Strategic Indeterminacy and Online Privacy Policies: (Un)informed Consent and the General Data Protection Regulation

Article 12 of the General Data Protection Regulation (GDPR) requires data controllers to provide data subjects with any information relating to data processing operations “in a concise, transparent, intelligible and easily accessible form, using clear and plain language.” Linguistic inclusivity of p...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:International journal for the semiotics of law = Revue internationale de sémiotique juridique Ročník 38; číslo 2; s. 701 - 729
Hlavný autor: Green, Daniel
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: Dordrecht Springer Netherlands 01.02.2025
Predmet:
Applied Linguistics
Fundamentals of Law
Law
Law and Criminolgy
Legal History
Philosophy of Law
Theories of Law
Information requirement
Transparency
Legal linguistics
Privacy policy
Informed consent
Indeterminacy
General data protection regulation (GDPR)
ISSN:0952-8059, 1572-8722
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:Article 12 of the General Data Protection Regulation (GDPR) requires data controllers to provide data subjects with any information relating to data processing operations “in a concise, transparent, intelligible and easily accessible form, using clear and plain language.” Linguistic inclusivity of privacy policies is no longer a matter of style, but has been a binding legal requirement under the new data protection framework. Article 5 GDPR sets forth the requirements of lawfulness, fairness and transparency and prohibits any data processing operations which do not meet the standards of specification, explicitness and legitimacy of processing purposes [ 29 ]. In this study, a quantitative and qualitative analysis of linguistic indeterminacy in a corpus of 350 online privacy policies is presented and it is argued that a considerable number of data controllers continue to make use of strategic vagueness in the context of purpose limitation, therefore potentially prejudicing compliance with the GDPR. A legal-linguistic perspective on the current challenges of informed consent in European data protection law is provided. Finally, it is concluded that while the GDPR has contributed significantly to the linguistic empowerment of the data subject, the framework fails to satisfy the expectation of creating a participatory culture (see [ 36 ]) with a high degree of informational self-determination.
ISSN:0952-8059
1572-8722
DOI:10.1007/s11196-024-10132-4