complex but vitally important subject. Brilliantly practical!’ Peter Dean, Director of Finance, Riding for the Disabled Association

Read more less

Book SynopsisDrawing on rich, empirical case studies this innovative book provides a contemporary and comprehensive exploration of the plural, dynamic and precarious processes, materials, practices, interventions and relationships on social network sites, and their resultant power effects, when copyright and data privacy rights are at stake.In pursuit of this objective, chapters develop a cutting-edge conceptual power lens that brings together Actor-Network theory and Foucauldian scholarship on power. Applying this analytical framework to the case studies of Facebook (data protection) and YouTube (copyright), Asma Vranaki draws critical attention to underexplored and novel matters in digital regulation. These matters include resistance; the materiality of regulation; complex, contingent, fragile and dynamic digital ‘regulatory spaces’; the contingency of power; law as a heterogenous ‘assemblage’; the unintended consequence of local orderings; and the links between power and spaces. Ultimately, the author demonstrates that power effects are highly localised, precarious and contingent outcomes of manifold, complex and fluid alliances between diverse humans and non-humans.Advancing various contentions on how social network sites can be successfully regulated, the empirical analyses and multi-disciplinary approaches in this book will prove invaluable to students, scholars and practitioners of law, particularly those interested in regulation, data protection and copyright in social network sites.Trade Review‘Lawyers are nowadays used to the idea that law needs to be studied in its context. This book’s major insight is that context is not merely the background to law, but rather that the web of power relationships between actors is the primary context which shapes the law and gives it meaning in action. Power is not reserved to lawmakers and platform owners – all actors have some degree of power. Thus we learn that YouTube’s copyright notice and takedown processes and its Content ID system are merely influenced by the content of law rather than determined by it, and that rights owners and content creators use these ‘legal’ structures in unexpected ways which give them new meanings. Similarly, data privacy on Facebook is not statically determined by legal texts such as laws and platform terms, but is a dynamic balance whose shifts are determined by power asserted by all players in the Facebook ecosystem. Vranaki’s use of Actor Network Theory and Foucault’s theories of power to analyse these phenomena is always illuminating, and few readers will finish this book without a new and deeper understanding of how law works.’ -- Chris Reed, Queen Mary University of London, UK‘Asma Vranaki dives into power relationships online, in particular social networks. She critically surveys cyberspace regulation literature, and suggests an improved theory. The core of the monograph studies empirically issues of Facebook on data protection, and YouTube on copyright. The monograph is wonderfully written, sharply analysed, and a joy to read.’ -- Arno R. Lodder, Vrije Universiteit, the NetherlandsTable of ContentsContents: 1. Introduction to Social network sites: Power, regulation and law 2. Regulating digital environments: From the Wild West to regulation to power 3. SNS as ‘assemblages’: Of power, relationality and resistance 4. YouTube, piracy and copyright: A socio-legal-technological tale 5. YouTube, copyright and power 6. Data privacy regulation on Facebook: A socio-legal-technological achievement 7. Investigating regimes of power on Facebook 8. SNS: Of regulation and power Bibliography Index

Read more less

Book SynopsisUsing a multi-disciplinary and comparative approach, this study examines emerging and innovative attempts to tackle privacy and legal issues in cloud computing such as personal data privacy, security and intellectual property protection.An international team of legal scholars, computer science researchers, regulators and practitioners present original and critical responses to the growing challenges posed by cloud computing. They analyze the specific legal implications pertaining to jurisdiction, biomedical practice and information ownership, as well as issues of regulatory control, competition and cross-border regulation.Law academics, practitioners and regulators will find this book to be a valuable, practical and accessible resource, as will computer science scholars interested in cloud computing issues.Contributors: H. Chang, A.S.Y. Cheung, A. Chiu, K.P. Chow, E.S. Dove, X. Fan, Y. Joly, T.S.-H. Kaan, B.M. Knoppers, J. Kong, G. Master, J.-P. Moiny, C. Reed, D.N. Staiger, G.Y. Tian, R.H. Weber, P.K. YuTrade Review'Experts from various countries have managed to create a handbook on the legal aspects of cloud computing, including problems of intellectual property laws, contractual issues, privacy and private international law. In addition, the book deals with the highly sensitive and controversial problems of biomedical and health data stored in and transferred via cloud systems. The chapters are comprehensive and written with a masterful hand by lawyers who are known throughout the world as leading information law experts.' --Thomas Hoeren, University of Muenster, Germany'Cloud computing provides the foundation for the myriad of network services that millions of Internet users rely upon every day. The cloud offers economic benefits to providers and convenience to users, but it also generates challenging new privacy and legal concerns that until now have been largely under-explored. Anne Cheung and Rolf Weber's exceptional book on cloud computing issues fills an important void, featuring a comprehensive, timely and engaging collection of works assessing the cloud from many legal perspectives. From privacy to copyright to jurisdiction, the book is a must-read for anyone exploring the intersection of law and cutting-edge technologies.' --Michael A. Geist, University of Ottawa, CanadaTable of ContentsContents: Preface Introduction: A Walk in the Clouds Anne S.Y. Cheung and Rolf H. Weber 1. Introduction to Cloud Computing and Security Issues Joe Kong, Xiaoxi Fan and K.P. Chow 2. Data Protection Regulation and Cloud Computing Henry Chang 3. Legal Safeguards for Cloud Computing Rolf H. Weber 4. Re-personalizing Personal Data in the Cloud Anne S.Y. Cheung 5. Cross-border Data Flow in the Cloud Between the EU and the US Dominic N. Staiger 6. Cloud and Jurisdiction: Mind the Borders Jean-Philippe Moiny 7. Information in the Cloud: Ownership, Control and Accountability Chris Reed 8. Cloud Computing and Copyright George Yijun Tian 9. Towards the Seamless Global Distribution of Cloud Content Peter K. Yu 10. Lost in Translation: Transforming Healthcare Information for the Digital and Cloud Domains Terry Sheung-Hung Kaan 11. International Genomic Cloud Computing: ‘Mining’ the Terms of Service Edward S. Dove, Yann Joly and Bartha M. Knoppers 12. Practical Aspects of Licensing in the Cloud Alan Chiu and Geofrey Master Index

Read more less

Book SynopsisData not only represent an integral part of the identity of a person, they also represent, together with other essentials, an integral part of the identity of a state. Keeping control over such data is equally important for both an individual and for a state to retain their sovereign existence. This thought-provoking book elaborates on the assumption that information privacy is, in its essence, comparable to information sovereignty. This seemingly rudimentary observation serves as the basis for an analysis of various information instruments in domestic and international law. Information Sovereignty combines a philosophical and methodological analysis of the phenomena of information, sovereignty and privacy. Providing insights into previously unexplored parallels between information privacy and information sovereignty, it examines cross-border discovery, cybersecurity and cyber-defence operations, and legal regimes for cross-border data transfers, encompassing practical discussions from a fresh perspective. In addition, it offers an accessible overview of complex theoretical matters in the domain of Internet legal theory and international law and, crucially, a method to resolve situations where informational domains of individuals and/or states collide. This pioneering state-of the-art assessment of information law and legal theory is a vital resource for students, academics, policy-makers and practitioners alike, seeking a guide to the phenomena of information, sovereignty and privacy.Trade Review'This book deals with a crucial question not only for information law, but for law in general, namely how the concept of sovereignty should apply to flows of digital information in a globalized world. The authors have re-thought questions of jurisdiction and applicable law for the Internet age in a way that is at the same time learned, imaginative, entertaining, and illuminating.' --Christopher Kuner, VUB Brussel, Belgium and editor-in-chief, International Data Privacy Law'A provocative, well-argued and entertaining critique of jurisdictional dogmas. With pragmatism and creative flair, and with an eye to the informational realities of our age, the authors show why and how legal regulatory policy must be decoupled from its obsession with territoriality as the primary basis for asserting jurisdiction.' --Lee Andrew Bygrave, University of Oslo, NorwayTable of ContentsContents: Foreword by Vera Jourová, European Commissioner for Justice, Consumers and Gender Equality 1. Introduction 2. Potemkin’s laws 3. International information sovereignty 4. Private information sovereignty 5. The legal culture of the horse 6. A possible method for solving sovereignty clashes 7. Cybersecurity for hedgehogs 8. Law enforcement for hedgehogs 9. Cross-border data transfers for hedgehogs 10. Conclusions Bibliography Index

Read more less

Book SynopsisSince 25 May 2018 the General Data Protection Regulation 2016/679 (GDPR) has applied, representing a significant overhaul of data protection law in the European Union. Although it was drafted and passed by the European Union, the GDPR imposes obligations onto organisations anywhere, so long as they collect or target data relating to people in the EU. It is one of the toughest privacy and security laws in the world and harsh fines are levied against those who violate its privacy and security standards. This commentary provides a detailed examination of the individual articles of the GDPR and is an essential resource aimed at helping legal practitioners prepare for compliance. The second edition includes guidelines on the interpretation of the GDPR published by the European Data Protection Board as well as new case law by the Court of Justice of the European Union. This revised and updated edition includes: •a general introduction to data protection law; •full text of the GDPR’s articles and recitals; •article-by-article commentary explaining the individual provisions and elements of each article. In addition to lawyers and in-house counsel, this book is also suitable for law professors and students, and offers comprehensive coverage of this increasingly important area of data protection legislation.Table of ContentsList of abbreviations 9 List of Recitals of the General Data Protection Regulation 11 Introduction to the General Data Protection Regulation 13 1. Introduction 13 2. The most important compliance steps to be implemented 13 3. Basic terms of the GDPR 14 4. The scope of the GDPR 15 4.1 Material scope – what processing activities are covered? .............. 15 4.2 Personal scope – who does the GDPR apply to? ........................ 15 4.3 Territorial scope – where does the GDPR apply? ...................... 16 5. The relationship with national data protection laws 16 6. The principles relating to the processing of personal data 18 7. Legal basis requirement for any data processing activity 19 7.1 Available legal bases ................. 19 7.2 Requirements for valid consent ............................ 20 8. Information obligations and privacy notices 22 9. Rights of the data subject 24 10. Profiling and automated individual decision-making 25 11. Data protection compliance programme 26 11.1 Organisational measures including data protection strategies ................................ 26 11.2 Technical measures including privacy by design and by default ............................... 26 12. Maintaining a record of processing activities 27 13. Data protection impact assessment and consultation obligation with supervisory authority 28 14. Data protection officer 29 15. Data security 30 15.1 Mandatory data security measures ................................. 30 15.2 Obligation to notify personal data breaches .......................... 31 16. Mandatory arrangements between joint controllers 33 17. Obligations in case of outsourcing 33 18. International data transfers 34 18.1 Transfers not subject to notification or approval ......... 35 18.2 Transfers subject to notification ............................. 36 18.3 Transfers subject to approval .. 36 19. International jurisdiction of supervisory authorities 37 20. Administrative fines and other sanctions 38 21. Civil liability and private enforcement 40 Text of the General Data Protection Regulation and commentary 41 Chapter I – General provisions 43 Article 1 Subject-matter and objectives ........................ 43 Article 2 Material scope ................. 47 Article 3 Territorial scope .............. 51 Article 4 Definitions ...................... 56 Chapter II – Principles 75 Article 5 Principles relating to processing of personal data ................... 75 Article 6 Lawfulness of processing ....................... 81 Article 7 Conditions for consent ... 90 Article 8 Conditions applicable to child’s consent in relation to information society services ................ 93 Article 9 Processing of special categories of personal data ................... 96 Article 10 Processing of personal data relating to criminal convictions and offences .................. 102 Article 11 Processing which does not require identification ................ 103 Chapter III – Rights of the data subject 105 Section 1 – Transparency and modalities 105 Article 12 Transparent information, communication and modalities for the exercise of the rights of the data subject ................... 105 Section 2 – Information and access to personal data 109 Article 13 Information to be provided where personal data are collected from the data subject .... 109 Article 14 Information to be provided where personal data have not been obtained from the data subject ................... 115 Article 15 Right of access by the data subject ................... 120 Section 3 – Rectification and erasure 123 Article 16 Right to rectification ..... 123 Article 17 Right to erasure (‘right to be forgotten’) ..................... 124 Article 18 Right to restriction of processing ................. 128 Article 19 Notification obligation regarding rectification or erasure of personal data or restriction of processing ..................... 130 Article 20 Right to data portability ..................... 131 Section 4 – Right to object and automated individual decision-making 135 Article 21 Right to object .............. 135 Article 22 Automated individual decision-making, including profiling ....... 138 Section 5 – Restrictions 142 Article 23 Restrictions ................... 142 Chapter IV – Controller and processor 145 Section 1 – General obligations 145 Article 24 Responsibility of the controller ...................... 145 Article 25 Data protection by design and by default .............. 149 Article 26 Joint controllers ............ 152 Article 27 Representatives of controllers or processors not established in the Union ........................... 154 Article 28 Processor ....................... 157 Article 29 Processing under the authority of the controller or processer .................. 162 Article 30 Records of processing activities ....................... 163 Article 31 Cooperation with the supervisory authority ... 166 Section 2 – Security of personal data _ 167 Article 32 Security of processing ... 167 Article 33 Notification of a personal data breach to the supervisory authority ... 171 Article 34 Communication of a personal data breach to the data subject ............ 174 Section 3 – Data protection impact assessment and prior consultation 177 Article 35 Data protection impact assessment .................... 177 Article 36 Prior consultation ......... 185 Section 4 – Data protection officer 188 Article 37 Designation of the data protection officer .......... 188 Article 38 Position of the data protection officer .......... 194 Article 39 Tasks of the data protection officer ........................... 197 Section 5 – Codes of conduct and certification 199 Article 40 Codes of conduct ......... 199 Article 41 Monitoring of approved codes of conduct .......... 202 Article 42 Certification ................. 204 Article 43 Certification bodies ...... 206 Chapter V – Transfers of personal data to third countries or international organisations 209 Article 44 General principle for transfers ........................ 209 Article 45 Transfers on the basis of an adequacy decision ........................ 211 Article 46 Transfers subject to appropriate safeguards ..................... 216 Article 47 Binding corporate rules .............................. 221 Article 48 Transfers or disclosures not authorised by Union law ..................... 224 Article 49 Derogations for specific situations ...................... 225 Article 50 International cooperation for the protection of personal data ................ 230 Chapter VI – Independent supervisory authorities 231 Section 1 – Independent status 231 Article 51 Supervisory authority ... 231 Article 52 Independence ............... 233 Article 53 General conditions for the members of the supervisory authority ...................... 235 Article 54 Rules on the establishment of the supervisory authority ...................... 236 Section 2 – Competence, tasks and powers 237 Article 55 Competence ................. 237 Article 56 Competence of the lead supervisory authority ...................... 239 Article 57 Tasks ............................. 246 Article 58 Powers .......................... 249 Article 59 Activity reports ............. 252 Chapter VII – Cooperation and consistency 253 Section 1 – Cooperation 253 Article 60 Cooperation between the lead supervisory authority and the other supervisory authorities concerned ... 253 Article 61 Mutual assistance ......... 257 Article 62 Joint operations of supervisory authorities .................... 259 Section 2 – Consistency 261 Article 63 Consistency mechanism ................... 261 Article 64 Opinion of the Board ............................ 262 Article 65 Dispute resolution by the Board ...................... 265 Article 66 Urgency procedure ....... 269 Article 67 Exchange of information .................. 271 Section 3 – European Data Protection Board 272 Article 68 European Data Protection Board ........... 272 Article 69 Independence ............... 273 Article 70 Tasks of the Board ......... 274 Article 71 Reports ......................... 277 Article 72 Procedure ..................... 278 Article 73 Chair ............................ 279 Article 74 Tasks of the Chair ......... 280 Article 75 Secretariat ..................... 281 Article 76 Confidentiality ............. 282 Chapter VIII – Remedies, liability and penalties 283 Article 77 Right to lodge a complaint with a supervisory authority ... 283 Article 78 Right to an effective judicial remedy against a supervisory authority ...................... 285 Article 79 Right to an effective judicial remedy against a controller or processor ...................... 287 Article 80 Representation of data subjects ................. 289 Article 81 Suspension of proceedings .................. 291 Article 82 Right to compensation and liability .................. 293 Article 83 General conditions for imposing administrative fines ................................ 296 Article 84 Penalties ........................ 303 Chapter IX – Provisions relating to specific processing situations 305 Article 85 Processing and freedom of expression and information .................. 305 Article 86 Processing and public access to official documents .................... 307 Article 87 Processing of the national identification number ......................... 309 Article 88 Processing in the context of employment ............. 310 Article 89 Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes ....................... 312 Article 90 Obligations of secrecy .......................... 317 Article 91 Existing data protection rules of churches and religious associations .... 318 Chapter X – Delegated acts and implementing acts 319 Article 92 Exercise of the delegation ..................... 319 Article 93 Committee procedure ..................... 324 Chapter XI – Final provisions 325 Article 94 Repeal of Directive 95/46/EC ...................... 325 Article 95 Relationship with Directive 2002/58/EC ... 327 Article 96 Relationship with previously concluded Agreements ................... 328 Article 97 Commission reports ..... 329 Article 98 Review of other Union legal acts on data protection ..................... 330 Article 99 Entry into force and application ................... 331 Keyword index 333 About the authors 341

Read more less

Book SynopsisThe legal issues surrounding the online distribution of content have recently gained prominence due to the European Commission's commitment to the Digital Single Market (DSM). This book is one of the first to provide highly topical analysis of the key legal challenges surrounding the online distribution of content, with particular focus on intellectual property rights, competition law and the regulation of new technologies.Central to the book is the question of whether the Commission's proposed legislative solutions will lead to a more coherent, or more fragmented, legal framework at both EU and member state level. Experts within the field assess how current legislation can be effectively applied and look ahead to examine how potential issues raised by emerging technologies, and the need to develop the online content market beyond the DSM proposal, can be anticipated and addressed.Providing a well-rounded view of the subject, this book will be of interest to scholars working within copyright, competition, and consumer law as well as those researching the development of the internal market more widely. Practising lawyers and in-house counsel who work on licensing and distribution agreements within Europe will also benefit from the analysis of new DSM legislation and associated case studies.Contributors include: A. Alén-Savikko, R.M. Ballardini, M.C. Gamito, K. Havu, K. He, O. Honkkila, M. Kivistö, T. Knapstad, G. Mazziotti, D. Mendis, P. Mezei, V. Moscon, M. Oker-Blom, T. Pihlajarinne, T. Roos, J. Vesala, K. Weckström LindroosTrade Review'This book presents a unique and comprehensive perspective on online content distribution in the Digital Single Market (DSM). It goes beyond the current copyright debates and includes a highly relevant discussion on emerging technologies such as 3D design and AI generated content. It is necessary reading for anyone who is following the efforts in the European Union to adopt a Directive in this field.' --Niklas Bruun, IPR University Center, FinlandTable of ContentsContents: PART I – INTRODUCTION 1. Introduction Taina Pihlajarinne, Juha Vesala, Olli Honkkila PART II - COPYRIGHT AND ONLINE DISTRIBUTION – ON A PATH TO FRAGMENTATION? 2. The DSM Directive: A package (too) full of policies Martti Kivistö 3. Linking and copyright – a problem solvable by functional-technical concepts? Taina Pihlajarinne 4. Neighbouring rights: in search of a dogmatic foundation. The press publishers’ case. Valentina Moscon 5. Meet the Unavoidable - The Challenges of Digital Second-Hand Marketplaces to the Doctrine of Exhaustion Péter Mezei 6. Extended collective licensing and online distribution - prospects for extending the Nordic solution to the digital realm Anette Alén-Savikko and Tone Knapstad 7. Liability and access to contact information: striking the balance when service is used to distribute copyrighted digital content Katja Weckström Lindroos PART III EMERGING TECHNOLOGIES FOR ONLINE DISTRIBUTION – MORE FRAGMENTATION IN THE FUTURE? 8. AI-generated content: authorship and inventorship in the age of artificial intelligence Rosa Maria Ballardini, Kan He and Teemu Roos 9. Winds of change: conceptualising copyright law in a world of 3D models and 3D design files – a perspective from the UK Dinusha Mendis 10. Different aspects of trade mark confusion with respect to distribution of CAD files in the era of 3D printing Taina Pihlajarinne and Max Oker-Blom PART IV - DIGITAL SINGLE MARKET, COMPETITION AND REGULATION 11. Digital single market, digital content and consumer protection – critical reflections Katri Havu 12. Allowing online content to cross borders: is Europe really paving the way for a ‘digital single market’? Giuseppe Mazziotti 13. Achieving a Digital Single Market for online distribution of content: when would extending the Geo-blocking Regulation be justified Juha Vesala 14. Protecting domestic online content distribution in the EU: The impact of geo-blocking and open Internet rules on non-EU over-the-top players Marta Cantero 15. The Internet access provider’s commercial practices under the EU rules on open Internet Olli Honkkila PART V – CONCLUDING REMARKS 16. Concluding remarks Taina Pihlajarinne, Juha Vesala and Olli Honkkila Index

Read more less

Book SynopsisThis fresh and insightful Research Handbook delivers global perspectives on information law and governance, delving into principles of information law in the areas of trade secrecy, privacy, data protection and cybersecurity.Providing US, Japanese and European perspectives, this Research Handbook presents an overview of legal regimes concerning the protection of information, with a particular focus on trade secrecy protection. Top international contributors offer analyses of general principles of information law, rights in data, the tension between trade secrecy and the freedom of information and the cross-fertilisation between national and regional data protection regimes.Presenting an interdisciplinary and holistic approach to information law and governance, this innovative Research Handbook will be useful to those researching trade secrets, privacy and data security laws. The broad range of perspectives will also appeal to attorneys and information professionals who are engaged in information governance activities on behalf of their clients or employers.Trade Review‘While the breath is impressive, the true value of this book is found in the doctrinal chapters, authored by leading experts with clarity, depth and attention to detail. The Handbook is undoubtedly a good resource for anyone interested in the foundational tenets of many areas of information law.’ -- Ann Kristin Glenster, The Cambridge Law Review‘This is a must read for anyone with a keen awareness of the need for a new look at information law and governance. The book as a whole reviews information law from a holistic perspective beyond the traditional realms such as intellectual property, trade secrets, privacy and cybersecurity, providing an excellent coverage of the issues brought forth by accelerated digitalization and interconnectivity in today’s society.’ -- Masabumi Suzuki, Nagoya University, Japan'This approachable title provides essential perspectives on the governance of valuable undisclosed information and data. Written by international experts, the book provides useful insights into complex questions of trade secrets, privacy and cybersecurity law. Their diverse approach to the topic highlights the multifaceted nature of protection of valuable information, underlining the necessity for balance, in times when everything may be digitalized and claimed to be owned.' -- Nari Lee, Hanken School of Economics, FinlandTable of ContentsContents: Introduction ix PART I GENERAL PERSPECTIVES 1 Cyberlaw will die and we will kill it 2 Ira Steven Nathenson 2 Confidentiality creep and opportunistic privacy 28 David S. Levine 3 Disclosure 48 Sharon K. Sandeen PART II EXCLUSIVE RIGHTS IN DATA: THE STATUS QUO AND THE WAY FORWARD 4 Exclusivity in data: How to best combine the patchwork of applicable European legal instruments 69 Herbert Zech 5 Data(base) rights? – misappropriation, property, and tales of trials and tribulations 77 Guido Westkamp 6 Big data in Japan: Copyright, trade secret and new regime in 2018 108 Tatsuhiro Ueno 7 Liability for the loss of data 121 Anette Gärtner PART III TRADE SECRECY LAW: EU, US AND GLOBAL PERSPECTIVES 8 The emergence of a global standard for reasonable efforts? 135 Christoph Rademacher 9 Employer’s liability for trade secret infringement 154 Gintarė Surblytė-Namavičienė 10 The limits of trade secret protection in the EU 174 Tanya Aplin 11 Freedom of the media and trade secrets in Europe 195 Ulla-Maija Mylly 12 The DTSA and trade secret extraterritoriality 217 Elizabeth A. Rowe and Giulia C. Farrior 13 Jurisdiction and choice of law in trade secrets cases: the EU perspective 234 Ansgar Ohly PART IV DATA PROTECTION, PRIVACY AND CYBERSECURITY 14 Data privacy in Europe and its reception under Japanese law 259 Henrike Weiden and Kensaku Takase 15 The right to explanation, explained 278 Margot E. Kaminski 16 An introduction to the California Consumer Privacy Act (CCPA) 300 Eric Goldman 17 Legislative developments on cybersecurity in the EU in the age of artificial intelligence 309 Faye Fangfei Wang Index

Read more less

Book SynopsisElgar Advanced Introductions are stimulating and thoughtful introductions to major fields in the social sciences and law, expertly written by the world's leading scholars. Designed to be accessible yet rigorous, they offer concise and lucid surveys of the substantive and policy issues associated with discrete subject areas. Presenting a concise, yet wide-ranging and contemporary overview of the field, this Advanced Introduction to Privacy Law focuses on how we arrived at our privacy laws, and how the law can deal with new and emerging challenges from digital technologies, social networks and public health crises. This illuminating and interdisciplinary book demonstrates how the history of privacy law has been one of constant adaptation to emerging challenges, illustrating the primacy of the right to privacy amidst a changing social and cultural landscape. Key features include: Incisive analysis of the meaning and value of privacy and the ways in which legal, social and economic institutions respond to our understanding of privacy in contemporary society A uniquely concise, contextual approach to privacy law, examining privacy as a constantly evolving social phenomenon and the legal implications of its mutability Historical and comparative insights into privacy and data protection laws across the common law world. This richly detailed book is an informative and thought-provoking resource for students, academics and practitioners of privacy and data protection law. Its interdisciplinary insights will also appeal to those working in legal history, media and cultural studies, economics and political science.Trade Review'Megan Richardson's work on privacy is evangelical. It explains the origins and teaching of privacy and navigates wisely between hope and despair with respect to privacy in this age of Surveillance Capitalism. This well written gospel (or ''good news'') of privacy law will not only inform the mind, but more importantly, inspire vibrant spiritual adherence to this unique construct of the human species.' --Paul de Hert, Brussels University-Tilburg, Belgium'Megan Richardson's superb new book Advanced Introduction to Privacy Law provides an overview of privacy law that is concisely written yet broad in its scope, accessible to non-experts yet rich in its insights. Focusing on the Anglo-American legal tradition but drawing upon its interactions with EU law and other jurisdictions, Richardson masterfully steers readers through the historical roots and multiple strands of privacy law to the challenges of the contemporary digital world. I will definitely be recommending this book to students, colleagues, and privacy professionals alike.' --Lisa Austin, University of Toronto, Canada'This Advanced Introduction to Privacy Law is an exceptional book. Clearly written and accessible, it provides a detailed and nuanced account of the key theoretical and legal issues at the heart of contemporary debates about privacy. This book makes a substantial contribution to the field and is essential reading for anyone interested in the future of privacy.' --Benjamin Goold, University of British Columbia, CanadaTable of ContentsContents: Preface 1. Introduction 2. Meaning and value of privacy 3. Regulating for privacy 4. Privacy law in transition 5. Changing the paradigm Appendix: Rights to privacy/private life in human rights texts Select Bibliography Index

Read more less