Synopsis: Ict: Data privacy:

gathering any of their personal data. 5 One of the best-known examples of leveraging the online population†s digital breadcrumbs for

personal data economy, and hosts consultations to deepen understanding of what type of trust frameworks are needed between individuals

of personal data that needs to be protected OECD, for example, defines personal data as â€oeany information relating to an identified or

identifiable individual (data subject) †(OECD 2013). ) The result of such an approach has been the policy of â€oeinform and consent†practised by

personal data that advocated a principle-based approach, with the principles arising from a new approach that shifts governance from the data

privacy and data protection in a big data world the danger is that these questions may take too

collecting personal data to accountable and responsible uses of personal data This mechanism would foresee a well

-resourced privacy regulator with the expertise and power to enforce such a use-based privacy protection mechanism

to reuse personal data for novel purposes where a privacy assessment indicates minimal privacy risks •Restricting the use of probabilistic

5 In Europe, the collection and processing of personal data or information is regulated currently by Directive 95/46/EC

on the protection of individuals with regard to the processing of personal data and on the free movement of such data

Data protection Directive) 1 and Directive 2002/58/EC, as amended by Directive 2009/136/EC, on privacy and electronic

which focuses more specifically on the processing of personal data in the electronic communications sector. Article 7 of the Data protection directive establishes the principle of opt-in, according

to which personal data cannot legitimately be processed without the consent of the data subject, except if necessary to

preserve public order or morality, as well as to further the general interest of society or individuals. Building on this principle

Article 5 of the eprivacy Directive further provides that the processing of personal data can be effected only with the consent

http://www. weforum. org/issues/rethinking-personal data 34 It should be noted that there is no single ITU definition of privacy,

37 See, for example, http://www. unglobalpulse. org/privacy-and-data protection for an understanding of the privacy

WEF (2013), Unlocking the Value of Personal data: From Collection to Usage. Geneva, Switzerland. Retrieved from

personal data In this context, the responsibility of the national cyber infrastructure protection, whose compromise would undermine national security

personal data stored or transmitted inside the electronic commerce systems All the risks and threats mentioned above represent critical situations

Registration with a library 1. Communication of personal data 2. Filling in a library sheet, based on

the personal data indicated before 3. Registration in the database of a library Low ï 11309

giving away their personal data in exchange for â€oefree†services. Yet this bargain not only undermines privacy

and weakens data protection but also commodifies knowledge, identity and personal data There are other models that focus on in

-novation. As we discover in this research while the value of big data is often only associated with efficiency and profitability

sell personal data Creation and consolidation of new monopolies: Platform Lock ins and a battle amongst proprietary vertically

privacy and data protection of all citizens is preserved and that communities are entitled to share the value

The EU data protection reform package Directive on the reuse of public sector information Copyright reform Net Neutrality

The EU data protection reform package Directive on the reuse of public sector information Copyright reform Net Neutrality

/data protection as complementary issues and not as opposites. In fact, the right to data protection and privacy, as given

in both legal frameworks (such as data protection) and technologies (such as en -cryption) should apply to individual citi

A broader investigation on the implications of the current personal data market and the role of data brokers64 will be crucial for understanding the future of bottom-up digital

Personal data stores There are also new available solutions, such as Mydex, Qiy, Citizenme65 and many others that are part of an emerging

sector of Open Personal data Stores66, Privacy Dashboards, and Trust frameworks to manage identity, that have emerged

The EU data protection reform package 77growing a Digital Social Innovation Ecosystem for Europe The Data protection reform is currently being discussed by Member States The aim is to to build a single and comprehensive

data protection framework to develop tools and initiatives to enhance citizen awareness, and to ensure that businesses

receive guidance on data anonymisation and pseudonymisation. This should prevent any unauthorised collection processing and tracking of personal information

Companies should be compelled to be transparent about how they collect users†personal data, and the real value they

personal data is used, the right to avoid having information collected in one context and then used for an unrelated purpose

personal data. Firms might begin to reduce the length of period over which information is retained and adopt certification

Trans-border Flows of Personal data 6 Government on-line On-line provision of government information and services can increase the efficiency and

4. 1. 2 Personal data protection...53 4. 1. 2. 1 Personal data protection in the online environment...

53 2 4. 1. 2. 2 Spam and the eprivacy Directive...55 4. 1. 2. 3 Cookies and the eprivacy Directive...

4. 1. 2. 5 Data protection Directive...59 4. 1. 3 Online gambling...60 4. 1. 4 Online pharmacies and other health issues...

other EU legislation, covering various aspects such as data protection and consumer affairs 2. 2. 1 The E-commerce Directive

including taxation, questions related to the Data protection Directive and gambling activities28 2. 2. 1. 1 The Internal Market clause and establishment requirements (Articles 3-4

personal data and the protection of privacy in the electronic communications sector, most commonly known as the eprivacy Directive51,

processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), OJ L 201/37, 31.07.2002;

Protection Directive67 with regard to the processing of personal data in the electronic communication sector. The latter adds to the rules on"spam"in the ECD and regulates

processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), OJ L 201/37, 31.07.2002;

concerning the processing of personal data and the protection of privacy in the telecommunications sector 67 OJ L 281,23. 11.1995, p. 31

pharmaceutical offers, fake banking services (phishing), data protection infringements, illicit tobacco or alcohol advertisements, unfair commercial practices or breaches of the EU

the rights to private life, protection of personal data, freedom of expression and information and to an

-notice could be in breach of data protection rules since it would require identifying the content provider

to protection of their personal data and their freedom to receive or impart information, which are safeguarded rights by Articles 8 and 11 of the Charter

protection of personal data and the freedom to receive or impart information, on the other "paragraph 53

personal data protection. There are, however, legitimate concerns about the protection of minors and public decency as regards, in particular, child sex abuse images that circulate on

Trustmarks, personal data requirements, specific policies for online gambling and pharmacies and liability provisions for businesses all contribute to enhancing trust online

service, data protection and dispute settlement. Well-known trustmarks within the EU include Thuiswinkel146 (The netherlands), Trusted Shops147 (UK) and Confianza Online148 (ES

4. 1. 2 Personal data protection 4. 1. 2. 1 Personal data protection in the online environment

It is acknowledged widely that trust is the currency of the digital economy. In today's digital

personal data have become essential factors in the online economy. 150 Professional players are aggregating massive amounts of data for professional use, in particular for behavioural

and the right to the protection of personal data. Data protection rules organise and control the way personal data are processed.

These rules take account of the importance of the freedom of expression and provide for specific regime applicable to the

processing of personal data carried out solely for freedom of expression purposes. 153 The ECD does not apply to questions relating to information society services covered by the

EU legislation on the protection of personal data (Article 1 (5)( b) ECD. The Data protection Directive154 constitutes the fundamental legal framework for the processing of personal data

in the EU. It was adopted to harmonise the legislation of the Member States with the twofold

objective of protecting fundamental rights, namely the right to personal data protection, and ensuring the free flow of personal data between Member States within the context of the

Internal Market. According to the Data protection Directive, personal data must be processed fairly and lawfully, collected for specified, explicit and legitimate purposes (data

minimisation principle) and not further processed in a way incompatible with those purposes principle of finality. Personal data must be adequate, relevant and not excessive in relation

to the purposes for which they are collected (purpose limitation principle. The Directive furthermore provides for the right of individuals to be given information on the purposes of

the processing, how and by whom their data are processed and the rights to access, rectify and

delete personal data. Monitoring of compliance with data protection laws implementing the Directive is entrusted to national public independent authorities endowed with investigative

and enforcement powers. The data protection authorities also hear claims lodged by individuals regarding the processing of their personal data

A major factor enabling individuals to know about the processing of their personal data and exercise the rights granted by the Data protection Directive is the provision of information

principle of transparency. 155 Service providers that qualify as data controllers have to provide users with clear, easily understandable and affordable privacy notices in line with the

requirements of the Data protection Directive. This rule is, however, not always observed Since its adoption in 1995, other EU legislation has come into force

which complements the Data protection Directive. The most significant instrument for e-commerce and other online services is Directive 2002/58/EC concerning the processing of personal data and the

protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), 156 as amended by Directive 2009/136/EC (Citizen's Rights

152 Charter of Fundamental Rights of the EU, OJ C 364/1, 18.12.200; available at http://www. europarl. europa. eu/charter/pdf/text en. pdf

153 See: ECJ, Case C-101/01, Bodil Lindqvist, 6. 11.2003, and Case C-73/07, Tietosuojavaltuutettu v

Satakunnan Markkinapã rssi Oy, Satamedia Oy, 16.12.2008; both available at http://curia. europa. eu/juris/recherche. jsf?

individuals with regard to the processing of personal data and on the free movement of such data, OJ L

281/31, 23.11.1995 (hereafter †Data protection Directiveâ€; available at: http://eur -lex. europa. eu/Lexuriserv/Lexuriserv. do?

Data protection Directive, Art. 10 and 11 156 Directive on privacy and electronic communications, OJ L 201/37, 31.07.2002

cookies, and recall the upcoming revision of the data protection framework 4. 1. 2. 2 Spam and the eprivacy Directive

and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation

163 In accordance with Article 10 of Data protection Directive (95/46/EC) information should cover at least the

164 Article 10 of the Data protection Directive lays down the minimum information that has to be provided to a

165 Further processing of personal data for historical, statistical or scientific purposes is not generally to be

suitable safeguards are in place (see recital 29 and Article 6 (1)( b) of the Data protection Directive

data protection legal requirements and to provide transparency to users, and it will present new initiatives in the area of behavioural advertising in the first quarter of 2012.

The Council of europe has adopted a recommendation on profiling and data protection setting out minimum privacy standards to be implemented through national legislation and self

4. 1. 2. 5 Data protection Directive The Commission is preparing a major reform of the data protection rules laid down in the

Data protection Directive171 to make the data protection framework more coherent and provide more legal certainty (adoption foreseen in the first quarter of 2012.

The objectives are to set forth a comprehensive and consistent personal data protection legal framework which addresses new challenges such as technological developments in the digital economy

and more intense globalisation, while eliminating unnecessary costs for operators, reducing administrative burdens, and ensuring more coherence in the data protection acquis.

The reform also aims at clarifying and simplifying rules for international transfers of personal data and strengthening and clarifying the powers of data protection authorities to ensure

compliance with data protection rules advertisement, coupled with a website providing the user with information about how to switch off

behaviourally targeted display ads from the company that the user signed up to. The principles oblige the

participating companies to provide clear and unambiguous notice to users that it collects data for the

individuals with regard to automatic processing of personal data in the context of profiling, 23.11.2010 available at https://wcd. coe. int/wcd/Viewdoc. jsp?

Social Committee and the Committee of the Regions, A comprehensive approach on data protection in the

or to get access to personal data. This is particularly an issue in the digital environment Several provisions of the Directive have given rise to divergent interpretations and have not

a lack of payment security and data protection, and finally uncertainties relating to liability in case of unauthorised payments or unsatisfactory deliveries

with payment security and data privacy and the possibilities for improvements in this area The last part of the Green Paper touches on a crucial issue,

4. 1. 2 Personal data protection 4. 1. 2. 1 Personal data protection in the online environment

4. 1. 2. 2 Spam and the eprivacy Directive 4. 1. 2. 3 Cookies and the eprivacy Directive

4. 1. 2. 5 Data protection Directive 4. 1. 3 Online gambling 4. 1. 4 Online pharmacies and other health issues

co-designed with respect of data privacy, offering various green services such as the visualization of environmental data collected by citizen, the alert

B7. 1 Data protection 1 1 2 TOTAL 12 8 11 7 9 18 65 As shown in the Table 1,

companies and protection of personal data 5â Â 3. European Charter of rights of electronic communications services users

•Ensure protection of personal data •Increased performance of public services through electronic government •Supporting decentralization processes

•Law nr. 677 of 21 november 2001 on Protection of Personal data Processing and free movement of such date, with subsequent Amendments

. & Swiercz, P. 2007), Personal data Collection via the Internet: The Role of Privacy Sensitivity and

of personal data with global digital content doubling every eighteen months, to harvest the potential of Big data

rules on taxation and data protection ran the risk of stifling the growth these tech businesses can create,

â€oetake data protection, †he said, â€oethere is one EU data commissioner but the legislation in countries is still different

The issue of data privacy and protection has been deservedly getting a lot of attention recently. What needs to happen is a change

Lack of inherited user and data privacy: In case data protection/encryption meth -ods are employed (even using asymmetric encryption and public key methods

data cannot be stored efficiently/handled. On the other hand, lack of encryption violates the user and data privacy. More investigations into the larger privacy and

data protection ecosystem are required to overcome current limits of how current information systems deal with privacy and protection of information of users, and

develop ways to better respect the needs and expectations 30,31, 32 iii. Lack of data integrity, reliability and trust, targeting the security and protection of

have increasingly been able to monetize their user transaction data and personal data Google is feed able to advertisements based on past searching

-tempt to acquire sensitive personal data of end-users by masquerading as a trustwor -thy entity, as a reverse contention tussle among two website owners (the †consum

or personal data, should however, only be exposed to known and trusted entities and in a controlled way, al

computing, data protection and privacy issues as well as liability and compliance problems may hinder to tap the full potential of cloud computing 22,8, 26.

legislation including privacy legislation such as the EU Data protection Directive 95/46/EC As of today, cloud computing is facing signiï cant acceptance hurdles when it

In simple terms, data privacy aims at protecting personally iden -tiï able data (PID. In Europe, Article 8 of the European Convention on Hu

Furthermore, the European Data protection Directive (Direc -tive 95/46/EC) substantiates this right in order to establish a comprehensive

data protection system throughout Europe. This directive takes into account the OECD privacy principles 16 which mandate several principles such as, e g

of data privacy. Outsourcing data processing does not absolve the user from his responsibilities and liabilities concerning the data.

safeguarding the user†s responsibilities regarding data privacy in cross-border cloud scenarios is a matter of consequences for the use of these cloud services

on the protection of privacy and transborder ï ows of personal data. From http //www. oecd. org/document/18/0, 2340, en 2649 34255 1815186 1 1 1 1, 00. html

its own data protection laws. In addition, the risk, for personal data to travel across boundaries and business domains, is that the usage conditions agreed

J. Domingue et al. Eds.):) Future Internet Assembly, LNCS 6656, pp. 223†231,2011 câ The Author (s). This article is published with open access at Springerlink. com

server storing personal data decides to share the data with a third party †Obligations: Obligations in sticky policies specify the actions that should be

lifecyle of personal data, the same actor may play the role of both data collector and data provider.

data, balancing the value of his personal data with the services obtained. As a matter of fact, users have diï culties to monetize the value of their personal

provided by external parties that deal with personal data (e g.,, a human resource management application, a remote storage service.

personal data using a PPL framework (as described in Sect. 2). In order to guarantee enforcement of the privacy policies and corresponding obligations by

In particular, when personal data are consumed by multiple services possibly owned by diï €erent entities in diï €erent locations, the conditions of the

ensure compliance with the plethora of data protection regulations, and minimize the risk of violating the agreed privacy policy

on the market for data protection in social networks. In: Moore, T.,Pym, D.,Ioannidis, C. eds.

•Trust Management and Security, privacy and data protection mechanisms of dis -tributed data •An addressing scheme, where identity and location are embedded not in the same

data protection with transparent and democratic governance and control of offered services as guiding principles (10,11

of the personal data held by big firms and public agencies. This allows them to monitor their conditions and chart their own behaviour and

the risk related to the data protection and security, which is a very important factor that needs to be considered.

data privacy and security Software solutions to support applications management on devices Development Integration Security Performance

summary, they focus on risks and challenges for company data privacy and security by Bring Your Own Device (BYOD) and IT Consumerization emergent

•privacy sensitive techniques, protecting personal data involved in real-time interactions and data streams Table 4. 5 Social sensing domains and applications

websites and 63%ban their employees from saving personal data and files on company†s computers.

1. protection of sensitive personal data 2. the division responsible about application services lacks with regard to con

personal data Indeed, if Europe†s history can be of any value here, it seems reasonable to expect a new wave of â€oegovernment

to harmonize regulations around data privacy globally Policymakers should establish an environment that facilitates the business viability of the big data sector

personal data stores and be enrolled in a trust network data sharing agreement 5. All entities should employ secure identity credentials

protection of personal data and privacy The increasing importance of protecting personal data and privacy is being recognized by countries and

define personal data, how to treat anonymous data whether to allow the right to be forgotten, and the need

issues include national data protection rules and data transfers, data portability and interoperability standards and liability costs for cloud service providers.

face revolve around data privacy considerations. For example, very specific details of an individual†s lifestyle preferences and buying habits are captured now and

for data privacy Dataâ availability andâ governance ICT infrastructure Sponsorship Big data ecosystem Organizational capabilities and resources

regarding data privacy so that organizations know which personal data they can store and for how long, and which data are forbidden explicitly by privacy regulations

If the scope of permissible data is to expand skeptical citizens must first be persuaded that big data

the decision about the right level of data privacy in any given country, and this decision will result in a regulatory

possible harmonization of data privacy regulation across borders, given that the constituent countries may share attitudes on this issue

harmonize regulation around data privacy currently looks likely in the short to medium term. Because countries

operations to a foreign provider, yet some personal data are prohibited from being transferred out of the country

Privacy and Transborder Flows of Personal data, which were revised and updated in 2013, may represent a

data privacy and data protection regulation on the basis of guidelines and recommendations from a high-profile international organization is the most sensible option

the limitation of collection of personal data, the specification of the purpose of data collection, the

Transborder Flows of Personal data. Available at http://www. oecd. org/internet/ieconomy/oecdguidelinesonthe protectionofprivacyandtransborderflowsofpersonaldata. htm

the collection and use of personal data. Finding this balance is an issue of vital and urgent interest to

much personal data into the hands of either companies or governments. Fortunately, new approaches to regulation and technology that can help protect personal

customers†personal data: imagine phone applications that advise commuters about which bus will get them to

personal data may be used and shared is the goal of new privacy regulations in the European union, the

personal data and a legal contract that specifies both what can and cannot be done with the data and what

is the model of personal data management that is most frequently proposed within the World Economic Forum

Personal data Initiative In such a system, all personal data have attached labels specifying what the data can,

and cannot, be used for. These labels are matched exactly by terms in a legal contract between all the participants stating

of managing personal data, the MIT Human Dynamics Laboratory (http://hd. media. mit. edu), in partnership

org), have helped build openpds (open Personal data Store) †a consumer version of this type of system

personal data in real-world situations. For example, it will explore different techniques and methodologies to protect the users†privacy while at the same time

personal data into the hands of governments. But how can it happen that governments, especially authoritarian

-centric personal data stores, it enables easier and safer sharing of data between citizens and government.

personal data stores and be enrolled in a trust network data sharing agreement. 6 5. All entities should employ secure identity credentials

Personal data: The Emergence of a New Asset Class. Geneva: World Economic Forum Available at http://www3. weforum. org/docs/WEF ITTC

We have watched the sharing of personal data increase year after year since people first connected across the Internet.

Given enough personal data information can be correlated that can be both unsettling and unwanted. Today†s public, legislative, and legal

benefits of personal data. For example, corporate revenues per record/user are problematic because revenues contribute to economic growth only insofar

Similarly, the vast amount of personal data on Facebook have a relatively low per-person value because

its inferred personal data (which are at present mostly outside the user†s control) are more valuable than

Facebook†s volunteered personal data (which the user has assembled painstakingly, and over which she or he

value of personal data The following methods for valuing personal data have been identified, but each has important drawbacks.

Possible approaches include •determining the market capitalizations of firms with business models predicated on personal data

•ascertaining the revenues or net income per data record •establishing the market prices at which personal data

are offered or sold •establishing the economic cost of a data breach •determining prices for personal data in illegal markets

•reviewing economic experiments and surveys that attempt to establish the price companies would need

monetary value produced by personal data, over time in a decentralized data ecosystem†and consequently provides a foundation for both trustworthy data and

individuals to change their personal data preferences and permissions over time, prevent undesirable use of previously collected data, address unanticipated uses

personal data to be the product of an individual†s online â€oelabors, †and if we further consider that, in order

Personal data Management: The User†s Perspective. International Institute of Communications. Available at http://www. iicom. org/open-access

-resources/doc details/226-personal data-management-the-users -perspective Lanier, J. 2013. Who Owns the Future?

2013. â€oeexploring the Economics of Personal data: A Survey of Methodologies for Measuring Monetary value. †OECD Digital

concerned about how their personal data are used Figureâ 1), although the level of concern varies according

privacy issues and data protection in the online world If big data is to deliver on its promise, companies

safe about the protection of their personal data and privacy. Governments and regulators will need to frame

data protection policies that safeguard the privacy of both customers and citizens. At the same time, these policies must not stifle the innovation that big data can

DATA PROTECTION ARCHETYPES ACROSS THE WORLD The protection of personal data has long been viewed as a fundamental right, enabling individuals to be in

control of data about their own person and preventing unnecessary listings and discriminatory behavior Individuals can exercise this control by explicitly giving

or withholding consent before their personal data are Figure 1: Consumers†privacy protection concerns Sources: USC Dornslife/Los angeles times 2012;

74%of Europeans think that disclosing personal data is increasingly part of modern life 78%of US citizens think that companies collecting personal information online are invading consumers†privacy

72%of Internet users are worried about giving away too much personal data 88%of Europeans believe that their data would be protected better in large companies that are obliged to name

a data protection officer Companies that breach protection rules should be *51%fined 40%banned from using such data in the future

personal data and can gain that access more easily. On the other hand, as we have seen, economic, social, and

Data protection laws are evolving not only in an attempt to keep pace with technological developments and new ways of using,

personal data, but also to keep pace with attitudes toward privacy. To better understand the state of play

data protection regulatory frameworks of more than 20 countries worldwide, identifying the key principles and requirements (Figureâ 2

federal data protection law. Instead, different sectors†such as healthcare, telecommunications and finance†are regulated by specific laws applying

where the level of data protection regulation varies greatly. Although some Asian economies (such as Pakistan) still lack data protection laws entirely

or have introduced recently them (e g.,, China and India), others†such as Japan†have developed well laws. Examples of minimum-level principles are the

not only define what is regarded as personal data and how such data can and cannot be used, but

data protection directive from 1995 to better meet the requirements of today†s data-intensive world. 9 In the

increased its focus on data protection issues and has published several reports and recommendations on the topic in the past few years.

Opinions on the best approach to data protection and privacy regulation differ. Some experts argue that it is better to adopt a light-touch approach in a

Variation in data protection regulation across markets Sources: Council of europe 2013a, b; European commission 1995,2002, 2012; IAPP 2013a, b

Processing of Personal data (ETS No. 108), available at http://conventions. coe. int/Treaty/en/Treaties/Html/108. htm

find out if personal data is processed and the right to file a complaint if it is misused After amendments, regulation in Argentina

No specific data protection law exists in Brazil, but the country has constitutional protection and sector-specific data

Data protection Acts exist in some countries Azerbaijan, Georgia, Russia, Ukraine Enforcement is low (relevant mechanisms

data protection convention in 2013 *establishing a general data protection regime Most countries are unregulated or have

single points in sector laws (e g.,, Algeria Egypt The level of protection ranges from strong

Recent awareness of data protection issues has resulted in several new laws in economies such as India, Hong kong SAR

data protection. These areas include: consent before collection, a definition of personal data, anonymization the right to be forgotten, relevant jurisdiction, and liability

issues. Each of these key areas is discussed below Consent before data collection. A key principle

The definition of personal data. The suggested EU framework defines personal data as â€oeany data that can be attributed to an identifiable person either directly

or indirectly. †The APEC framework describes personal data as â€oeinformation about an identified or identifiable

the right of companies to use the personal data already in their possession and turn them into anonymized data

personal data from their files. Although on paper it sounds easy to remove personal data relating to an

individual upon request, this may not be so easy in the real world. The European union Agency for

In its recent proposal on the new EU data protection regulation, the European union extends the applicability

when shaping their personal data protection policies Although not prescribing any single solution, certain principles will help guide regulators in their deliberations

An even a wider take on data protection issues in the big data environment would be beneficial for all parties

personal data in mobile marketing†but so far efforts have occurred mainly at the country level, in markets

the use of personal data protection in big data would certainly be beneficial to establish a higher level of trust

among consumers and create a clear data protection standard for companies. The weakness of industry self-regulation is obviously enforcement, because self

If they develop an efficient data protection strategy, companies may also gain competitive advantage in the form of cost savings, organizational

customers†personal data or position itself as an innovative company with cool services based on its users†behavior and habits or preferences

Companies should strive to make data protection part of the company culture. They can avoid costs occurring at

by implementing data protection in their processes from the start Companies must also cooperate with regulatory

Privacy and data protection regulation is constantly evolving. This means that companies will need to establish a close relationship with national

are usually willing to share personal data if the value of the service is attractive enough and the customers feel

With regard to Automatic Processing of Personal data. Available at http://conventions. coe. int/Treaty/en/Treaties/Html/108. htm

Data protection. Available at http://www. coe. int/t/dghl/standardsetting/Dataprotection /default en. asp ††â€. 2013b.

Data protection: National Laws. Available at http://www. coe. int/t/dghl/standardsetting /dataprotection/National%20laws/National laws en. asp

Individuals With regard to the Processing of Personal data and on the Free Movement of such Data. Available at http://eur-lex. europa

Attitudes on Data protection and Electronic Identity in the European union. Brussels Directorate-General Communication. Available at http://ec. europa

Processing of Personal data and on the Free Movement of such Data general Data protection Regulation), COM (2012) 11 final

Available at http://ec. europa. eu/justice/data protection/document /review2012/com 2012 11 en. pdf FTC (Federal trade commission. 2010†14.

Protecting Consumer Privacy: Making Sure Companies Keep Their Privacy Promises to Consumers. Available at www. ftc. gov/opa/reporter/privacy

Data protection Authorities. Available at https //www. privacyassociation. org/resource center/data protection authorities Kroes, N. 2013a. â€oethe Big data Revolution. †Speech given by Neelie

personal data in the following section How to get the best of data-driven innovation The increasing ease of linking

Personal data are the type that has drawn the most attention, from a regulatory point of view, in relation

personal data Legislation should take into account the tension between data-driven innovation and the principle of data minimization.

the collection of personal data should be limited to what is relevant and necessary to accomplish a specific

the definition of personal data; and second, the model of consent by users. These considerations are both critical

-personal data, as well as the uses for which consent may have been given. 36 A practical definition of personal

applying existing approaches to personal data may result in overly broad definitions that can have unintended negative consequences for data-driven innovation

of privacy and data protection, but fail to consider economic and social benefits that regulation could

ensure the privacy and security of personal data. The appropriate agency should take a leading role in working

personal data and means for enforcement Box 2: Organizations already using big data initiatives A few organizations that have followed frameworks for using

in data governance and personal data management. Her work is focused on shaping relevant long-term technology policies globally by engaging with stakeholders and raising

and Personal data initiatives, and is a board member for Nissan, Motorola Mobility, Telefonica, and a variety of start

< Back - Next >

Overtext Web Module V3.0 Alpha
Copyright Semantic-Knowledge, 1994-2011