Updating the EU Data Protection Directive
Upcoming SlideShare
Loading in...5
×
 

Updating the EU Data Protection Directive

on

  • 2,504 views

First presented at SoGikII, University of New South Wales, June 2008. Updated for lecture at Exeter University Nov. 2010.

First presented at SoGikII, University of New South Wales, June 2008. Updated for lecture at Exeter University Nov. 2010.

Statistics

Views

Total Views
2,504
Views on SlideShare
2,468
Embed Views
36

Actions

Likes
0
Downloads
17
Comments
0

2 Embeds 36

http://dooooooom.blogspot.com 35
http://www.linkedin.com 1

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

CC Attribution-ShareAlike LicenseCC Attribution-ShareAlike License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Updating the EU Data Protection Directive Updating the EU Data Protection Directive Presentation Transcript

  • Dr Ian Brown, Oxford Internet Institute Where next for European data protection law?
  • New challenges and potential responses
    • Explosion in storage, comms & processing
    • Risk intolerance & efficiency, personalisation
    • Jurisdiction
    • Enforcement
    • Web 2.0
    • Streamline and move forward focus of regulation
    • Privacy by design
    • Couple wider exemptions for individuals with intermediary protections
  • Shift focus of regulation
    • Most organisations process small amounts of personal data for commonplace purposes - Best Available Techniques?
    • Privacy Impact Assessments and more prior checking for large-scale databases with potential to cause significant harm
  • Human rights standards
    • Interference with private life must be based on detailed, clear, precise, foreseeable law ( Copland v UK )
    • Systems must limit access to data to those who have a proportionate requirement for access ( I v Finland )
    • Bleeding-edge states have a particular duty to consider impact of databases upon privacy ( S & Marper v UK )
    • Only 5 of 46 major UK government databases we reviewed met these standards
    R Anderson, I Brown, T Dowty, P Inglesant, W Heath & A Sasse (2009) Database State , Joseph Rowntree Reform Trust
  • Designing for privacy
    • Data minimisation key: is your data really necessary? Limit personal data collection, storage, access and usage
    • Users must also be notified and consent to the processing of data
    Ade Rowbotham (2005)
  • Individuals ≠ data controllers
    • How sustainable is Lindqvist?
    • Can we widen domestic processing exemption…
    • … alongside better privacy protection by infomediaries?
      • Nudges?
      • Expedited temporary restrictions on sharing?
    L Edwards & I Brown (2009) Data Control and Social Networking: Irreconcilable Ideas? In Matwyshyn, A. (ed.) Harboring Data: Information Security, Law and the Corporation, Stanford University Press