100% tevredenheidsgarantie Direct beschikbaar na betaling Zowel online als in PDF Je zit nergens aan vast
logo-home
Summary Data Science Regulation & Law part 2 €6,49   In winkelwagen

Samenvatting

Summary Data Science Regulation & Law part 2

 21 keer bekeken  2 keer verkocht

Summary Data Science Regulation & Law part 2: all information given in the lectures + notes

Voorbeeld 4 van de 38  pagina's

  • 20 februari 2023
  • 38
  • 2022/2023
  • Samenvatting
Alle documenten voor dit vak (1)
avatar-seller
adata
Lecture 1. The introduction to privacy and data
protection (law)
Privacy and data protection are not
the same!
Privacy has a longer history in
legislation.
We got from privacy to data
protection through the technology.
There was a need to introduce a
specific rule of processing the data.
Informational self-determination.
Rules and procedures for the
processing of personal data.

EU – charter of fundamental rights of the European Union
 Article 7 – respect for private and family life: everyone has the right to respect for his
or her private and family life, home and communications.
 Article 8 – Protection of personal data: everyone has the right to the protection of
personal data concerning him or her.

The fundamental right to respect for private life is separate from the fundamental right to
the protection of personal data. Although in practice disentangling the substance of these
two concepts is often difficult.

The EU data protection legal framework is composed of several legal instruments, including
the GDPR. Regulation from 2016/679. General Data Protection Regulation
Data protection directive (protection of the individuals) and free movement (objective of
the industry).

Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on
the protection of natural persons with regard to the processing of personal data by
competent authorities for the purposes of the prevention, investigation, detection, or
prosecution of criminal offences or the execution of criminal penalties, and on the free
movement of such data, and repealing Council Framework Decision 2008/977/JHA, (2016)
OJ L 119/89 - “Police Directive”.

Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October
2018 on the protection of natural persons with regard to the processing of personal data by
the Union institutions, bodies, offices and agencies and on the free movement of such data,
and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC.

Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002
concerning the processing of personal data and the protection of privacy in the electronic
communications, OJ L 201 (Directive on privacy and electronic communications or e-Privacy
Directive). – e-privacy directive.


0

,GDPR consists of 173 recitals and 99 articles (are binding you can get a fine)

For guidelines and opinions you should have a look at:
 Article 29 Data Protection Working Party (WP29) (prior to the GDPR)
 European Data Protection Supervisor (EDPS)
 European Data Protection Board (EDPB) (replaced WP29)

 National data protection supervisory authorities:
- NL: Autoriteit Persoonsgegevens (AP)
- BE: Autorité de protection des données (APD)/
Gegevensbeschermingsautoriteit (GBA)
- FR: Commission nationale de l'informatique et des libertés (CNIL)
- UK: Information Commissioner's Office (ICO)

Case law:
- Court Justice Of the European Union (CJEU)
- European Court of Human Rights (ECHR)
- National Courts

When data protection law is applicable
Article 2 GDPR
Material scope
1. This Regulation [GDPR] applies to the processing of personal data wholly or partly by
automated means and to the processing other than by automated means of personal data
which form part of a filing system or are intended to form part of a filing system.
 Processing
 Of personal data
 By automated means
 Other than by automated means (manual processing), but only if the data forms or
intends to form a filing system (see Art. 4 point (6) GDPR)

Article 4
Definitions
(1) ‘personal data’ means any information relating to an identified or identifiable natural
person (‘data subject’); an identifiable natural person is one who can be identified, directly
or indirectly, in particular by reference to an identifier such as a name, an identification
number, location data, an online identifier or to one or more factors specific to the physical,
physiological, genetic, mental, economic, cultural or social identity of that natural person;




1

,Examples of personal data Examples of non-personal data
 a name and surname • a company registration number
 National identifier (e.g. BSN) • an email address such as
 passport number info@company.com
 a home address
 an email address such
as name.surname@company.
 an Internet Protocol (IP) address
 image recorded by a camera
 location data
 a cookie ID

Personal data Non-personal data
Pseudonymized data (number instead name) Anonymized data (no GDPR)
Personal data can no longer be attributed to Information which does not relate to an
a specific data subject without the use of identified or identifiable natural person or
additional information to personal data rendered anonymous in
such a manner that the data subject is not
or no longer identifiable.

There are special categories of personal data, which are, by their nature, particularly
sensitive in relation to fundamental rights and freedoms. These categories of data merit
specific protection as the context of their processing could create significant risks to the
fundamental rights and freedoms (“sensitive data”)

Article 9
Processing of special categories of personal data
1.Processing of personal data revealing racial or ethnic origin, political opinions, religious or
philosophical beliefs, or trade union membership, and the processing of genetic data,
biometric data for the purpose of uniquely identifying a natural person, data concerning
health or data concerning a natural person's sex life or sexual orientation shall be
prohibited.

2

, Article 4
Definitions
(2) ‘processing’ means any operation or set of operations which is performed on personal
data or on sets of personal data, whether or not by automated means, such as collection,
recording, organisation, structuring, storage, adaptation or alteration, retrieval,
consultation, use, disclosure by transmission, dissemination or otherwise making available,
alignment or combination, restriction, erasure or destruction;

When GDPR does not apply?
c) by a natural person in the course of a purely personal or household activity (not done by
the company, personal household activity simple example will be making a list of guests for
your birthday party with computer, prepare the addresses and sent the invitation via email)

Article 3 GDPR
Territorial scope (to whom, when and how)
1. This Regulation [GDPR] applies to the processing of personal data in the context of the
activities of an establishment of a controller or a processor in the Union, regardless of
whether the processing takes place in the Union or not.
There is no definition of the “establishment” in the GDPR, but according to Recital 22:
“Establishment implies the effective and real exercise of activity through stable
arrangements. The legal form of such arrangements, whether through a branch or a
subsidiary with a legal personality, is not the determining factor in that respect.”

2. This Regulation [GDPR] applies to the processing of personal data of data subjects who
are in the Union by a controller or processor not established in the Union, where the
processing activities are related to:
(a) the offering of goods or services, irrespective of whether a payment of the data subject is
required, to such data subjects in the Union; or
(b) the monitoring of their behaviour as far as their behaviour takes place
within the Union.

In the EU, the right to the protection of personal data is a fundamental right. Therefore,
the scope of protection under the GDPR is very broad.
 The protection is not limited to EU citizens
 The obligations are not limited to the EU companies

Data Protection Actors
1. We should speak about the data subject which is personal data or a person that we
are referring to, so not the company!
2. Data controller means the natural or legal person, public authority, agency or other
body which, alone or jointly with others, determines the purposes and means of the
processing of personal data; where the purposes and means of such processing are
determined by Union or Member State law, the controller or the specific criteria for
its nomination may be provided for by Union or Member State law;
Note: there is no limitation as to the type of entity that may assume the role of a controller
but in practice it is usually the organisation as such, and not an individual within the


3

Voordelen van het kopen van samenvattingen bij Stuvia op een rij:

Verzekerd van kwaliteit door reviews

Verzekerd van kwaliteit door reviews

Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!

Snel en makkelijk kopen

Snel en makkelijk kopen

Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.

Focus op de essentie

Focus op de essentie

Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!

Veelgestelde vragen

Wat krijg ik als ik dit document koop?

Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.

Tevredenheidsgarantie: hoe werkt dat?

Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.

Van wie koop ik deze samenvatting?

Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper adata. Stuvia faciliteert de betaling aan de verkoper.

Zit ik meteen vast aan een abonnement?

Nee, je koopt alleen deze samenvatting voor €6,49. Je zit daarna nergens aan vast.

Is Stuvia te vertrouwen?

4,6 sterren op Google & Trustpilot (+1000 reviews)

Afgelopen 30 dagen zijn er 67096 samenvattingen verkocht

Opgericht in 2010, al 14 jaar dé plek om samenvattingen te kopen

Start met verkopen
€6,49  2x  verkocht
  • (0)
  Kopen