Datafication 1 Flashcards

1
Q

Primary law - definition

A

= constitution prescribing limits & procedures (for secondary law)
= operating system on which secondary law runs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Primary law - examples

A
  • Treaty on the EU (TEU)
  • Treaty on the Functioning of the EU (TFEU)
  • The Charter of Fundamental Rights of EU
  • General principles of Union law, e.g. those reflected through case law
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Secondary law - definition

A

= written laws
implementation & direct effect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Secondary law - examples

A
  1. International agreements
  2. Legislation:
    - Regulations (GDPR)
    - Directives
    - Decisions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Art. 288 TFEU: secondary law instruments

A

Regulation, Directive, Decision, Recommendation & Opinions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Regulation

A
  • general application
  • binding
  • directly applicable (in all Member States)

Art. 288 TFEU: secondary law instruments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Directive

A
  • binding in result (for each Member State)
  • form & method chosen by national authorities

Art. 288 TFEU: secondary law instruments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Decision

A
  • binding
  • if specifies to whom it is addressed, only binding on them

Art. 288 TFEU: secondary law instruments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Recommendation & Opinions

A
  • not binding

Art. 288 TFEU: secondary law instruments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Privacy

A

Claim of individuals, groups, or institutions to determine when, how and to what extent information about them is communicated to others

fundamental right, but not absolute: matter of balancing legitimate interests incl.
- a) public e.g. national security,
- b) other laws &
- c) fundamental rights (necessary in democracy) e.g. freedom of expression &right to information (uncover an affair)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Charter of Fundamental Rights of EU

A

summary of all fundamental rights decided in EU

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Rights included in Charter of Fundamental Rights of EU related to GDPR

A

Article 7: Right to respect for a private & family life, home & communications

Article 8: Right of…
- protection of personal data,
- fair processing for specified purposes & on basis of consent or other legitimate basis,
- access to data,
- rectification (control by independent authority)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Value of Personal Data

A
  • Personal data = value only if used
  • Advertisement = paying for service of consumer (with money), consumer as product fort hem
  • Consumer = paying with attention & agency (personal data = abstract, no friction, re-usable)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

GDPR: relation to Member states & general characteristics

A
  • since 2016 (in force 2018, replaced Data Protection Directive)
  • Regulation: general application, binding & directly applicable (in all Member States)
  • in Member States: sector regulation in defined areas (e.g. employment law)
  • Principle of Priority: GDPR over conflicting national legislation (incl. sector regu.)
  • Delegated Acts: EU Commission & EU Data Protection Board adopt delegated & implementing acts in certain areas
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Pro GDPR

A
  • strengthen individuals fundamental rights
  • clarifying rules for companies
  • reduce administrative burdens
  • eliminate fragmentation in national systems
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Con GDPR

A
  • compliance complicated & costly
  • cookies e.g. people don’t read
17
Q

Principals of GDPR

A

6 Principals:
- Legitimacy
- Transparency
- Security
- Accountability
- Empowerment
- Proportionality

18
Q

Principal of GDPR: Legitimacy

A

data controller must pursue a legitimate purpose (considering interest of data subjects, 3rd parties & public) in a fair & careful manner

19
Q

Principal of GDPR: Transparency

A

data subject must have information about data controller & processing; be able to understand its rights & implementation of processing (information not always = transparency), necessary for accountability & empowerment

20
Q

Principal of GDPR: Security

A

data controller must implement appropriate technical & organizational measures (e.g. data minimization, storage limitation, anonymization, pseudonymization) to ensure level of security appropriate to the risk (to safeguard against unauthorized or unlawful processing & accidental loss, destruction, or damage)

21
Q

Principal of GDPR: Accountability

A

Data controller must be able to demonstrate compliance with GDPR (e.g. record of processing activities, carrying out data protection impact assessment, ensuring data protection by design & default)

22
Q

Principal of GDPR: Empowerment

A

data subject is in control (not absolute) of what data concerning it can lawfully be processed (incl. means of consent, rights of access, rectification, erasure & objection, e.g. consent)

23
Q

Principal of GDPR: Proportionality

A

protection of personal data including data controllers’ obligations & need of consent is relative to legitimate purpose pursued & impact on data subjects right to privacy (including nature, scope, context & purpose of processing), Art. 5: principals of data minimization & storage limitation