Keyword: Privacy

Access to Personal Data and the Right to Good Governance during Asylum Procedures after the CJEU’s YS and M. and S. judgment (C-141/12 and C-372/12) external link

Zuiderveen Borgesius, F.
European Journal of Migration and Law, pp: 259-272., 2015

Abstract

In the YS. and M. and S. judgment, the Court of Justice of the European Union ruled on three procedures in which Dutch judges asked for clarification on the right of asylum seekers to have access to the documents regarding the decision on asylum applications. The judgment is relevant for interpreting the concept of personal data and the scope of the right of access under the Data Protection Directive, and the right to good administration in the eu Charter of Fundamental Rights. At first glance, the judgment seems disappointing from the viewpoint of individual rights. Nevertheless, in our view the judgment provides sufficient grounds for effective access rights to the minutes in future asylum cases.

access to information, asylum procedure, Charter of Fundamental Rights of the European Union, Data protection, effective remedies, Grondrechten, peronal data, Privacy

Bibtex

Article{nokey, title = {Access to Personal Data and the Right to Good Governance during Asylum Procedures after the CJEU’s YS and M. and S. judgment (C-141/12 and C-372/12)}, author = {Zuiderveen Borgesius, F.}, url = {http://booksandjournals.brillonline.com/content/journals/10.1163/15718166-12342080}, year = {0710}, date = {2015-07-10}, journal = {European Journal of Migration and Law}, abstract = {In the YS. and M. and S. judgment, the Court of Justice of the European Union ruled on three procedures in which Dutch judges asked for clarification on the right of asylum seekers to have access to the documents regarding the decision on asylum applications. The judgment is relevant for interpreting the concept of personal data and the scope of the right of access under the Data Protection Directive, and the right to good administration in the eu Charter of Fundamental Rights. At first glance, the judgment seems disappointing from the viewpoint of individual rights. Nevertheless, in our view the judgment provides sufficient grounds for effective access rights to the minutes in future asylum cases.}, keywords = {access to information, asylum procedure, Charter of Fundamental Rights of the European Union, Data protection, effective remedies, Grondrechten, peronal data, Privacy}, }

Your Digital Home is No Longer Your Castle: How Cloud Computing Transforms the (Legal) Relationship between Individuals and Their Personal Records external link

Irion, K.
International Journal of Law and Information Technology, vol. 23, num: 4, pp: 348-371., 2015

Abstract

In line with the overall trend individuals’ personal affairs, too, are composed of digital records to an increasing amount. At about the same time, the era of local storage in end user equipment is about to give way to remote computing where data resides on third party equipment (cloud computing). Once information, and even the most personal one, is no longer stored on personal equipment the relationship between individual users and their digital assets belonging to them is becoming increasingly abstract. This contribution focuses on the implications of cloud computing for individuals’ unpublicized digital records. The question to be answered is whether - taken together - the progressing virtualization and the disruption of physical control produce a backslide for individual positions of rights. The paper introduces the legal treatment of users’ digital personal records and how a technical transformation in combination with disparate legal protection and prevailing commercial practices are bound to impact the distribution of rights and obligations.

cloud computing, Consumer law, control, EU law, Grondrechten, Privacy, security

Bibtex

Article{nokey, title = {Your Digital Home is No Longer Your Castle: How Cloud Computing Transforms the (Legal) Relationship between Individuals and Their Personal Records}, author = {Irion, K.}, url = {http://www.ivir.nl/publicaties/download/1584.pdf}, doi = {https://doi.org/10.1093/ijlit/eav015}, year = {0929}, date = {2015-09-29}, journal = {International Journal of Law and Information Technology}, volume = {23}, number = {4}, pages = {348-371.}, abstract = {In line with the overall trend individuals’ personal affairs, too, are composed of digital records to an increasing amount. At about the same time, the era of local storage in end user equipment is about to give way to remote computing where data resides on third party equipment (cloud computing). Once information, and even the most personal one, is no longer stored on personal equipment the relationship between individual users and their digital assets belonging to them is becoming increasingly abstract. This contribution focuses on the implications of cloud computing for individuals’ unpublicized digital records. The question to be answered is whether - taken together - the progressing virtualization and the disruption of physical control produce a backslide for individual positions of rights. The paper introduces the legal treatment of users’ digital personal records and how a technical transformation in combination with disparate legal protection and prevailing commercial practices are bound to impact the distribution of rights and obligations.}, keywords = {cloud computing, Consumer law, control, EU law, Grondrechten, Privacy, security}, }

Personal data processing for behavioural targeting: which legal basis? external link

Zuiderveen Borgesius, F.
International Data Privacy Law, 2015

Abstract

Key Points:
The European Union Charter of Fundamental Rights only allows personal data processing if a data controller has a legal basis for the processing.
This paper argues that, in most circumstances, the only available legal basis for the processing of personal data for behavioural targeting is the data subject's unambiguous consent.
Furthermore, the paper argues that the cookie consent requirement from the e-Privacy Directive does not provide a legal basis for the processing of personal data.
Therefore, even if companies could use an opt-out system to comply with the e-Privacy Directive's consent requirement for using a tracking cookie, they would generally have to obtain the data subject's unambiguous consent if they process personal data for behavioural targeting.

behavioural targeting, Grondrechten, Personal data, Privacy

Bibtex

Article{nokey, title = {Personal data processing for behavioural targeting: which legal basis?}, author = {Zuiderveen Borgesius, F.}, url = {http://idpl.oxfordjournals.org/content/early/2015/06/23/idpl.ipv011.abstract?keytype=ref&ijkey=vlrPCGCUMXW8kAz}, year = {0625}, date = {2015-06-25}, journal = {International Data Privacy Law}, abstract = {Key Points: The European Union Charter of Fundamental Rights only allows personal data processing if a data controller has a legal basis for the processing. This paper argues that, in most circumstances, the only available legal basis for the processing of personal data for behavioural targeting is the data subject's unambiguous consent. Furthermore, the paper argues that the cookie consent requirement from the e-Privacy Directive does not provide a legal basis for the processing of personal data. Therefore, even if companies could use an opt-out system to comply with the e-Privacy Directive's consent requirement for using a tracking cookie, they would generally have to obtain the data subject's unambiguous consent if they process personal data for behavioural targeting.}, keywords = {behavioural targeting, Grondrechten, Personal data, Privacy}, }

De implicaties van het Google Spain-arrest voor de vrijheid van meningsuiting external link

Zuiderveen Borgesius, F. & Kulk, S.
NJCM-Bulletin, num: 1, pp: 3-19., 2015

Abstract

In deze bijdrage wordt het Google Spain-arrest van het Hof van Justitie van de Europese Unie besproken, evenals de ontwikkelingen na het arrest. Centraal staat de vraag naar de gevolgen van het arrest voor de vrijheid van meningsuiting. De auteurs betogen dat het Hof onvoldoende aandacht schenkt aan de vrijheid van meningsuiting.

Grondrechten, Internet, Persoonsgegevens, Privacy, recht om vergeten te worden, Vrijheid van meningsuiting, zoekmachines

Bibtex

Article{nokey, title = {De implicaties van het Google Spain-arrest voor de vrijheid van meningsuiting}, author = {Zuiderveen Borgesius, F. and Kulk, S.}, url = {http://www.ivir.nl/publicaties/download/1566.pdf}, year = {0604}, date = {2015-06-04}, journal = {NJCM-Bulletin}, number = {1}, abstract = {In deze bijdrage wordt het Google Spain-arrest van het Hof van Justitie van de Europese Unie besproken, evenals de ontwikkelingen na het arrest. Centraal staat de vraag naar de gevolgen van het arrest voor de vrijheid van meningsuiting. De auteurs betogen dat het Hof onvoldoende aandacht schenkt aan de vrijheid van meningsuiting.}, keywords = {Grondrechten, Internet, Persoonsgegevens, Privacy, recht om vergeten te worden, Vrijheid van meningsuiting, zoekmachines}, }

Annotatie bij Rb. ‘s-Gravenhage 23 juli 2014 (Strafadvocaten e.a. / Staat der Nederlanden) external link

van der Sloot, B.
Mediaforum, num: 11/12, pp: 306-309., 2015

Grondrechten, Privacy

Bibtex

Case note{nokey, title = {Annotatie bij Rb. ‘s-Gravenhage 23 juli 2014 (Strafadvocaten e.a. / Staat der Nederlanden)}, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1559.pdf}, year = {0413}, date = {2015-04-13}, journal = {Mediaforum}, number = {11/12}, keywords = {Grondrechten, Privacy}, }

Privacy as human flourishing: Could a shift towards virtue ethics strengthen privacy protection in the age of Big Data? external link

van der Sloot, B.
JIPITEC, num: 3, pp: 230-244., 2015

Abstract

Privacy is commonly seen as an instrumental value in relation to negative freedom, human dignity and personal autonomy. Article 8 ECHR, protecting the right to privacy, was originally coined as a doctrine protecting the negative freedom of citizens in vertical relations, that is between citizen and state. Over the years, the Court has extended privacy protection to horizontal relations and has gradually accepted that individual autonomy is an equally important value underlying the right to privacy. However, in most of the recent cases regarding Article 8 ECHR, the Court goes beyond the protection of negative freedom and individual autonomy and instead focuses self-expression, personal development and human flourishing. Accepting this virtue ethical notion, in addition to the traditional Kantian focus on individual autonomy and human dignity, as a core value of Article 8 ECHR may prove vital for the protection of privacy in the age of Big Data.

Big data, Ethiek, European Convention on Human Rights, Grondrechten, Privacy

Bibtex

Article{nokey, title = {Privacy as human flourishing: Could a shift towards virtue ethics strengthen privacy protection in the age of Big Data?}, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1558.pdf}, year = {0414}, date = {2015-04-14}, journal = {JIPITEC}, number = {3}, abstract = {Privacy is commonly seen as an instrumental value in relation to negative freedom, human dignity and personal autonomy. Article 8 ECHR, protecting the right to privacy, was originally coined as a doctrine protecting the negative freedom of citizens in vertical relations, that is between citizen and state. Over the years, the Court has extended privacy protection to horizontal relations and has gradually accepted that individual autonomy is an equally important value underlying the right to privacy. However, in most of the recent cases regarding Article 8 ECHR, the Court goes beyond the protection of negative freedom and individual autonomy and instead focuses self-expression, personal development and human flourishing. Accepting this virtue ethical notion, in addition to the traditional Kantian focus on individual autonomy and human dignity, as a core value of Article 8 ECHR may prove vital for the protection of privacy in the age of Big Data.}, keywords = {Big data, Ethiek, European Convention on Human Rights, Grondrechten, Privacy}, }

Book review: ‘Reforming European Data Protection Law’ external link

van der Sloot, B.
European Data Protection Law Review, num: 1, pp: 85-87., 2015

Grondrechten, Privacy

Bibtex

Other{nokey, title = {Book review: ‘Reforming European Data Protection Law’}, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1556.pdf}, year = {0521}, date = {2015-05-21}, journal = {European Data Protection Law Review}, number = {1}, keywords = {Grondrechten, Privacy}, }

Privacy as Personality Right: Why the ECtHR’s Focus on Ulterior Interests Might Prove Indispensable in the Age of external link

van der Sloot, B.
Utrecht Journal of International and European Law, num: 80, pp: 25-50., 2015

Abstract

Article 8 ECHR was adopted as a classic negative right, which provides the citizen protection from unlawful and arbitrary interference by the state with his private and family life, home and communication. The ECtHR, however, has gradually broadened its scope so that the right to privacy encroaches upon other provisions embodied in the Convention, includes rights and freedoms explicitly left out of the ECHR by the drafters of the Convention and functions as the main pillar on which the Court has built its practice of opening up the Convention for new rights and freedoms. Consequently, Article 8 ECHR has been transformed from a classic privacy right to a personality right, providing protection to the personal development of individuals. Apart from its theoretical significance, this shift might prove indispensable in the age of Big Data, as personality rights protect a different type of interest, which is far more easy to substantiate in the new technological paradigm than those associated with the right to privacy.

Big data, Grondrechten, Privacy

Bibtex

Article{nokey, title = {Privacy as Personality Right: Why the ECtHR’s Focus on Ulterior Interests Might Prove Indispensable in the Age of}, author = {van der Sloot, B.}, url = {http://www.ivir.nl/publicaties/download/1555.pdf}, year = {0522}, date = {2015-05-22}, journal = {Utrecht Journal of International and European Law}, number = {80}, abstract = {Article 8 ECHR was adopted as a classic negative right, which provides the citizen protection from unlawful and arbitrary interference by the state with his private and family life, home and communication. The ECtHR, however, has gradually broadened its scope so that the right to privacy encroaches upon other provisions embodied in the Convention, includes rights and freedoms explicitly left out of the ECHR by the drafters of the Convention and functions as the main pillar on which the Court has built its practice of opening up the Convention for new rights and freedoms. Consequently, Article 8 ECHR has been transformed from a classic privacy right to a personality right, providing protection to the personal development of individuals. Apart from its theoretical significance, this shift might prove indispensable in the age of Big Data, as personality rights protect a different type of interest, which is far more easy to substantiate in the new technological paradigm than those associated with the right to privacy.}, keywords = {Big data, Grondrechten, Privacy}, }

Het mijnenveld van het informatierecht external link

Zuiderveen Borgesius, F.
Mr., num: 5, pp: 62-67, 2015

Abstract

In theorie lijkt de bescherming van persoonsgegevens op orde: internetbedrijven moeten mensen informeren over wat er met hun gegevens gebeurt, en doorgaans toestemming vragen voor ze die gegevens gebruiken. Maar in de praktijk schiet die ‘geïnformeerde toestemming’ als privacybeschermingsmaatregel tekort. Om privacy beter te beschermen moet volgens onderzoeker Frederik Borgesius de privacywetgeving beter worden nageleefd en gehandhaafd én op de schop. Hij pleit voor een breder privacydebat. “We móeten dat mijnenveld in.”

bescherming persoonsgegevens, Grondrechten, Privacy, wetgeving

Bibtex

Article{nokey, title = {Het mijnenveld van het informatierecht}, author = {Zuiderveen Borgesius, F.}, url = {http://www.ivir.nl/publicaties/download/1552.pdf}, year = {0512}, date = {2015-05-12}, journal = {Mr.}, number = {5}, abstract = {In theorie lijkt de bescherming van persoonsgegevens op orde: internetbedrijven moeten mensen informeren over wat er met hun gegevens gebeurt, en doorgaans toestemming vragen voor ze die gegevens gebruiken. Maar in de praktijk schiet die ‘geïnformeerde toestemming’ als privacybeschermingsmaatregel tekort. Om privacy beter te beschermen moet volgens onderzoeker Frederik Borgesius de privacywetgeving beter worden nageleefd en gehandhaafd én op de schop. Hij pleit voor een breder privacydebat. “We móeten dat mijnenveld in.”}, keywords = {bescherming persoonsgegevens, Grondrechten, Privacy, wetgeving}, }