Recoge: 1.The study - 2.The directive - 3.Data protection in the national laws of the Member States - 4.The application of data protection in specific sectoral contexts.

GDPR: Personal Data Protection in the European Union Mariusz Krzysztofek Personal data protection has become one of the central issues in any understanding of the current world system. In this connection, the European Union (EU) has created the most sophisticated regime currently in force with the General Data Protection Regulation (GDPR) (EU) 2016/679. Following the GDPR’s recent reform – the most extensive since the first EU laws in this area were adopted and implemented into the legal orders of the Member States – this book offers a comprehensive discussion of all principles of personal data processing, obligations of data controllers, and rights of data subjects, providing a thorough, up-to-date account of the legal and practical aspects of personal data protection in the EU. Coverage includes the recent Court of Justice of the European Union (CJEU) judgment on data transfers and new or updated data protection authorities’ guidelines in the EU Member States. Among the broad spectrum of aspects of the subject covered are the following: – right to privacy judgments of the CJEU and the European Court of Human Rights; – scope of the GDPR and its key definitions, key principles of personal data processing; – legal bases for the processing of personal data; – direct and digital marketing, cookies, and online behavioural advertising; – processing of personal data of employees; – sensitive data and criminal records; – information obligation & privacy notices; – data subjects rights; – data controller, joint controllers, and processors; – data protection by design and by default, data security measures, risk-based approach, records of personal data processing activities, notification of a personal data breach to the supervisory authority and communication to the data subject, data protection impact assessment, codes of conduct and certification; – Data Protection Officer; – transfers of personal data to non-EU/EEA countries; and – privacy in the Internet and surveillance age. Because the global scale and evolution of information technologies have changed the data processing environment and brought new challenges, and because many non-EU jurisdictions have adopted equivalent regimes or largely analogous regulations, the book will be of great usefulness worldwide. Multinational corporations and their customers and contractors will benefit enormously from consulting and using this book, especially in conducting case law, guidelines and best practices formulated by European data protection authorities. For lawyers and academics researching or advising clients on this area, this book provides an indispensable source of practical guidance and information for many years to come.

This book examines the ability of citizens across ten European countries to exercise their democratic rights to access their personal data. It presents a socio-legal research project, with the researchers acting as citizens, or data subjects, and using ethnographic data collection methods. The research presented here evidences a myriad of strategies and discourses employed by a range of public and private sector organizations as they obstruct and restrict citizens' attempts to exercise their informational rights. The book also provides an up-to-date legal analysis of legal frameworks across Europe concerning access rights and makes several policy recommendations in the area of informational rights. It provides a unique and unparalleled study of the law in action which uncovered the obstacles that citizens encounter if they try to find out what personal data public and private sector organisations collect and store about them, how they process it, and with whom they share it. These are simple questions to ask, and the right to do so is enshrined in law, but getting answers to these questions was met by a raft of strategies which effectively denied citizens their rights. The book documents in rich ethnographic detail the manner in which these discourses of denial played out in the ten countries involved, and explores in depth the implications for policy and regulatory reform.

This book provides expert advice on the practical implementation of the European Union’s General Data Protection Regulation (GDPR) and systematically analyses its various provisions. Examples, tables, a checklist etc. showcase the practical consequences of the new legislation. The handbook examines the GDPR’s scope of application, the organizational and material requirements for data protection, the rights of data subjects, the role of the Supervisory Authorities, enforcement and fines under the GDPR, and national particularities. In addition, it supplies a brief outlook on the legal consequences for seminal data processing areas, such as Cloud Computing, Big Data and the Internet of Things.Adopted in 2016, the General Data Protection Regulation will come into force in May 2018. It provides for numerous new and intensified data protection obligations, as well as a significant increase in fines (up to 20 million euros). As a result, not only companies located within the European Union will have to change their approach to data security; due to the GDPR’s broad, transnational scope of application, it will affect numerous companies worldwide.

Buy a new version of this textbook and receive access to the Connected eBook on Casebook Connect, including lifetime access to the online ebook with highlight, annotation, and search capabilities. Access also includes an outline tool and other helpful resources. Connected eBooks provide what you need most to be successful in your law school classes. A clear, comprehensive, and cutting-edge introduction to the field of information privacy law with a focus on EU Data Protection and the GDPR. The volume is perfect as a stand-alone text for a seminar and as supplement to a course on EU law. It contains the latest cases and materials exploring issues of emerging technology, information privacy, OECD privacy guidelines, privacy protection in Europe, international transfers of data, and selected provisions of the GDPR. New to the 2nd Edition: Tighter editing and shorter chapters Full text of the GDPR Schrems II and the Data Privacy Framework

This book features peer reviewed contributions from across the disciplines on themes relating to protection of data and to privacy protection. The authors explore fundamental and legal questions, investigate case studies and consider concepts and tools such as privacy by design, the risks of surveillance and fostering trust. Readers may trace both technological and legal evolution as chapters examine current developments in ICT such as cloud computing and the Internet of Things. Written during the process of the fundamental revision of revision of EU data protection law (the 1995 Data Protection Directive), this volume is highly topical. Since the European Parliament has adopted the General Data Protection Regulation (Regulation 2016/679), which will apply from 25 May 2018, there are many details to be sorted out. This volume identifies and exemplifies key, contemporary issues. From fundamental rights and offline alternatives, through transparency requirements to health data breaches, the reader is provided with a rich and detailed picture, including some daring approaches to privacy and data protection. The book will inform and inspire all stakeholders. Researchers with an interest in the philosophy of law and philosophy of technology, in computers and society, and in European and International law will all find something of value in this stimulating and engaging work.

This book explores the coming into being in European Union (EU) law of the fundamental right to personal data protection. Approaching legal evolution through the lens of law as text, it unearths the steps that led to the emergence of this new right. It throws light on the right’s significance, and reveals the intricacies of its relationship with privacy. The right to personal data protection is now officially recognised as an EU fundamental right. As such, it is expected to play a critical role in the future European personal data protection legal landscape, seemingly displacing the right to privacy. This volume is based on the premise that an accurate understanding of the right’s emergence is crucial to ensure its correct interpretation and development. Key questions addressed include: How did the new right surface in EU law? How could the EU Charter of Fundamental Rights claim to render ‘more visible’ an invisible right? And how did EU law allow for the creation of a new right while ensuring consistency with existing legal instruments and case law? The book first investigates the roots of personal data protection, studying the redefinition of privacy in the United States in the 1960s, as well as pioneering developments in European countries and in international organisations. It then analyses the EU’s involvement since the 1970s up to the introduction of legislative proposals in 2012. It grants particular attention to changes triggered in law by language and, specifically, by the coexistence of languages and legal systems that determine meaning in EU law. Embracing simultaneously EU law’s multilingualism and the challenging notion of the untranslatability of words, this work opens up an inspiring way of understanding legal change. This book will appeal to legal scholars, policy makers, legal practitioners, privacy and personal data protection activists, and philosophers of law, as well as, more generally, anyone interested in how law works.