Skip to content
  • «
  • 1
  • »

The search returned 6 results.


T-557/20 Single Resolution Board v EDPB: On the Interpretation of Identifiability journal article

Shweta Reddy Degalahal

European Data Protection Law Review, Volume 9 (2023), Issue 3, Page 378 - 382

Case T-557/20 Single Resolution Board v European Data Protection Supervisor (ECLI:EU:T:2023:219) Based on existing case law, the General Court provides guidance on the examination of the concept of identifiability for the definition of personal data under Article 3(1) of Regulation 2018/17251. The Court has provided clarity with respect to determining the possibility of re-identification of pseudonymised data that has been transferred to a third party with no access to the code key. The possibility of re-identification has to be determined from the perspective of the party that doesn’t have the code key and to whom the data has been transferred to by the data controller.


Trade in Personal Data: journal article

Extending International Legal Mechanisms to Facilitate Transnational Trade in Personal Data?

Leon Trakman, Robert Walters, Bruno Zeller

European Data Protection Law Review, Volume 6 (2020), Issue 2, Page 243 - 258

The transnational trade in personal data, while emerging as a valuable economic activity, poses many challenges for regulators and organizations. One of the major challenges is the fragmented and ad hoc approach taken by countries, and the European Union, in their data protection laws. This has led to data protection laws varying greatly from jurisdiction to jurisdiction. This paper will explore alternative legal mechanisms that might be available in the international arena to assist in the control and regulation of trade in personal data. The starting point is to review the use of different approaches that are adopted in intellectual property and copyright law to address this issue. Another vantage point is to espouse a contractual approach, which arguably is most achievable because the general principles governing contractual obligations are similar in most jurisdictions. This paper will argue that the Convention on the International Sale of Goods (CISG), can provide an alternative legal mechanism that can effectively help to regulate the cross-border trade in personal data. The paper will highlight how the CISG can be attractive as a practical legal mechanism for managing the sale of personal data through transnational contracts and by relying on copyright law. Applying the CISG provides individuals and entities with another legal mechanism that they can use effectively, not only to provide a level of control over personal data, but more importantly, to help facilitate trade in personal data. However, before concluding that the CISG is an effective legal mechanism, it will be important to determine whether personal data can be categorized as a good. It is our view that, in response to this challenge, personal data can be the subject of a sale of goods, and therefore can be subject to the application of the CISG. Keywords: CISG, copyright, intellectual property, personal data



Regulating the Dynamic Concept of Non-Personal Data in the EU: journal article

From Ownership to Portability

Laura Somaini

European Data Protection Law Review, Volume 6 (2020), Issue 1, Page 84 - 93

The article explores the dynamic concept of non-personal data and the regulatory approaches within the EU legal framework. De lege lata, this article critically assesses the issues arising from Regulation (EU) 2018/1807 on the framework on the free flow of non-personal data, focusing on the definition of non-personal data and the data porting principle. While the legislator’s shift from ownership to control is endorsed, the relevance of a framework targeting solely non-personal data is questioned in light of data protection concerns. De lege ferenda, this article submits that a comprehensive approach should broadly consider overcoming binary data categorisations. For the purposes of the FFD Regulation’s evaluation, evidence-based reflections are suggested. Keywords: non-personal data; free flow of data; GDPR; data portability; data ownership


Tort and Data Protection Law: journal article

Are There Any Lessons to Be Learnt?

Leon Trakman, Robert Walters, Bruno Zeller

European Data Protection Law Review, Volume 5 (2019), Issue 4, Page 500 - 519

The development and evolution of data protection law is not fully realised. One challenge that has emerged is the recognition of a tort for violating a person’s personal information contrary to data protection law. The issue is that courts have found it difficult to determine and assess the harm caused to the data subject. The courts in the United Kingdom (UK) and Canada have recently developed a tort for infringing privacy in personal data. What has emerged is that courts in those two countries have begun to establish some key principles to underpin a tort violating privacy, by providing guidance on measuring the ensuing harm. That tort is also developing in the United States. This article argues that other common law jurisdictions, notably Australia, should consider going down the same pathway, by establishing a privacy tort over the Internet. Such a tort in data protection will provide a higher level of control to data subjects over their personal data and deter entities from misusing that data. However, that tort may fail to protect data subjects from the misuse of their personal data if the law requires harm to eventuate, as is required by the tradition tort of privacy. This must be considered with caution because, unlike traditional notions of a tort in privacy, a privacy violation of over the Internet may take weeks, months or years to identify. Contrarily, tort law has been effective in reducing and deterring negligence in privacy related cases, strengthening the rationale for a tort in personal data over the Internet. Keywords: Australia, Data Protection, European Union, Personal Data, Tort, United Kingdom

  • «
  • 1
  • »