Details

Autor(en) / Beteiligte

• Ashworth, Sean Michael

Titel

Pitfall! Navigating the Tunnels With a Privacy-By-Design Framework

Ist Teil von

• The Entertainment and Sports Lawyer, 2021-01, Vol.37 (1), p.88-99

Ort / Verlag

Chicago: American Bar Association

Erscheinungsjahr

2021

Quelle

Nexis Uni

Beschreibungen/Notizen

• [...]the game is impossible to win if Harry refuses to descend the game's ladders into a maze of subterranean tunnels. "Accountability" in the Guidelines suggests that data controllers, i.e. organizations collecting and processing personal information, should comply with measures that ensure the following "principles:" * Collection Limitation - limits the amount of information collected and obtains appropriate consent; * Data Quality - confirms that information stored is relevant, complete, and accurate; * Purpose Specification - informs the data subject of the intended use for which the organization is collecting the information; * Use Limitation - limits disclosure of personal information its specified purpose; and * Security Safeguards - provides reasonable security safeguards to data subjects when collecting, using, and storing personal information.2 Of course, the technology landscape has shifted dramatically since 1980, and these principles have become considerably more nuanced. [...]the European Union requires data controllers to embed a culture of privacy within the company's DNA via privacy-by-design principles that mirror the Guideline's recommendations, as detailed below. The GDPR creates a series of novel requirements, discussed in theory for years, including special rules for high-risk processing,7 control over personal information by data subjects,8 the creation of a data protection officer,9 and rules surrounding automated decision making.10 Further, to bolster the accountability suggestions in the Guidelines, the European Commission enhanced the methodology by which companies adhere to purpose limitation, data minimization, and data integrity by incorporating privacy-by-design concepts into the Regulation.