100% Zufriedenheitsgarantie Sofort verfügbar nach Zahlung Sowohl online als auch als PDF Du bist an nichts gebunden
logo-home
Summary CIPP/E Revision Notes 15,46 €   In den Einkaufswagen

Zusammenfassung

Summary CIPP/E Revision Notes

2 rezensionen
 450 mal angesehen  39 mal verkauft
  • Kurs
  • Hochschule

A complete summary of all the information needed for the 2023 CIPP/E exam. Compiled from the European Data Protection Law & Practice textbook, EDPB guidelines and background reading. Used to obtain an overall score across all three sections of 98.7%.

vorschau 4 aus 62   Seiten

  • 3. september 2023
  • 62
  • 2023/2024
  • Zusammenfassung

2  rezensionen

review-writer-avatar

von: omilekebolaji • 4 Monate vor

review-writer-avatar

von: adamderijke • 7 Monate vor

Von Google übersetzt

Clear, organized and, above all, compact. Not the idea that something is missing. Good test preparation

avatar-seller
Chapter 2: European Union Institutions: Questions: 1-2

All roles and powers set out in the Treaty of Lisbon.

 European Central Bank (can make binding decisions) and Court of Auditors (just know exist)

EUROPEAN COUNCIL

 Meet 4 x per year to define political agenda, cannot create laws.
 1974: Started as an informal body.
 1992: Treaty of Maastricht - forum for governments to discuss community issues.
 Now: Made up of all 27 Heads of State (EU) and the President of the Commission.
 President is elected by a qualified majority of the European Council - 2.5 years, renewable once.
 Decisions usually made by consensus, but sometimes need to be unanimous (set out in treaties).

EUROPEAN COMMISSION

 1965: Created by merging the Coal and Steel, Economic and Atomic Energy Communities.
 Made up of state Commissioners who are independent from their nominating country.
 Overseen by Parliament (so that democratically elected representatives oversee everything).
 First role is to propose legislation to the Council of the European Union and Parliament.
 Second role is to oversee enforcement through CJEU.
 Only institution that can make adequacy decisions.

COUNCIL OF THE EUROPEAN UNION

 1950s: Established by the treaties that laid the foundations of the EU.
 Jointly makes decisions with Parliament – can amend proposals before adoption.
 Issues regulations, directives, decisions, recommendations and opinions.

 Made up of 1 national minister from each state (27 total), e.g. Minister for Agriculture.
 President voted in by qualified majority and need at least 65%.
 Only their meetings to vote on laws must be held in public – not full transparency.

 10 Areas: General, Foreign, Economic & Financial, Justice & Home, Employment – Social Policy –
Health – Consumer, Competitiveness, Transport, Telecommunications & Energy, Agriculture &
Fisheries, Environment, Education – Youth – Culture – Sport.

EUROPEAN PARLIAMENT

1. Legislative
 Shares legislative power with the Council.
 Cannot create legislation itself, only ask Commission to submit to the Council.
 Can invite Commission and Council to consider amending or developing new policies.

a.Ordinary procedure: Both Parliament and Council agree to legislation – equal (DP Legislation).
b. Consultation procedure: Council must consult Parliament but can go ahead anyway.
c.Consent procedure: Council must consult Parliament and needs their consent.

2. Political
 Elects the President of the Commission.
 Can censure the Commission and require all Commissioners to resign.
 Commission must regularly submit reports to Parliament for scrutiny.
 Known for advocating privacy rights.

3. Budgetary
 Jointly agrees the budget with the Council so influences EU spending subject to spending limits.

4. Membership
 Members directly elected by EU citizens every 5 years.

,  Proportional representation, minimum 6, maximum 96 – 751 total.
 Sit in political groups of at least 25 members and at least ¼ states represented in each group.

5. Plenary Sessions
 Members prepare for plenary sessions in parliamentary committees.
 One member is appointed as rapporteur – prepared report on proposed legislative text.
 Debate and amend within committee and political groups, then submit to Parliament.
 Political groups can propose amendments in plenary sessions then adopted by Parliament.
 Procedure repeated one or more times depending on if the Council agrees.
 Adopted by simple majority vote.

COURT OF JUSTICE OF THE EUROPEAN UNION (CJEU)

 Treaty of Paris 1951: Started with EU Coal and Steel Community.
 Treaty of Rome 1957: Became the European Community’s court.
 Treaty of Maastricht 1992: Foundational Treaty for the EU. Powers expanded.
 Treaty of Lisbon: Extended jurisdiction and renamed from CJE-Communities to CJE-Union.

 Commission brings actions against state or for individuals and enforces CJEU actions.

 Court of Justice (ECJ):
o 27 judges, 1 from each state, 6 year term.
o Judges elect one of the judges to be President for 3 years
o 8 Advocates General – non-binding decisions about how to decide the case.
o Hears appeals from the Court of First Instance.

 Role of ECJ in DP:
o Jurisdiction on GDPR - hears cases referred from national courts on interpretation of EU law.
o Hears cases brought by Commission against states for failure to ratify treaties.
o 2010: UK failed to implement rules on confidentiality of electronic communications.
o BUT Supervisory Authorities have the power to impose administrative fines, not CJEU.

 Key Cases:
o Google Spain: Right to be Forgotten - Search engines "established" and remove listings.
o Digital Rights Ireland: Invalidated the Data Retention Directive.
o ANAF: Must inform individuals before making a transfer between public administrative bodies.
o Weltimmo: Even minimal activities in a member state can trigger that state’s laws.
o Schrems: Invalidated Safe Harbour.
o Tele2 Sverige and Tom Watson: Cannot indiscriminately retain PD, even for fighting crime.

EUROPEAN COURT OF HUMAN RIGHTS (ECtHR)

 NOT an EU institution, oversees ECHR which was created by Council of Europe (non-EU institution)
 Receives complaints (‘Applications’) from individuals (directly been a victim) and states.
 Issues binding judgements – gives reasons for decision and dissenting can give a separate opinion.
 Can go beyond states’ partial reparation to afford just satisfaction.
 Judges equal to the number of members, sit in individual capacity and do not represent any state.
 No more than 1 judge can be a national of a state.
 Chamber of 7 judges considers each case.
 Cannot overrule national decisions or annul national laws – cannot force to implement EU law.
 ECtHR decisions enforced by Council of Europe.

 Cases around A.8 right to respect for private and family life so active in DP:
o MM v UK (2012): Cannot indiscriminately collect criminal data – need clear safeguards.
o Copeland v UK (2007): Cannot monitor email at work (no law allowing this).
o Gaskin v UK (1989): Have to allow individuals to access their data.

, Chapter 1: Origins and Development of European Data Protection Law: Questions: 0-1
Chapter 3: Legislative Framework: Questions: 3-7

Rationale

 1970’s: More computers and international trade from European Economic Community (EEC).
 Public bodies and corporations created data banks and automated storage.
 Bad for privacy, worse when transferred internationally.
 Individual states had different laws.
 Need to give individuals control over privacy but still allow international free flow in EEC.

Human Rights Law

1. Universal Declaration of Human Rights – FIRST PRIVACY LAW

 1948: General Assembly of the United Nations
 A.12 (RIGHT): No arbitrary interference with privacy, family, home or correspondence.
 A.19: Freedom of expression.
 A.29(2) (LIMIT): Individual rights are not absolute - limited to secure rights of others (balance).

2. European Convention on Human Rights

 1953: Council of Europe – built on the Universal Direction of Human Rights.
 ONLY applies to member states.
 Enforced by the European Court of Human Rights – binding rulings for changes to laws and practice.
 Council of Europe can request ECtHR gives advisory opinions.

 Need for balance and justifiable interference.
o A.8(1): Right to respect for private and family life, home and correspondence
o A.8(2): Can interfere if necessary in interests of national security, public safety, economic
wellbeing, prevent crime, protect health and morals, protect others’ right and freedoms.
o A.10(1): Right to freedom of expression and to share information and ideas.
o A.10(2): Can interfere where prescribed by law and necessary.

Early DP Laws

3. 1960-1980: State Laws

 Created own laws to control use of PD by governments and companies.
 Austria, Denmark, France, Germany, Luxembourg, Norway and Sweden.
 Spain, Portugal and Austria – DP included as fundamental right in constitutions.
.
4. 1968: Recommendation 509

 On human rights and modern scientific and technological developments.
 Council of Europe – Framework of principles and standards to deal with new tech harming A.8

5. 1973 & 1974: Resolution 73/22 & Resolution 74/29

 Principles for automated databanks.
 Objective – persuade states to develop own legislation.
 Failed as needed clear needed binding international standards.

6. OECD Guidelines (ANY COUNTRY, BUT NOT BINDING)

 Organisation for Economic Co-operation and Development (OECD)
 Role to promote policies for economic growth and employment to raise standard of living.
 ANY COUNTRY can be a member.

 1980: Guidelines on the Protection of Privacy and Transborder Flows of PD
o Seeks to harmonise DP laws between countries.

, o Prepared with Council of Europe and European Community.
o NOT BINDING – just basis for those with no DP laws or principles to add to existing.
o Covers both electronic and manual.

 Free flow of data:
o Cooperate with other countries – balance privacy without stopping flow.
o Take reasonable and appropriate steps to ensure transfers uninterrupted and secure.
o Can impose restrictions on transfer to countries that do not observe the Guidelines.
o Avoid developing laws and policies that create obstacles beyond needed for protection.


 Principles:
o Collection Limitation: Fairly and lawfully, if appropriate with knowledge or consent.
o Data Quality: Relevant, complete, accurate and up to date.
o Purpose Specification: Specify purpose at least by collection and use compatibly.
o Use Limitation: Disclose consistent with purpose unless consent or lawful authority.
o Security Safeguards: Reasonable safeguards against loss, destruction, use, disclosure.
o Openness: Open about uses and controller’s identity and location.
o Individual Participation: Sets out what DS can receive if requests PD.
o Accountability: Controller accountable for complying with principles.

7. CONVENTION 108 (FIRST LEGALLY BINDING AND OPEN TO ANY COUNTRY)

 Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data
 1981: Signed by member states of Council of Europe, and open to any country.
 Convention 108 Advisory Committee monitors implementation and decides new accessions.
 If sign up then must enact in own legislation – a response to the Resolutions having no effect.
 GDPR, Recital 105: Consider if country has acceded to Convention 108 when deciding adequacy.

 Use data in computerised form then have responsibility to safeguard – decisions made using PD.
 Goal for unity and extend safeguards for privacy given international transfers.
 Only allowed exemptions if necessary in a democratic society and proportionate

 27 Articles, including –

o Chapter 2: Basic Principles (based on Resolutions and Guidelines) – still used in GDPR.
 Obtained and processed fairly and lawfully.
 Stored for specified and legitimate purposes and used compatibly.
 Adequate, relevant and not excessive for purposes.
 Accurate and kept up to date.
 Kept for no longer than required for purposes.
 Appropriate security measures – accidental loss and unauthorised access.
 Special Categories: Racial, political, religious, health, sexual life, criminal – need safeguards.
 DS Rights of communication, rectification and erasure.

o Chapter 3: International Transfers
 Principle that should avoid developing laws in the name of privacy that stop data
transfers.
 A.12: Signatories cannot impose prohibitions or special authorisations on each other –
already offer minimum protections.

Alle Vorteile der Zusammenfassungen von Stuvia auf einen Blick:

Garantiert gute Qualität durch Reviews

Garantiert gute Qualität durch Reviews

Stuvia Verkäufer haben mehr als 700.000 Zusammenfassungen beurteilt. Deshalb weißt du dass du das beste Dokument kaufst.

Schnell und einfach kaufen

Schnell und einfach kaufen

Man bezahlt schnell und einfach mit iDeal, Kreditkarte oder Stuvia-Kredit für die Zusammenfassungen. Man braucht keine Mitgliedschaft.

Konzentration auf den Kern der Sache

Konzentration auf den Kern der Sache

Deine Mitstudenten schreiben die Zusammenfassungen. Deshalb enthalten die Zusammenfassungen immer aktuelle, zuverlässige und up-to-date Informationen. Damit kommst du schnell zum Kern der Sache.

Häufig gestellte Fragen

Was bekomme ich, wenn ich dieses Dokument kaufe?

Du erhältst eine PDF-Datei, die sofort nach dem Kauf verfügbar ist. Das gekaufte Dokument ist jederzeit, überall und unbegrenzt über dein Profil zugänglich.

Zufriedenheitsgarantie: Wie funktioniert das?

Unsere Zufriedenheitsgarantie sorgt dafür, dass du immer eine Lernunterlage findest, die zu dir passt. Du füllst ein Formular aus und unser Kundendienstteam kümmert sich um den Rest.

Wem kaufe ich diese Zusammenfassung ab?

Stuvia ist ein Marktplatz, du kaufst dieses Dokument also nicht von uns, sondern vom Verkäufer lpc-bpp. Stuvia erleichtert die Zahlung an den Verkäufer.

Werde ich an ein Abonnement gebunden sein?

Nein, du kaufst diese Zusammenfassung nur für 15,46 €. Du bist nach deinem Kauf an nichts gebunden.

Kann man Stuvia trauen?

4.6 Sterne auf Google & Trustpilot (+1000 reviews)

45.681 Zusammenfassungen wurden in den letzten 30 Tagen verkauft

Gegründet 2010, seit 14 Jahren die erste Adresse für Zusammenfassungen

Starte mit dem Verkauf
15,46 €  39x  verkauft
  • (2)
  Kaufen