Weiter zum Inhalt

Die Suche erzielte 34 Treffer.

Immigration Exemption and the European Convention on Human Rights Journal Artikel

Matthew White

European Data Protection Law Review, Jahrgang 5 (2019), Ausgabe 1, Seite 26 - 42

The European Union has introduced the General Data Protection Regulation to reform and update data protection laws across Member States. To comply, the United Kingdom has introduced the Data Protection Act 2018. This article focuses on one schedule of the new Act, a data protection exemption for effective immigration control purposes. Considering that the UK Parliament has not implemented the Charter of Fundamental Rights into domestic law post-Brexit, it is therefore necessary to consider this exemption under the European Convention on Human Rights. Recital 73 of the Regulation requires any restrictions on the protection of personal data to be compatible with the Convention. In concluding that the exemption is incompatible with the Convention, this will highlight that not only would the UK be failing their existing human rights obligations but also raises concerns about the UK’s adequacy status as a third country post-Brexit. Keywords: Immigration, Exemptions, Article 8 ECHR, Effective Remedy, Discrimination


The Protection of Data Concerning Health in Europe Journal Artikel

Trix Mulder

European Data Protection Law Review, Jahrgang 5 (2019), Ausgabe 2, Seite 209 - 220

More and more, medical practitioners use modern technologies such as apps and wearables in their treatment plan. The GDPR defines these kinds of data as ‘data concerning health’. However, also the term ‘medical data’ is being used. Furthermore, the Council of Europe uses terms such as ‘personal health data’ and ‘medical welfare data’. Using all these different terms makes it difficult to understand what is protected by these terms and what is not. This article gives an historical overview of the evolution of the protection of data concerning health, which also leads to a discussion on the current broad definition and offers possible solutions for the use of (the term) ‘data concerning health’. Keywords: Data Concerning Health, GDPR, Data Protection, Council of Europe


Legal Issues in Regulating Observational Studies: Journal Artikel

The impact of the GDPR on Italian Biomedical Research

Paola Aurucci

European Data Protection Law Review, Jahrgang 5 (2019), Ausgabe 2, Seite 197 - 208

This article aims to show the legal challenges rising from the use, reuse, linkage and analysis of sensitive data in observational studies. In order to spell out these challenges and a possible way of meeting them, the first section takes into account the distinctive nature of retrospective observational studies and Big Data anal. The second section shows how the General Data Protection Regulation faces the challenge of maximising the opportunities arising from these studies while protecting the privacy of individual patients through research exemptions. The last section focuses on the Italian data protection regime to show why delegation of powers back to the national legal systems of the Member States entails a number of critical drawbacks, like hampering the progress of medical research. Keywords: GDPR, Data Protection, Medical Research, Sensitive Data


Peter Nowak v Data Protection Commissioner: Journal Artikel

Potential Aftermaths Regarding Subjective Annotations in Clinical Records

Daniel Jove

European Data Protection Law Review, Jahrgang 5 (2019), Ausgabe 2, Seite 175 - 183

On 20 December 2017 the European Court of Justice gave its judgment on the Nowak case. This ruling addresses the potential application of the General Data Protection Regulation (GDPR) to the answers and subjective comments of the examiner. The classification of this data as personal data entails, for the candidate, the possibility of using their rights of access, rectification and objection. This study analyses the Nowak ruling and reflects on the possibility of extrapolating the doctrine which it establishes to other areas. The spotlight is placed specifically on subjective comments in a medical history. The nature of this information is analysed in order to establish whether it is the patient’s personal data and also if limiting the right to access this information is compatible with the GDPR. Keywords: Data Protection, Subjective Annotations, Clinical Record, GDPR, General Data Protection Regulation, European Court of Justice


Assessing the Legal and Ethical Impact of Data Reuse: Journal Artikel

Developing a Tool for Data Reuse Impact Assessments (DRIA)

Bart Custers, Helena U Vrabec, Michael Friedewald

European Data Protection Law Review, Jahrgang 5 (2019), Ausgabe 3, Seite 317 - 337

In the data economy, many organisations, particularly SMEs may not be in a position to generate large amounts of data themselves, but may benefit from reusing data previously collected by others. Organisations that collect large amounts of data themselves may also benefit from reusing such data for other purposes than originally envisioned. However, under the current EU personal data protection legal framework, constituted by the General Data Protection Regulation, there are clear limits and restrictions to the reuse of personal data. Data can only be reused for purposes that are compatible with the original purposes for which the data were collected and processed. This is at odds with the reality of the data economy, in which there is a considerable need for data reuse. To address this issue, in this article we present the concept of a Data Reuse Impact Assessment (DRIA), which can be considered as an extension to existing Privacy and Data Protection Impact Assessments (PIAs and DPIAs). By adding new elements to these existing tools that specifically focus on the reuse of data and aspects regarding data ethics, a DRIA may typically be helpful to strike a better balance between the protection of personal data that is being reused and the need for data reuse in the data economy. Using a DRIA may contribute to increased trust among data subjects that their personal data is adequately protected. Data subjects, in turn, may then be willing to share more data, which on the long term may also be beneficial for the data economy. Keywords: Data Reuse, Data Protection, Privacy, Data Protection Impact Assessments, Privacy Impact Assessments


Regulating Big Data in and out of the Data Protection Policy Field: Journal Artikel

Two Scenarios of Post-GDPR Law-Making and the Actor Perspective

Paul de Hert, Juraj Sajfert

European Data Protection Law Review, Jahrgang 5 (2019), Ausgabe 3, Seite 338 - 351

Why is Big Data absent in the recent basic data protection documents of the European Union (EU) and the Council of Europe (CoE)? Why not one single reference to Big Data practices - be it to regulate or to prohibit it - in the recent General Data Protection Regulation (EU) 2016/679, the Data Protection Law Enforcement Directive (EU) 2016/680 and the Modernised CoE Convention 108 for the Protection of Individuals with Regard to the Processing of Personal Data (Convention 108+)? Some actors in the policy field considered Big Data too dangerous and counted on existing data protection principles to tame the beast. Others simply ignored the phenomenon or were not aware of the potential benefits of Big Data for economy and governments (the rendez-vous was missed). Our discussion of no less than six recent initiatives, - standalone laws and soft law instruments - is an indication that Europe is embracing Big Data but is seemingly hesitant to confront Big Data within the classical paradigm (field) of data protection law. Concrete guidance for Big Data practices is now spread over multiple texts emanating outside the data protection field. Keywords: Big Data, Data Protection, European Commission, Institutional Actors There is no sense in studying ideas as if they floated in a kind of intellectual heaven, with no reference to the agents who produce them or, above all, to the conditions in which these agents produce them, that is, in particular to the relations of competition in which they stand towards one another.


Artificial Intelligence in Medical Diagnoses and the Right to Explanation Journal Artikel

Thomas Hoeren, Maurice Niehoff

European Data Protection Law Review, Jahrgang 4 (2018), Ausgabe 3, Seite 308 - 319

Artificial intelligence and automation is also finding its way into the healthcare sector with some systems even claiming to deliver better results than human physicians. However, the increasing automation of medical decision-making is also accompanied by problems, as the question of how the relationship of trust between physicians and patients can be maintained or how decisions can be verified. This is where the right to explanation comes into play, which is enshrined in the General Data Protection Regulation (GDPR). This article explains how the right is derived from the GDPR and how it should be established. Keywords: Data Protection, Privacy, AI, Articial Intelligence, Algorithm


Machine Learning for Diagnosis and Treatment: Journal Artikel

Gymnastics for the GDPR

Robin Pierce

European Data Protection Law Review, Jahrgang 4 (2018), Ausgabe 3, Seite 333 - 343

Machine Learning (ML), a form of artificial intelligence (AI) that produces iterative refinement of outputs without human intervention, is gaining traction in healthcare as a promising way of streamlining diagnosis and treatment and is even being explored as a more efficient alternative to clinical trials. ML is increasingly being identified as an essential tool in the arsenal of Big Data for medicine. ML can process and analyse the data resulting in outputs that can inform treatment and diagnosis. Consequently, ML is likely to occupy a central role in precision medicine, an approach that tailors treatment based on characteristics of individual patients instead of traditional ‘average’ or one-size-fits-all medicine, potentially optimising outcomes as well as resource allocation. ML falls into a category of data-reliant technologies that have the potential to enhance healthcare in significant ways. However, as such, concerns about data protection and the GDPR may arise as ML assumes a growing role in healthcare, prompting questions about the extent to which the GDPR and related legislation will be able to provide adequate data protection for data subjects. Focusing on issues of transparency, fairness, storage limitation, purpose limitation and data minimisation as well as specific provisions supporting these principles, this article examines the interaction between ML and data protection law. Keywords: Machine Learning, GDPR, Data Protection, Artificial Intelligence in Medicine, Health Data, Automated Processing, Data Minimisation




Aktuelle Ausgabe