College aantekeningen
College aantekeningen Privacy - Week 3
- Vak
- Privacy
- Instelling
- Maastricht University (UM)
Aantekeningen van hoorcollege 3 van Privacy
[Meer zien]Voorbeeld 2 van de 6 pagina's
Voorbeeld 2 van de 6 pagina's
In winkelwagengesponsord bericht van onze partner
Voorbeeld van de inhoud
Key concepts and principles in data protection lawConcepts: Personal Data
Nature of Personal Data
Any kind of information can be personal data if it relates to an identified or
identifiable person
A person is considered identifiable if there are enough elements available through
which the person can be directly or indirectly identified
An individual, while not identified, can be singled out by this information in a way
which makes it possible to find out who the data subject is by conducting further
research
Art. 4 lid 1 GDPR
‘’can be identified, directly or indirectly, in particular by reference to an identifier such as a
name, an identification number, location data, an online identifier or to one or more factors
specific to the physical, physiological, genetic, mental, economic, cultural or social identity of
that person’’
Keep in mind:
- Amann case ECtHR – the term ‘personal data’ as not being limited to matters of
the private sphere of an individual
- In the joined cases YS v. Minister voor Immigratie, Integratie en Asiel and Minister
voor Immigratie, Integraties en Asiel v. M and S, the CJEU held that the legal
analysis contained in a draft decision of the Immigration and Naturalisation
Service dealing with residence permit applications does not in itself constitute
personal data, even though it may include some personal data
Beneficiaries: Difference between legal and natural person
Under EU law:
- Natural persons are the only beneficiaries of data protection rules
- Only living beings are protected under European data protection law
- EU data protection law does not cover data processing which concern legal
persons, and does not concern undertakings established as legal persons,
including the name and form of the legal person and their contact details
ECtHR case: Bernh Larsen Holding AS and Others v. Norway
- Legal person, art. 8 ECHR
Concepts: Personal Data Anonymisation
The process of anonymising data means that all identifying elements are eliminated
from a set of personal data so that the data subject is no longer identifiable
For data to be anonymised, no element may be left in the information which could,
by exercising reasonable effort, serve to re-identify the person(s) concerned
, When data have been successfully anonymised, they are no longer personal data and
data protection legislation no longer applies
Whenever the data subject, for the purpose of exercising the rights of access,
rectification, erasure, restriction of the processing and data portability, provides
additional information to the controller enabling his or her identification, then those
data which were previously anonymised become personal data again (art. 11 GDPR)
Concepts: Personal Data Pseudonymisation
The process of pseudonymising personal data means that attributes are replaced by
a pseudonym
- Attributes: date of birth, sex, address, or other elements that could lead to
identification
Art. 4 lid 5 GDPR
‘’the processing of personal data in such a manner that the personal data can no
longer be attributed to a specifc data subject without the use of additional
information, provided that such additional information is kept separately and is
subject to technical and organisational measures to ensure that the personal data are
not attributed to an identified or identifiable natural person’’.
Concepts: Personal Data Sensitive Data
Art. 9 GDPR: Sensitive data are personal data revealing:
- Racial or ethnic origin;
- Political opinions, religious or other beliefs, including philosophical beliefs;
- Trade union memberships;
- Genetic data and biometric data processed for the purpose of identifying a
person;
- Health, sexual life or sexual orientation
Concepts: Data processing
‘Data processing’ concerns any operation performed on personal data
What does it cover?
Automated and non-automated processing (art. 2 lid 1 & art. 4 lid 2 GDPR)
Manual processing in structured filing systems
Concepts: Users of personal data
1. Controller
- Whoever determines the means and purposes of processing the personal data of
others
2. Joint controllers:
- If several persons take this decision together, they may be ‘joint controllers’
3. Processor:
- A natural or legal person that processes personal data on behalf of a controller.
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper JustASmallTownGirl. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €2,99. Je zit daarna nergens aan vast.
Is Stuvia te vertrouwen?
4,6 sterren op Google & Trustpilot (+1000 reviews)
Afgelopen 30 dagen zijn er 84866 samenvattingen verkocht
Opgericht in 2010, al 14 jaar dé plek om samenvattingen te kopen