European Parliament Library

Privacy and data protection in software services, Roberto Senigaglia, Claudia Irti, Alessandro Bernes, editors

Privacy and data protection in software services, Roberto Senigaglia, Claudia Irti, Alessandro Bernes, editors
no index present
Literary Form
non fiction
Main title
Privacy and data protection in software services
Nature of contents
Responsibility statement
Roberto Senigaglia, Claudia Irti, Alessandro Bernes, editors
Series statement
Services and Business Process Reengineering
Table Of Contents
Intro -- Foreword -- About This Book -- Contents -- Editors and Contributors -- Problems -- Transparency of Digital Providers and Digital Divide -- 1 Towards the Consolidation of the Single European Market -- 2 A New Liability Regime: From the Model of Dir. 2000/31/CE to Date -- 3 Transparency in the Digital Providers' Activity -- 3.1 Transparency in the GDPR -- 3.2 The Transparency of the Digital Services Act -- 4 The Web User as a Consumer -- 5 Conclusions -- References -- Authorities and Private Companies in Regulating Software Technologies -- 1 From the Public Control of the Data to the Regulation of Its Flow -- 2 Personal Data Flow and Qualification of the Underlying Relationship -- 3 The Contract and the Definition of the Models -- 4 The Data Market Affected by the Regulation -- References -- Liability and Accountability in the 'Digital' Relationships -- 1 The Complexity of the Liability Regulation Within the Digital Relationships in the EU Law and the Domestic Law -- 2 The Liability of the Data Controller and the Principle of Accountability. Article 82 of the GDPR -- 3 The Nature of Responsibility Under Art. 82 GDPR -- References -- Social Media, Mobile Apps and Children Protection -- 1 The Role of the 'Environment' for Child Development -- 2 The Contribution of Education -- 3 Hard Law and Soft Law -- 4 Protecting Children in the Digital Age -- 5 Child Vulnerability in the Digital World -- 6 Cyberbullying and Digital Contents -- 7 The EU's Audiovisual Media Services Directive -- 8 Concluding Remarks -- References -- Perspectives -- Personal Data, Non-personal Data, Anonymised Data, Pseudonymised Data, De-identified Data -- 1 Personal Data, Non-personal Data -- 2 Anonymised Data -- 3 Pseudonymised Data, De-identified Data -- References -- Personal Data as Counter-Performance -- 1 Introduction2 The Development of the Notion of Personal Data and the Requirements for Their Processing -- 3 The Circulation of Personal Data from the Perspective of the Law of Obligations -- 3.1 Personal Data as Counter-Performance and the Notion of Price -- 3.2 The Role of the Consent to the Processing of Personal Data -- 3.3 Personal Data as Counter-Performance and Coordination with Directive 2011/83/EU on Consumer Rights and with Directive 2005/29/EC on Unfair Commercial Practices -- 3.4 The Withdrawal of Consent to the Processing of Personal Data: Effects on the Contract for the Supply of Digital Content and Digital Services and the Problematic Coordination with the Directive 2011/83/EU on Consumer Rights -- 4 Concluding Remarks -- References -- Cookies and the Passive Role of the Data Subject -- 1 Technological Features and Legal Regulation of Cookies -- 2 The Problem of Consent to Cookies -- 3 Technological and Legal Future of Cookies -- References -- Data Management Tools and Privacy by Design and by Default -- 1 Data Management Tools (DMTs) and Main Legal Issues on Data Protection Law -- 2 Privacy by Design and by Default. Privacy Design Pattern and Privacy Dashboard -- 3 Application Issues -- 3.1 Excessive Vagueness of the Obligation and Difficult Identification of Contents -- 3.2 Doubts on the Existence of the 'Hardcoding' Obligation -- 3.3 On the Appropriateness Criteria of the Measures -- 3.4 On the Recipients of the Obligation -- 4 A Look Forward: European Data Governance -- References -- Reconciling Data Protection and Cybersecurity: An Operational Approach for Business Sector -- 1 The Legal Framework. A Business Perspective -- 2 Datasets: Data Minimisation, Storage Limitation, and Confidentiality -- 3 Risk Assessment and Security Management -- 4 Reporting Obligations -- 5 Business Continuity, Disaster Recovery, and Resilience -- 6 ConclusionsReferences -- Copyright and Data Protection -- 1 Objects of Exploration -- 1.1 Protection Granted to Software -- 1.2 Protection Granted to Data -- 2 Personal and Non-personal Data, Data Protection and Copyright -- 2.1 Personal Data 'Per se' and Copyright -- 2.2 Copy of Personal Data and Copyright -- 2.3 Copy of Personal Data and Copyright Protection of Software -- 2.4 Copy of Personal Data, Sui Generis Database Protection and Copyright -- 2.5 Right of Rectification and Copyright -- 3 Processing of Data, Data Analytics and Machine Learning -- 3.1 Data Mining for Training the Algorithmic Process -- 3.2 Data Generated Works Performed by the Algorithmic Process -- References -- Applicable Solutions -- eHealth and Data -- 1 eHealth and the Development of Multiple Technological Solutions to Improve Health and Medical Care -- 2 Health Data and Their Necessary Qualification in Practice -- 3 Lawfulness of the Processing of Health Data and Mitigation of the Participatory Dimension of the Data Subject -- 4 The Rights of the Data Subject Relating to the Control of the Flow of Health Data: In Particular, the Right of Access to Data Relating to His State of Health -- 4.1 A Unique Form of Access to Data: The Electronic Health File Is One of the Mainstays of eHealth -- 4.2 The Main Problematic Issues of the ESF. The Central Role of Metadata in the Effective Interoperability of ESF -- 4.3 The Implementation of the Operability of the ESF and the Mitigation of the Limitation of the Right to Data Portability. The Right to Erasure: Limitations. The Impact of the Right to Request for Obscuration of Health Data on the Right to Erasure -- 5 The Role Played by Artificial Intelligence on the Processing of Personal Data. Problematic Aspects5.1 The Legal Basis of the Processing by Artificial Intelligence in the Case of Support to the Healthcare Professional and in the Case of Automated Processing of Health Data -- 5.2 The Silence of the Legislator, Either European or National, on the Delicate Issue of the Automated Processing of Health Data by Artificial Intelligence. The Re-use of Health Data by an Intelligent Health System. The Adoption of Specific Measures to Guarantee the Data Subject in the Case of Health Care and Development of Scientific Research. The Confirmation of the Centrality and Delicate Role of the Interpreter Who Will Have to Balance the Needs of Privacy and Data Protection with the Prevai -- References -- Location Data and Privacy -- 1 About Location Data -- 2 European Framework -- 3 Some Selected Cases -- 3.1 Location of Employees -- 3.2 Smart Vehicles -- 3.3 Contact Tracing -- References -- Rise and Fall of Tracing Apps -- 1 Introduction -- 2 The Complexity of Legal Transplants -- 3 Technical Inadequacies -- 4 Digital Divide -- 5 Organizational Failures -- 6 The GDPR Totem -- 7 The Issue of Public Trust -- 8 Some Lessons for the Future -- References -- Privacy, Software and Insurance -- 1 Definitions -- 2 Software in Distribution: Profiling Clients, Checklists, and Compliance -- 3 Software to Reduce Risk and Monitor Claims -- 4 Key Points on GDPR and Insurance -- References -- IoT and Privacy -- 1 IoT in the Current Digital Society -- 2 Data Flow in IoT -- 3 The Application Limits of the GDPR -- 4 Privacy by Design and Security by Design in IoT -- 5 Conclusions -- References -- Blockchain and Privacy -- 1 Blockchain and Data Protection: A Twofold Relation -- 2 Blockchain and Data Exposure -- 3 The Problematic Regulation of Blockchains and the Example of Smart Contracts -- 4 Rules and Principles on Privacy Matters and the Blockchain: The Case of EU Data Protection Laws5 Conclusions -- References -- Enhancing Transparency of Data Processing and Data Subject's Rights Through Technical Tools: The PIMS and PDS Solution -- 1 Increasing User Awareness in the Era of Datafication -- 2 A Matter of Transparency: the PIMS Technical Standard -- 3 A Matter of 'Design': How to Choose Transparency Enhancing Tools -- 4 PDS: A Winning Model? -- 5 Transparency as a 'Tool' for the Democratic Regulation of Technology -- References -- Explainability Due Process: Legal Guidelines for AI-Based Business Decisions -- 1 Introduction -- 2 Article 22(1) and (2) GDPR: Scope of Application and Exceptions -- 3 Article 22(3) GDPR: Suitable Safeguards and the Right to a Two-Phase Explanation -- 4 Pre-Claim Explanatory Duties -- 5 Post-Claim Explanatory Duties -- References
Other version