1 / 27

Data Protection & Privacy in the Information Age COMNET – Legal Frameworks for ICTs Malta 2013

Data Protection & Privacy in the Information Age COMNET – Legal Frameworks for ICTs Malta 2013 Dr Antonio Ghio Dr Jeanine Rizzo. The Right to Privacy. Everything is Information. Protecting the information which belongs to ourselves.

kirti
Download Presentation

Data Protection & Privacy in the Information Age COMNET – Legal Frameworks for ICTs Malta 2013

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data Protection & Privacy in the Information Age COMNET – Legal Frameworks for ICTs Malta 2013 Dr Antonio Ghio Dr Jeanine Rizzo

  2. The Right to Privacy Everything is Information Protecting the information which belongs to ourselves Privacy as a Fundamental Human Right - Article 8 of ECHR Informational Self-Determination - the 1970 Law of Hesse The 1973 Law of Sweden

  3. Data Protection Legislation Safeguarding the individual’s right to privacy Technology affords the means to amass, correlate and manipulate personal information The absence of legislative safeguards may allow abuse of this information

  4. Essential Features Data Controllers have obligations Individualshave rights

  5. What is Personal Data? “Any Information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity”

  6. The Actors Data Subjects “A natural person to whom the personal data relates” Data Controller “A person who alone or jointly with others determines the purposes and means of the processing of personal data” Data Processor “A person who processes personal data on behalf of a controller”

  7. collection use recording disclosure dissemination organization storage alignment adaptation combination alteration blocking retrieval erasure gathering destruction Processing Any operation or set of operations which is taken in regard to personal data, whether or not it occurs by automatic means

  8. Sensitive Personal Data Personal data that reveals race or ethnic origin, political opinions, religious or philosophical beliefs, membership of a trade union, health, or sex life

  9. Data Protection Principles - Fair And Lawful Processing - In accordance with good practice - Personal Data only collected for specific, explicitly stated and legitimate purposes - Not be processed for any purpose that is incompatible with that for which the information is collected - Processing adequate and relevant in relation to the purposes of processing - No more Personal Data is processed than is necessary and is not kept for a period longer than necessary - Correct and up to date - All reasonable measures are taken to complete, correct, block or erase data to the extent that such data is incomplete or incorrect

  10. Criteria for Processing - when data subject has unambiguously given his consent - necessary for the performance of a contract - necessary for compliance with a legal obligation of the controller - to protect the vital interests of the data subject - necessary for the performance of an activity that is carried out in the public interest or in the exercise of official authority vested in the controller or in a third party to whom the data is disclosed

  11. Consent “Any freely given specific and informed indication of the wishes of the data subject by which he signifies his agreement to personal data relating to him being processed” Processing always permitted if the data subject has given consent to the processing General consent to any and all conceivable processing that the controller may wish to perform is not sufficient Consent need not normally be explicit. (If the data subject by way of his or her actions accepts certain processing, it is likely that the data subject will be deemed to have given consent) The data subject is normally entitled to revoke consent at any time

  12. Privacy in the 21st Century Is Privacy DEAD?

  13. Google Streetview

  14. iPhone Location Data

  15. Biometrics

  16. A law reflecting the past

  17. Technology Neutrality?

  18. Informational Self-Determination Applying accepted principles within new technological frameworks Applying accepted data protection principles within new technological frameworks Technological Neutrality Legal Certainty

  19. New Proposed DP Regulations Right to be Forgotten

  20. Grazzi! antonio.ghio@fenlex.com

More Related