The Risk-Based Approach to Data Protection
Published on 6. October 2020
Book
Hardback
302 pages
978-0-19-883771-8 (ISBN)
Description
The concept of a risk-based approach to data protection came to the fore during the overhaul process of the EU's General Data Protection Regulation (GDPR). At its core, it consists of endowing the regulated organizations that process personal data with increased responsibility for complying with data protection mandates. Such increased compliance duties are performed through risk management tools. This book provides a comprehensive analysis of this legal and policy development, which considers a legal, historical, and theoretical perspective.
By framing the risk-based approach as a sui generis implementation of a specific regulation model 'known as meta regulation, this book provides a recollection of the policy developments that led to the adoption of the risk-based approach in light of regulation theory and debates. It also discusses a number of salient issues pertaining to the risk-based approach, such as its rationale, scope, and meaning; the role for regulators; and its potential and limits. The book also looks at they way it has been undertaken in major statutes with a focus on key provisions, such as data protection impact assessments or accountability.
Finally, the book devotes considerable attention to the notion of risk. It explains key terms such as risk assessment and management. It discusses in-depth the role of harms in data protection, the meaning of a data protection risk, and the difference between risks and harms. It also critically analyses prevalent data protection risk management methodologies and explains the most important caveats for managing data protection risks.
By framing the risk-based approach as a sui generis implementation of a specific regulation model 'known as meta regulation, this book provides a recollection of the policy developments that led to the adoption of the risk-based approach in light of regulation theory and debates. It also discusses a number of salient issues pertaining to the risk-based approach, such as its rationale, scope, and meaning; the role for regulators; and its potential and limits. The book also looks at they way it has been undertaken in major statutes with a focus on key provisions, such as data protection impact assessments or accountability.
Finally, the book devotes considerable attention to the notion of risk. It explains key terms such as risk assessment and management. It discusses in-depth the role of harms in data protection, the meaning of a data protection risk, and the difference between risks and harms. It also critically analyses prevalent data protection risk management methodologies and explains the most important caveats for managing data protection risks.
More details
Series
Language
English
Place of publication
Oxford
United Kingdom
Target group
Professional and scholarly
Dimensions
Height: 240 mm
Width: 161 mm
Thickness: 21 mm
Weight
619 gr
ISBN-13
978-0-19-883771-8 (9780198837718)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Raphaël Gellert
The Risk-Based Approach to Data Protection
E-Book
10/2020
1st Edition
OUP eBook
€68.99
Available for download
Raphaël Gellert
The Risk-Based Approach to Data Protection
E-Book
10/2020
1st Edition
OUP eBook
€68.99
Available for download
Person
Raphael Gellert is an assistant professor in ICT and private law at Radboud University, where he is a member of the Radboud Business Law Institute, and of the interdisciplinary Hub for Security, Privacy and Data Governance. He is also an affiliated researcher at the Research Group on Law, Science, Technology & Society (LSTS) of the Vrije Universiteit Brussel (VUB).
Content
Introduction: The Risk-Based Approach as the Opposite of the Rights-Based Approach, or as an Opportunity to Analyse the Links Between Law, Regulation, and Risk?
1: Fundamental Notions: Risk and Regulation
2: Data Protection as Command and Control Regulation
3: Issues with Data Protection as Command and Control Regulation
4: Changes of Regulatory Models: From Command and Control to Meta Regulation
5: Meta Regulation in Data Protection Law: The Risk-Based Approach
6: Risk and the Risk-Based Approach: Between Data Protection Risks and Compliance Risks
7: The Risk-Based Approach in Practice: Caveats
Conclusion: Back to the Rights/Risk-Based Approaches, and the Future of Data Protection
1: Fundamental Notions: Risk and Regulation
2: Data Protection as Command and Control Regulation
3: Issues with Data Protection as Command and Control Regulation
4: Changes of Regulatory Models: From Command and Control to Meta Regulation
5: Meta Regulation in Data Protection Law: The Risk-Based Approach
6: Risk and the Risk-Based Approach: Between Data Protection Risks and Compliance Risks
7: The Risk-Based Approach in Practice: Caveats
Conclusion: Back to the Rights/Risk-Based Approaches, and the Future of Data Protection