Slides from Niall Rooney FP Logue presentation at Food & Drink Business Europe event at Citywest Dublin on 05/09/2019 - *For Information Only, Not Legal Advice*
EU General Data Protection Regulation & Transborder Information FlowDavid Erdos
These slides are based on the talk I gave to the Wisconsin International Law Journal's Annual Symposium "Stamping Privacy's Passport? The Role of International Law in Safeguarding Individual Privacy" (Wisconsin, USA; 8 April 2016). This talk argued that European data protection's formal understanding of transborder data flow regulation (TBDF) is not only potentially very broad but has not appropriately balanced data protection against other key rights such as freedom of information and association. Many of these existing structural difficulties are exacerbated under the newly agreed General Data Protection Regulation (GDPR). In order to better reconcile the values at stake, Data Protection Authorities (DPAs) should also develop models to "authorize" low-risk TBDFs via self-certification by data controllers themselves. Member States should also make broad use of the derogations the Regulation leaves available. More generally, a contextual, risk-based interpretation of the GPDR must be developed which seeks to provide robust privacy and other individual safeguards without putting in jeopardy Europe’s other core values and liberties.
Article 9: Special categories of data
Special categories of data are sensitive information about individual and need more protection.
Individuals‘ rights and freedoms are at increased risk when this type of data is processing. It may put them at risk of unlawful discrimination.
Slides from Niall Rooney FP Logue presentation at Food & Drink Business Europe event at Citywest Dublin on 05/09/2019 - *For Information Only, Not Legal Advice*
EU General Data Protection Regulation & Transborder Information FlowDavid Erdos
These slides are based on the talk I gave to the Wisconsin International Law Journal's Annual Symposium "Stamping Privacy's Passport? The Role of International Law in Safeguarding Individual Privacy" (Wisconsin, USA; 8 April 2016). This talk argued that European data protection's formal understanding of transborder data flow regulation (TBDF) is not only potentially very broad but has not appropriately balanced data protection against other key rights such as freedom of information and association. Many of these existing structural difficulties are exacerbated under the newly agreed General Data Protection Regulation (GDPR). In order to better reconcile the values at stake, Data Protection Authorities (DPAs) should also develop models to "authorize" low-risk TBDFs via self-certification by data controllers themselves. Member States should also make broad use of the derogations the Regulation leaves available. More generally, a contextual, risk-based interpretation of the GPDR must be developed which seeks to provide robust privacy and other individual safeguards without putting in jeopardy Europe’s other core values and liberties.
Article 9: Special categories of data
Special categories of data are sensitive information about individual and need more protection.
Individuals‘ rights and freedoms are at increased risk when this type of data is processing. It may put them at risk of unlawful discrimination.
Turkish Data Protection Act : Is it a reflection of GDPR?TrustArc
Broadcast Date: January 15, 2020 9:00 AM - 10:00 AM EST
https://info.trustarc.com/WB-2020-01-15-TurkishDataProtectionActIsitareflectionofGDPR_RegPage-Nymity.html
In April 2016 the Republic of Turkey published an omnibus data protection act, The Law on the Protection of Personal Data w. no 6698, in the Official Gazette. One of the obligations under this law is to register all data processing operations with the supervisory authority KVKK. At the request of the Turkish business representatives, the deadline for this registration was first postponed until December 31, 2019 and with the latest decision of KVKK on 27th of December, 2019, the deadline for the registration is extended to June 30, 2020. However, it seems no further delay will be announced.
What do organizations need to do to comply with the Turkish Data Protection Act? What does the obligation to register all processing activities entail? And what are the risk of non-compliance? These questions and more will be answered in a special TrustArc -Nymity & Dentons hosted webinar on January 15, 2020.
Key takeaways:
-What are the legal requirements of the law?
-What is the regulatory/enforcement landscape?
-Demonstrating compliance with the Turkish law: taking an Accountability approach
-Using processing activities registered as the basis for the KVKK registration
-Staying up-to-date on Turkey's data protection laws
This webinar is eligible for 1 CPE credit.
An In House Counsel and Privacy Practitioners update on the changed regulatory landscape.
The Privacy and Data Protection Act 2014 received Royal Assent on 2 September 2014.
The new legislation replaces the Information Privacy Act 2000, and the Commissioner for Law Enforcement Data Security Act 2005, with a unified scheme governing the handling of personal information and data by Victorian Public sector agencies.
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
Whether you’re an event or hospitality professional in a small, medium or large organization, the General Data Protection Regulation (GDPR) is going to affect you. Get prepared with Cvent and Debrah Harding of Market Research Society before the 25th May deadline. GDPR is a new EU regulation, designed for the digital age. GDPR will strengthen an individual's rights and increase business accountability for data privacy and holding personal information. Organizations found breaching the regulations can face fines of up to 20 million Euros or up to 4% of annual global turnover. At Cvent we are already on track to becoming GDPR compliant and we want to advise our industry partners on how to become compliant too.
GDPR From Implementation to OpportunityDean Sappey
GDPR presents new challenges for law firms across Europe. This presentation explains the implications of GDPR and simple strategies to ensure firms are compliant for its launch in May 2018
Privacy, Social Network Sites and the lawdariphagen
Dr. Natali Helberger, assistent professor at the Amsterdam Institute of Information Law (IVIR), presents the legal aspect surrounding privacy in Social Network Sites. An overview of European laws regulating SNS with respect to privacy. www.ivir.nl. Presentation at the Conference on Privacy in Social Network Sites, www.privacyinsocialnetworksites.nl
In general, the GDPR applies to any business that processes personal data by automated or manual processing
A strategic approach is introduced to regulating personal data and the normative foundations of the European Unions General Data Protection Regulation (GDPR)
Existing Requirements imposed by the 1995 Data Protection Directive are refined.
It does this by establishing a uniform framework for data protection legislation across the EU
The Presentation is a preliminary comment of The Hague Court decision published on March 6th 2020 aka "SyRI Case". The author considers the possibility to use the Dutch approach to automatic data management in the field of taxation as a possible benchmark for other jurisdictions too.
This is an UNREVISED version and contains some typos and data in need of double check.
This is a slightly modified version of a presentation that I gave to fellow lawyers last week. It explains what GDPR is, the policy of data protection and the evolution of data protection legislation from the OECD Guidelines and Council of Europe Convention to the GDPR. It explores the regulation focusing on the data protection principles and, in particular, the lawfulness requirement and the validity of consent. The presentation mentions the Law enforcement data protection directive, the Data Protection Bill and the arrangements post Brexit. Finally, it considers the preparations recommended by the Information Commissioner for small busiesses
Understanding the EU's new General Data Protection Regulation (GDPR)Acquia
In 2016, the European Union (EU) approved its General Data Protection Regulation (GDPR) to protect European citizens’ data. As a regulation, the GDPR does not require the implementation of legislation, and will immediately become an applicable law as of the 25th of May, 2018.
What is GDPR exactly trying to accomplish? According to the official documents, the goal is the “protection of natural persons with regard to the processing of personal data and on the free movement of such data.”
In short, organizations that conduct business in the EU will need to be compliant with GDPR, and must come to terms with the huge fines that non-compliance can carry. Fines can be up to €20M or 4% of the annual turnover. For companies that experience breaches that result in the loss of personal data (such as Talk Talk, which lost 170,000 people’s data), the fines will be tremendous.
Join us for discussion about GDPR to learn more about:
The principles that organizations that use personal data need to adhere to
The consequences organizations can face if that do not adhere to this new regulation
How your organization can prepare for the future
Personal data: Legal Issues in Research Data Collection and Sharing by EUDAT ...EUDAT
| www.eudat.eu | v1.0, June 2014 - Protection of personal data is a major concern of many. The EU Data Protection Directive (95/46/EC) identifies it as any information relating to an identified or identifiable natural person. However, what exactly do we mean by processing of personal data? When is it lawful? Are there any special categories of personal data? What is consent? What are the obligations of the data controller? Download this presentation and find out.
Who is it for?: Researchers, Data Managers, General public.
EU General Data Protection Regulation - Update 2017Cliff Ashcroft
This free Lasa webinar looks at why data protection is important in a digital world, and what practical things charities and civil society organisations can do to prepare for when the EU General Data Protection Regulations come into force in May 2018.
It is vital charities use the next 12 months to understand their new responsibilities and put the required processes in place.
Our webinar gives you the opportunity to ensure you are prepared for what’s to come by putting your #GDPR questions to our data protection expert and published author, Paul Ticher.
Lasa does lots more charity tech help and advice - find out more at: Twitter: @lasaict
Acknowledgements:
Lasa actively promotes and supports the Way Ahead – Civil Society at the Heart of London. See www.citybridgetrust.org.uk/publications/way-ahead/
This webinar is supported by the City of London Corporation's charity, City Bridge Trust. www.citybridgetrust.org.uk
Turkish Data Protection Act : Is it a reflection of GDPR?TrustArc
Broadcast Date: January 15, 2020 9:00 AM - 10:00 AM EST
https://info.trustarc.com/WB-2020-01-15-TurkishDataProtectionActIsitareflectionofGDPR_RegPage-Nymity.html
In April 2016 the Republic of Turkey published an omnibus data protection act, The Law on the Protection of Personal Data w. no 6698, in the Official Gazette. One of the obligations under this law is to register all data processing operations with the supervisory authority KVKK. At the request of the Turkish business representatives, the deadline for this registration was first postponed until December 31, 2019 and with the latest decision of KVKK on 27th of December, 2019, the deadline for the registration is extended to June 30, 2020. However, it seems no further delay will be announced.
What do organizations need to do to comply with the Turkish Data Protection Act? What does the obligation to register all processing activities entail? And what are the risk of non-compliance? These questions and more will be answered in a special TrustArc -Nymity & Dentons hosted webinar on January 15, 2020.
Key takeaways:
-What are the legal requirements of the law?
-What is the regulatory/enforcement landscape?
-Demonstrating compliance with the Turkish law: taking an Accountability approach
-Using processing activities registered as the basis for the KVKK registration
-Staying up-to-date on Turkey's data protection laws
This webinar is eligible for 1 CPE credit.
An In House Counsel and Privacy Practitioners update on the changed regulatory landscape.
The Privacy and Data Protection Act 2014 received Royal Assent on 2 September 2014.
The new legislation replaces the Information Privacy Act 2000, and the Commissioner for Law Enforcement Data Security Act 2005, with a unified scheme governing the handling of personal information and data by Victorian Public sector agencies.
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
Whether you’re an event or hospitality professional in a small, medium or large organization, the General Data Protection Regulation (GDPR) is going to affect you. Get prepared with Cvent and Debrah Harding of Market Research Society before the 25th May deadline. GDPR is a new EU regulation, designed for the digital age. GDPR will strengthen an individual's rights and increase business accountability for data privacy and holding personal information. Organizations found breaching the regulations can face fines of up to 20 million Euros or up to 4% of annual global turnover. At Cvent we are already on track to becoming GDPR compliant and we want to advise our industry partners on how to become compliant too.
GDPR From Implementation to OpportunityDean Sappey
GDPR presents new challenges for law firms across Europe. This presentation explains the implications of GDPR and simple strategies to ensure firms are compliant for its launch in May 2018
Privacy, Social Network Sites and the lawdariphagen
Dr. Natali Helberger, assistent professor at the Amsterdam Institute of Information Law (IVIR), presents the legal aspect surrounding privacy in Social Network Sites. An overview of European laws regulating SNS with respect to privacy. www.ivir.nl. Presentation at the Conference on Privacy in Social Network Sites, www.privacyinsocialnetworksites.nl
In general, the GDPR applies to any business that processes personal data by automated or manual processing
A strategic approach is introduced to regulating personal data and the normative foundations of the European Unions General Data Protection Regulation (GDPR)
Existing Requirements imposed by the 1995 Data Protection Directive are refined.
It does this by establishing a uniform framework for data protection legislation across the EU
The Presentation is a preliminary comment of The Hague Court decision published on March 6th 2020 aka "SyRI Case". The author considers the possibility to use the Dutch approach to automatic data management in the field of taxation as a possible benchmark for other jurisdictions too.
This is an UNREVISED version and contains some typos and data in need of double check.
This is a slightly modified version of a presentation that I gave to fellow lawyers last week. It explains what GDPR is, the policy of data protection and the evolution of data protection legislation from the OECD Guidelines and Council of Europe Convention to the GDPR. It explores the regulation focusing on the data protection principles and, in particular, the lawfulness requirement and the validity of consent. The presentation mentions the Law enforcement data protection directive, the Data Protection Bill and the arrangements post Brexit. Finally, it considers the preparations recommended by the Information Commissioner for small busiesses
Understanding the EU's new General Data Protection Regulation (GDPR)Acquia
In 2016, the European Union (EU) approved its General Data Protection Regulation (GDPR) to protect European citizens’ data. As a regulation, the GDPR does not require the implementation of legislation, and will immediately become an applicable law as of the 25th of May, 2018.
What is GDPR exactly trying to accomplish? According to the official documents, the goal is the “protection of natural persons with regard to the processing of personal data and on the free movement of such data.”
In short, organizations that conduct business in the EU will need to be compliant with GDPR, and must come to terms with the huge fines that non-compliance can carry. Fines can be up to €20M or 4% of the annual turnover. For companies that experience breaches that result in the loss of personal data (such as Talk Talk, which lost 170,000 people’s data), the fines will be tremendous.
Join us for discussion about GDPR to learn more about:
The principles that organizations that use personal data need to adhere to
The consequences organizations can face if that do not adhere to this new regulation
How your organization can prepare for the future
Personal data: Legal Issues in Research Data Collection and Sharing by EUDAT ...EUDAT
| www.eudat.eu | v1.0, June 2014 - Protection of personal data is a major concern of many. The EU Data Protection Directive (95/46/EC) identifies it as any information relating to an identified or identifiable natural person. However, what exactly do we mean by processing of personal data? When is it lawful? Are there any special categories of personal data? What is consent? What are the obligations of the data controller? Download this presentation and find out.
Who is it for?: Researchers, Data Managers, General public.
EU General Data Protection Regulation - Update 2017Cliff Ashcroft
This free Lasa webinar looks at why data protection is important in a digital world, and what practical things charities and civil society organisations can do to prepare for when the EU General Data Protection Regulations come into force in May 2018.
It is vital charities use the next 12 months to understand their new responsibilities and put the required processes in place.
Our webinar gives you the opportunity to ensure you are prepared for what’s to come by putting your #GDPR questions to our data protection expert and published author, Paul Ticher.
Lasa does lots more charity tech help and advice - find out more at: Twitter: @lasaict
Acknowledgements:
Lasa actively promotes and supports the Way Ahead – Civil Society at the Heart of London. See www.citybridgetrust.org.uk/publications/way-ahead/
This webinar is supported by the City of London Corporation's charity, City Bridge Trust. www.citybridgetrust.org.uk
Data Protection Guide – What are your rights as a citizen?Edouard Nguyen
Guide UK Data Protection Law EUROPA - Internal Market - Data Protection - Data Protection Guide – What are your rights as a citizen?http://ec.europa.eu/justice/policies/privacy/docs/guide/guide-ukingdom_en.pdf
An introduction to the General Data Protection Regulation (GDPR) and its implications for research data management. Presentation given by Tim Rodgers of Imperial College London at the London Area Research Data meeting, held at the London School of Hygiene & Tropical Medicine on 17th Nov 2017.
20200429_Research Data & the GDPR: How Open is Open? (updated version)OpenAIRE
Presentation by Prodromos Tsiavos (Senior Legal Advisor - ARC/ Director - Onassis Group) as delivered during the OpenAIRE Legal Policy Webinar series on April 29th 2020.
More information and recordings: https://www.openaire.eu/item/openaire-legal-policy-webinars
The European General Data Protection Law (also known as EU-DSGVO) becomes effective as of May 25 and is of VITAL importance.
In the easiest sense it’s important as it involves fines of up to 2 million Euros or 4% of worldwide turnover (whatever scares you more). Fines not only come into play upon actual data loss, but already if data *could* get lost and for a variety of other reasons. This session covers the most important GDPR topics, both for companies in the European Union and for companies doing business with European companies or citizens. We will also be looking at whether it makes a difference if you are a one person shop or multinational business.
Legal and ethical considerations for sharing research dataOpenAIRE
Irena Vipavc Brar ( Social Sciences Data Archives / CESSDA)
Aimed at researchers in social sciences, but of interest for other fields as well, Irena Vipavc Brar gives an overview of the most important legal and ethical considerations when sharing research data. She discusses the implications of GDPR for scientific research, informed consent and ethical aspects of dealing with personal data, and legal issues.
Links: https://www.cessda.eu/Research-Infrastructure/Training/Expert-Tour-Guide-on-Data-Management
20200504_Research Data & the GDPR: How Open is Open?OpenAIRE
Presentation by Prodromos Tsiavos (Senior Legal Advisor - ARC/ Director - Onassis Group) as delivered during the OpenAIRE Legal Policy Webinar series on May 4th 2020.
More information and recordings: https://www.openaire.eu/item/openaire-legal-policy-webinars
Impact of GDPR on Data Collection and ProcessingPromptCloud
This presentation covers how GDPR will impact various aspects of user data collection and processing along with the way to achieve compliance with the regulations.
An overview of GDPR data privacy and the impact on traditional information security practices, which was presented at SecureWorld Dallas, October, 2017
This webinar gives an overview of:
- The regulation landscape
- Territorial scope
- Remedies, liabilities and penalties
- Privacy notices
- The right of data subject
- Consent
- Data processing
- Profiling or "automated individual decision-making"
- International marketing and data transfers
A recording of this webinar is available here:
https://www.youtube.com/watch?v=Vr_CT24v2iI
GDPR for public sector DPO's seminar, April 2018, ManchesterBrowne Jacobson LLP
From 25 May 2018 all public bodies must have a Data Protection Officer (DPO). The DPO must have ‘expert’ knowledge of both data protection law and practice. This session is directed at individuals within public sector organisations who will be acting as DPO, their deputies and those advising them.
Visit our website for more useful resources - https://www.brownejacobson.com/sectors-and-services/sectors/public-sector
This presentation outlines the General Data Protection Regulation ("GDPR") and the key changes that will be brought about as of 25th May 2018 - ISOLAS is pleased to offer assistance in conducting data audits and ensuring you are compliant before the deadline - the clock is ticking!
From 25 May 2018 all public bodies must have a Data Protection Officer (DPO). The DPO must have ‘expert’ knowledge of both data protection law and practice. This session is directed at individuals within public sector organisations who will be acting as DPO, their deputies and those advising them.
Visit our website for more useful resources - https://www.brownejacobson.com/sectors-and-services/sectors/public-sector
From 25 May 2018 all public bodies must have a Data Protection Officer (DPO). The DPO must have ‘expert’ knowledge of both data protection law and practice. This session is directed at individuals within public sector organisations who will be acting as DPO, their deputies and those advising them.
Visit our website for more useful resources - https://www.brownejacobson.com/sectors-and-services/sectors/public-sector
Presentación realizada por Ricardo Santos, miembro del VIAF GDPR Working Group, en la reunión anual de VIAF. La presentación muestra los resultados de una encuesta sobre privacidad de datos de autores en ficheros de autoridad.
Los días 6 y 7 de junio de 2019 la Biblioteca Nacional de España albergó un taller práctico sobre RDA destinado a responsables de proceso técnico de instituciones integradas en el Consejo de Cooperación Bibliotecaria
Los días 6 y 7 de junio de 2019 la Biblioteca Nacional de España albergó un taller práctico sobre RDA destinado a responsables de proceso técnico de instituciones integradas en el Consejo de Cooperación Bibliotecaria
Los días 6 y 7 de junio de 2019 la Biblioteca Nacional de España albergó un taller práctico sobre RDA destinado a responsables de proceso técnico de instituciones integradas en el Consejo de Cooperación Bibliotecaria
The Team Member and Guest Experience - Lead and Take Care of your restaurant team. They are the people closest to and delivering Hospitality to your paying Guests!
Make the call, and we can assist you.
408-784-7371
Foodservice Consulting + Design
Modern Database Management 12th Global Edition by Hoffer solution manual.docxssuserf63bd7
https://qidiantiku.com/solution-manual-for-modern-database-management-12th-global-edition-by-hoffer.shtml
name:Solution manual for Modern Database Management 12th Global Edition by Hoffer
Edition:12th Global Edition
author:by Hoffer
ISBN:ISBN 10: 0133544613 / ISBN 13: 9780133544619
type:solution manual
format:word/zip
All chapter include
Focusing on what leading database practitioners say are the most important aspects to database development, Modern Database Management presents sound pedagogy, and topics that are critical for the practical success of database professionals. The 12th Edition further facilitates learning with illustrations that clarify important concepts and new media resources that make some of the more challenging material more engaging. Also included are general updates and expanded material in the areas undergoing rapid change due to improved managerial practices, database design tools and methodologies, and database technology.
Oprah Winfrey: A Leader in Media, Philanthropy, and Empowerment | CIO Women M...CIOWomenMagazine
This person is none other than Oprah Winfrey, a highly influential figure whose impact extends beyond television. This article will delve into the remarkable life and lasting legacy of Oprah. Her story serves as a reminder of the importance of perseverance, compassion, and firm determination.
Artificial intelligence (AI) offers new opportunities to radically reinvent the way we do business. This study explores how CEOs and top decision makers around the world are responding to the transformative potential of AI.
1. General Data Protection
Regulation (GDPR) and library
authority data
Ricardo Santos
National Library of Spain
Prepared for:
VIAF Council meeting
24th August 2018, Kuala Lumpur
2. GDPR Facts
Supersedes the Data Protection Directive 95/46/EC
Adopted in April 2016, enforced in 25 May 2018. It has 98 articles and 173 whereas clauses.
It’s a regulation, so it’s directly binding and applicable in Member States.
Extra-territorial applicability: it applies to all companies processing the personal data of
individual residing in the Union, regardless of the company’s location or where the data is
processed .
United Kingdom passed the Data Protection Act 2018, with equivalent regulations and
protections
2
3. Goals
Strengthen citizens' fundamental rights in the digital age. Give control to
citizens over their personal data
Harmonize and simplify the rules throughout the European states
3
4. “
Personal data is any
information that relates to an
identified or identifiable
individual. (art. 4)
This Regulation does not apply to the personal
data of deceased persons. (whereas clause 27)
4
5. “
Processing means any operation on
personal data, such as collection,
recording, organization, structuring,
storage, retrieval, consultation, use,
disclosure by transmission,
dissemination or otherwise making
available… (art. 4)
5
6. GDPR for organizations
- Legal basis for processing (art. 6) (Can we process data?):
- Consent (explicit, clear and unambiguous)
- Legal obligation (legal deposit?)
- Public interest
- Organisation’s legitimate interest
6
- Processing of data must be (art. 5):
- According to, and only the data necessary, the stated specific
purposes.
- Stored no longer than necessary.
- Accurate and up-to-date.
7. GDPR for public administration
- Personal data usually processed on the basis of a legal obligation or
public interest.
- A Data Protection Officer is mandatory.
- Individuals may contact a public administration to exercise their rights
under the GDPR.
- Individuals have a right to object to the processing of personal data by
the public administration on grounds of public interest.
7
8. GDPR for citizens (Chapter III)
Citizens have the right to:
- demand information about the processing
- access the data
- asking for corrections of inaccurate data
- data erasure (formerly known as right to be forgotten)
- object to the processing of data
- receive personal data in a machine-readable format and send it to
another controller.
- request that decisions based on automated processing are made
by natural persons.
8
9. Exceptions
& Limits
Consent can be skipped if there is legal obligation or
public interest for collecting data
Data erasure or others are limited by:
Freedom of expression safeguards.
Archival exemptions (provided the institution has
the legal obligation to preserve).
Scientific or historical research.
Those limits are not automatic. Member states should
introduce them or not.
9
10. BIG QUESTIONS REMAINS
Considerations of authority data:
• Is it “personal data”? Could there be other
“sensitive data”?
• What’s the legal framework for an authority file?
• Can the “public interest” or “legal obligation” be
invoked to skip consent?
• Can we deny “right to be forgotten” on those
grounds?
• Can we freely distribute authority data (to VIAF,
for instance)?
10
11. Claimings accepted
Data correction.
Hide pseudonymous relationships
Hide dates
BNE experiences
Claimings rejected
Deletion of resources
Deletion of authority record
11
12. VIAF is an aggregator of sources.
- Who has the responsability for data?
VIAF is a “third party”:
- Should reflect data policy of member institutions?
Case 1: an institution acknowledge an individual data rights. Should this extend to
VIAF or other libraries?
- Should VIAF policy influence data policy of member institutions?
Case 2: VIAF grants an individual data rights. Should this extend to libraries?
Some issues with VIAF
12
‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
DPO. Among other duties: act as a contact point for requests from individuals regarding the processing of their personal data and the exercise of their rights
It isn’t clear if “scientific or historical research” applies to authority data, or if this data is stored for the “legal obligation”
1 – According to the law definition for “personal data”, it is, because it allows to identify a living person (a name string; a date of birth, an URI). “sensitive data” is less probably to be included.
2- Should the same rules apply to an authority file than a customer database, or even a library users’ file?