The European Union general data protection regulation: what it is and what it means

This paper introduces the strategic approach to regulating personal data and the normative foundations of the European Union's General Data Protection Regulation ('GDPR'). We explain the genesis of the GDPR, which is best understood as an extension and refinement of existing requireme...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Information & communications technology law Ročník 28; číslo 1; s. 65 - 98
Hlavní autoři: Hoofnagle, Chris Jay, van der Sloot, Bart, Borgesius, Frederik Zuiderveen
Médium: Journal Article
Jazyk:angličtina
Vydáno: Abingdon Taylor & Francis Ltd 02.01.2019
Témata:
Advertisements
Advertising
Business
Carrots
Companies
Computer privacy
Consumers
Data
Data integrity
Decision making
Development policy
General Data Protection Regulation
Governance
Information
Information policies
Internet
Personal information
Privacy
Protection
Regulation
Structural members
Violations
ISSN:1360-0834, 1469-8404
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:This paper introduces the strategic approach to regulating personal data and the normative foundations of the European Union's General Data Protection Regulation ('GDPR'). We explain the genesis of the GDPR, which is best understood as an extension and refinement of existing requirements imposed by the 1995 Data Protection Directive; describe the GDPR's approach and provisions; and make predictions about the GDPR's implications. We also highlight where the GDPR takes a different approach than U.S. privacy law. The GDPR is the most consequential regulatory development in information policy in a generation. The GDPR brings personal data into a detailed regulatory regime, that will influence personal data usage worldwide. Understood properly, the GDPR encourages firms to develop information governance frameworks, to in-house data use, and to keep humans in the loop in decision making. Companies with direct relationships with consumers have strategic advantages under the GDPR, compared to third party advertising firms on the internet. To reach these objectives, the GDPR uses big sticks, structural elements that make proving violations easier, but only a few carrots. The GDPR will complicate and restrain some information-intensive business models. But the GDPR will also enable approaches previously impossible under less-protective approaches.
Bibliografie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:1360-0834
1469-8404
DOI:10.1080/13600834.2019.1573501