Keyword: frontpage

The Right to Lodge a Data Protection Complaint: Ok, But Then What? An empirical study of current practices under the GDPR external link

European Data Protection Scholars Network
2022

Abstract

This study examines current Data Protection Authorities' (DPA) practices related to their obligation to facilitate the submission of complaints, granting special attention to the connection between this obligation and the right to an effective judicial remedy against DPAs. It combines legal analysis and the observation of DPA websites, together with insights obtained from the online public register of decisions adopted under the ʻone-stop-shopʼ mechanism. This study was commissioned by Access Now.

Data Protection Authorities, frontpage, GDPR, remedy, right to an effective remedy

Bibtex

Other{Network2022, title = {The Right to Lodge a Data Protection Complaint: Ok, But Then What? An empirical study of current practices under the GDPR}, author = {European Data Protection Scholars Network}, url = {https://www.ivir.nl/gdpr-complaint-study-2/}, year = {0712}, date = {2022-07-12}, abstract = {This study examines current Data Protection Authorities\' (DPA) practices related to their obligation to facilitate the submission of complaints, granting special attention to the connection between this obligation and the right to an effective judicial remedy against DPAs. It combines legal analysis and the observation of DPA websites, together with insights obtained from the online public register of decisions adopted under the ʻone-stop-shopʼ mechanism. This study was commissioned by Access Now.}, keywords = {Data Protection Authorities, frontpage, GDPR, remedy, right to an effective remedy}, }

In defense of offense: information security research under the right to science external link

van Daalen, O.
Computer Law & Security Review, vol. 46, 2022

Abstract

Information security is something you do, not something you have. It's a recurring process of finding weaknesses and fixing them, only for the next weakness to be discovered, and fixed, and so on. Yet, European Union rules in this field are not built around this cycle of making and breaking: doing offensive information security research is not always legal, and doubts about its legality can have a chilling effect. At the same time, the results of such research are sometimes not used to allow others to take defensive measures, but instead are used to attack. In this article, I review whether states have an obligation under the right to science and the right to communications freedom to develop governance which addresses these two issues. I first discuss the characteristics of this cycle of making and breaking. I then discuss the rules in the European Union with regard to this cycle. Then I discuss how the right to science and the right to communications freedom under the European Convention for Human Rights , the EU Charter of Fundamental Rights and the International Covenant on Economic, Social and Cultural Rights apply to this domain. I then conclude that states must recognise a right to research information security vulnerabilities, but that this right comes with a duty of researchers to disclose their findings in a way which strengthens information security.

Communications freedom, Coordinated vulnerability disclosure, Duty to disclose, frontpage, Informatierecht, Information security, Information security research, Right to science, Vrijheid van meningsuiting, Vulnerabilities

Bibtex

Article{nokey, title = {In defense of offense: information security research under the right to science}, author = {van Daalen, O.}, doi = {https://doi.org/10.1016/j.clsr.2022.105706}, year = {0712}, date = {2022-07-12}, journal = {Computer Law & Security Review}, volume = {46}, pages = {}, abstract = {Information security is something you do, not something you have. It\'s a recurring process of finding weaknesses and fixing them, only for the next weakness to be discovered, and fixed, and so on. Yet, European Union rules in this field are not built around this cycle of making and breaking: doing offensive information security research is not always legal, and doubts about its legality can have a chilling effect. At the same time, the results of such research are sometimes not used to allow others to take defensive measures, but instead are used to attack. In this article, I review whether states have an obligation under the right to science and the right to communications freedom to develop governance which addresses these two issues. I first discuss the characteristics of this cycle of making and breaking. I then discuss the rules in the European Union with regard to this cycle. Then I discuss how the right to science and the right to communications freedom under the European Convention for Human Rights , the EU Charter of Fundamental Rights and the International Covenant on Economic, Social and Cultural Rights apply to this domain. I then conclude that states must recognise a right to research information security vulnerabilities, but that this right comes with a duty of researchers to disclose their findings in a way which strengthens information security.}, keywords = {Communications freedom, Coordinated vulnerability disclosure, Duty to disclose, frontpage, Informatierecht, Information security, Information security research, Right to science, Vrijheid van meningsuiting, Vulnerabilities}, }

EU copyright law round up – second trimester of 2022 external link

Trapova, A. & Quintais, J.
Kluwer Copyright Blog, 2022

Auteursrecht, frontpage

Bibtex

Article{nokey, title = {EU copyright law round up – second trimester of 2022}, author = {Trapova, A. and Quintais, J.}, url = {http://copyrightblog.kluweriplaw.com/2022/07/07/eu-copyright-law-round-up-second-trimester-of-2022/}, year = {0708}, date = {2022-07-08}, journal = {Kluwer Copyright Blog}, keywords = {Auteursrecht, frontpage}, }

Filtered Futures Conference: Exploring the Fundamental Rights Constraints of Automated Filtering After the CJEU Ruling on Article 17 external link

Reda, F. & Keller, P.
Kluwer Copyright Blog, 2022

frontpage

Bibtex

Article{nokey, title = {Filtered Futures Conference: Exploring the Fundamental Rights Constraints of Automated Filtering After the CJEU Ruling on Article 17}, author = {Reda, F. and Keller, P.}, url = {http://copyrightblog.kluweriplaw.com/2022/06/17/filtered-futures-conference-exploring-the-fundamental-rights-constraints-of-automated-filtering-after-the-cjeu-ruling-on-article-17/}, year = {0617}, date = {2022-06-17}, journal = {Kluwer Copyright Blog}, keywords = {frontpage}, }

Algorithms Off-limits? If digital trade law restricts access to source code of software then accountability will suffer external link

Irion, K.
2022

Abstract

Free trade agreements are increasingly used to construct an additional layer of protection for source code of software. This comes in the shape of a new prohibition for governments to require access to, or transfer of, source code of software, subject to certain exceptions. A clause on software source code is also part and parcel of an ambitious set of new rules on trade-related aspects of electronic commerce currently negotiated by 86 members of the World Trade Organization. Our understanding to date of how such a commitment inside trade law impacts on governments right to regulate digital technologies and the policy space that is allowed under trade law is limited. Access to software source code is for example necessary to meet regulatory and judicial needs in order to ensure that digital technologies are in conformity with individuals’ human rights and societal values. This article will analyze the implications of such a source code clause for current and future digital policies by governments that aim to ensure transparency, fairness and accountability of computer and machine learning algorithms.

accountability, algorithms, application programming interfaces, auditability, Digital trade, fairness, frontpage, source code, Transparency

Bibtex

Article{Irion2022b, title = {Algorithms Off-limits? If digital trade law restricts access to source code of software then accountability will suffer}, author = {Irion, K.}, url = {https://www.ivir.nl/facct22-125-2/}, year = {0617}, date = {2022-06-17}, abstract = {Free trade agreements are increasingly used to construct an additional layer of protection for source code of software. This comes in the shape of a new prohibition for governments to require access to, or transfer of, source code of software, subject to certain exceptions. A clause on software source code is also part and parcel of an ambitious set of new rules on trade-related aspects of electronic commerce currently negotiated by 86 members of the World Trade Organization. Our understanding to date of how such a commitment inside trade law impacts on governments right to regulate digital technologies and the policy space that is allowed under trade law is limited. Access to software source code is for example necessary to meet regulatory and judicial needs in order to ensure that digital technologies are in conformity with individuals’ human rights and societal values. This article will analyze the implications of such a source code clause for current and future digital policies by governments that aim to ensure transparency, fairness and accountability of computer and machine learning algorithms.}, keywords = {accountability, algorithms, application programming interfaces, auditability, Digital trade, fairness, frontpage, source code, Transparency}, }

Defining the scope of AI ADM system risk assessment external link

Janssen, H., Seng Ah Lee, M., Singh, J. & Cobbe, J.
Research handbook on EU data protection law, E. Kosta, R. Leenes & I. Kamara (ed.), Edgar Elgar Publishing, 0616, pp: 405-434

frontpage, Privacy, Recht op gegevensbescherming

Bibtex

Chapter{nokey, title = {Defining the scope of AI ADM system risk assessment}, author = {Janssen, H. and Seng Ah Lee, M. and Singh, J. and Cobbe, J.}, year = {0616}, date = {2022-06-16}, keywords = {frontpage, Privacy, Recht op gegevensbescherming}, }

Data intermediary external link

Janssen, H. & Singh, J.
Internet Policy Review, vol. 11, iss. : 1, 2022

Abstract

Data intermediaries serve as a mediator between those who wish to make their data available, and those who seek to leverage that data. The intermediary works to govern the data in specific ways, and provides some degree of confidence regarding how the data will be used.

frontpage, online intermediaries, Technologie en recht

Bibtex

Article{nokey, title = {Data intermediary}, author = {Janssen, H. and Singh, J.}, doi = {https://doi.org/10.14763/2022.1.1644}, year = {0616}, date = {2022-06-16}, journal = {Internet Policy Review}, volume = {11}, issue = {1}, pages = {}, abstract = {Data intermediaries serve as a mediator between those who wish to make their data available, and those who seek to leverage that data. The intermediary works to govern the data in specific ways, and provides some degree of confidence regarding how the data will be used.}, keywords = {frontpage, online intermediaries, Technologie en recht}, }

Personal Information Management Systems external link

Janssen, H. & Singh, J.
Internet Policy Review, vol. 11, iss. : 2, 2022

Abstract

Personal Information Management Systems (PIMS) seek to empower users by equipping them with mechanisms for mediating, monitoring and controlling how their data is accessed, used, or shared.

frontpage, personal information management systems, pims, Technologie en recht, zelfregulering

Bibtex

Article{nokey, title = {Personal Information Management Systems}, author = {Janssen, H. and Singh, J.}, doi = {https://doi.org/10.14763/2022.2.1659 }, year = {0616}, date = {2022-06-16}, journal = {Internet Policy Review}, volume = {11}, issue = {2}, pages = {}, abstract = {Personal Information Management Systems (PIMS) seek to empower users by equipping them with mechanisms for mediating, monitoring and controlling how their data is accessed, used, or shared.}, keywords = {frontpage, personal information management systems, pims, Technologie en recht, zelfregulering}, }

Annotatie bij Rb Noord-Holland 6 oktober 2021 (Kamerlid / LinkedIn Ierland & LinkedIn Nederland) external link

Leerssen, P.
Computerrecht, iss. : 3, num: 97, pp: 228-230, 2022

Art. 10 EVRM, desinformatie, frontpage, Vrijheid van meningsuiting

Bibtex

Article{nokey, title = {Annotatie bij Rb Noord-Holland 6 oktober 2021 (Kamerlid / LinkedIn Ierland & LinkedIn Nederland)}, author = {Leerssen, P.}, url = {https://www.ivir.nl/annotatie_computerrecht_2022_97/}, year = {0616}, date = {2022-06-16}, journal = {Computerrecht}, issue = {3}, number = {97}, keywords = {Art. 10 EVRM, desinformatie, frontpage, Vrijheid van meningsuiting}, }

A Matter of (Joint) control? Virtual assistants and the general data protection regulation external link

Mil, J. van & Quintais, J.
Computer Law & Security Review, vol. 45, 2022

Abstract

This article provides an overview and critical examination of the rules for determining who qualifies as controller or joint controller under the General Data Protection Regulation. Using Google Assistant – an artificial intelligence-driven virtual assistant – as a case study, we argue that these rules are overreaching and difficult to apply in the present-day information society and Internet of Things environments. First, as a consequence of recent developments in case law and supervisory guidance, these rules lead to a complex and ambiguous test to determine (joint) control. Second, due to advances in technological applications and business models, it is increasingly challenging to apply such rules to contemporary processing operations. In particular, as illustrated by the Google Assistant, individuals will likely be qualified as joint controllers, together with Google and also third-party developers, for at least the collection and possible transmission of other individuals’ personal data via the virtual assistant. Third, we identify follow-on issues relating to the apportionment of responsibilities between joint controllers and the effective and complete protection of data subjects. We conclude by questioning whether the framework for determining who qualifies as controller or joint controller is future-proof and normatively desirable.

frontpage, GDPR, Privacy, Recht op gegevensbescherming

Bibtex

Article{nokey, title = {A Matter of (Joint) control? Virtual assistants and the general data protection regulation}, author = {Mil, J. van and Quintais, J.}, doi = {https://doi.org/https://doi.org/10.1016/j.clsr.2022.105689}, year = {0616}, date = {2022-06-16}, journal = {Computer Law & Security Review}, volume = {45}, pages = {}, abstract = {This article provides an overview and critical examination of the rules for determining who qualifies as controller or joint controller under the General Data Protection Regulation. Using Google Assistant – an artificial intelligence-driven virtual assistant – as a case study, we argue that these rules are overreaching and difficult to apply in the present-day information society and Internet of Things environments. First, as a consequence of recent developments in case law and supervisory guidance, these rules lead to a complex and ambiguous test to determine (joint) control. Second, due to advances in technological applications and business models, it is increasingly challenging to apply such rules to contemporary processing operations. In particular, as illustrated by the Google Assistant, individuals will likely be qualified as joint controllers, together with Google and also third-party developers, for at least the collection and possible transmission of other individuals’ personal data via the virtual assistant. Third, we identify follow-on issues relating to the apportionment of responsibilities between joint controllers and the effective and complete protection of data subjects. We conclude by questioning whether the framework for determining who qualifies as controller or joint controller is future-proof and normatively desirable.}, keywords = {frontpage, GDPR, Privacy, Recht op gegevensbescherming}, }