Data Protection Law
Approaching its Rationale, Logic and Limits
Published on 1. August 2002
458 pages
978-90-411-8066-7 (ISBN)
Description
Despite the proliferation of data protection laws (or privacy protection laws) in many countries, uncertainty still reigns as to who or what such laws actually protect. Most data protection laws seem to have been drawn up rather diffusely, with the justification that the huge variety of types of information and specific contexts give rise to a complexity that cannot be guessed at as information technology continues to develop.
Nevertheless, as this ground-breaking book demonstrates, it is essential to understand as best we can why data protection laws are passed, what their regulatory mechanisms are, and wherein lies their particular effectiveness. Data Protection Law approaches such an analysis along three major avenues of investigation:
- the interests and values that seem to be promoted by data protection laws;
- the extent to which the processing of information on private collective entities should be regulated by these laws; and
- the ability of these laws to control profiling practices.
The author evaluates in detail the costs and/or gains and the interference (positive or negative) in the commercial, public administrative, and social spheres that data protection laws have the potential to create, with numerous references to legislation and administrative decision making in a wide variety of jurisdictions.
Data Protection Law promises to become a cornerstone in the new edifice of legal scholarship in this field. With its penetrating clarification of new and complex legal issues, its focus on interests and values, and its interdisciplinary methodology, it will be of immense usefulness to lawyers, scholars, regulators, and policymakers in this burgeoning area of the law.
Nevertheless, as this ground-breaking book demonstrates, it is essential to understand as best we can why data protection laws are passed, what their regulatory mechanisms are, and wherein lies their particular effectiveness. Data Protection Law approaches such an analysis along three major avenues of investigation:
- the interests and values that seem to be promoted by data protection laws;
- the extent to which the processing of information on private collective entities should be regulated by these laws; and
- the ability of these laws to control profiling practices.
The author evaluates in detail the costs and/or gains and the interference (positive or negative) in the commercial, public administrative, and social spheres that data protection laws have the potential to create, with numerous references to legislation and administrative decision making in a wide variety of jurisdictions.
Data Protection Law promises to become a cornerstone in the new edifice of legal scholarship in this field. With its penetrating clarification of new and complex legal issues, its focus on interests and values, and its interdisciplinary methodology, it will be of immense usefulness to lawyers, scholars, regulators, and policymakers in this burgeoning area of the law.
More details
Other editions
Additional editions
Lee
Data Protection Law:Approaching Its Rationale, Logic and Limits
Approaching its Rationale, Logic and Limits
Book
08/2002
1st Edition
Kluwer Law International
€128.40
Shipment within 10-20 days
Content
- Cover
- Half Title Page
- Editorial Board
- Title Page
- Copyright Page
- Table of Contents
- Foreword
- Preface
- Abbreviations
- Table of Statutes and Conventions
- Table of Cases
- 1. Introduction
- 1.1 Subject Matter and Aims of Book
- 1.2 Approach and Orientation of Book
- 1.3 Underlying Thesis of Book
- 1.4 Source Material and Method
- 1.4.1 SOURCE MATERIAL
- 1.4.2 LEGAL METHOD AND DIFFICULTIES
- 1.4.3 LEGAL ASPECTS OF ADMINISTRATIVE DECISION MAKING PURSUANT TO NORWEGIAN DATA PROTECTION LAW
- 1.4.4 LEGISLATIVE REFERENCES
- 1.5 Terminology
- PART I OVERVIEW OF DATA PROTECTION LAWS
- 2. Aims and Scope of Data Protection Laws
- 2.1 Introduction
- 2.2 Primary Points of Reference
- 2.3 Aims
- 2.4 Ambit
- 2.4.1 COVERAGE WITH REGARD TO TYPE OF DATA
- 2.4.2 COVERAGE WITH REGARD TO TYPE OF DATA PROCESSING
- 2.4.3 COVERAGE WITH REGARD TO SECTORS
- 3. Core Principles of Data Protection Laws
- 3.1 Introduction
- 3.2 Fair and Lawful Processing
- 3.3 Minimality
- 3.4 Purpose Specification
- 3.5 Information Quality
- 3.6 Data Subject Participation and Control
- 3.7 Disclosure Limitation
- 3.8 Information Security
- 3.9 Sensitivity
- 4. Monitoring, Supervisory and Enforcement Regimes
- 4.1 Data Protection Authorities
- 4.2 Notification and Licensing Schemes
- 4.3 Sanctions and Remedies
- 4.4 Transborder Data Flows
- 5. Concluding Observations for Part I
- PART II: ORIGINS, RATIONALE AND CHARACTER OF DATA PROTECTION LAWS
- 6. Catalysts for Emergence of Data Protection Laws
- 6.1 Introduction
- 6.2 Technological and Organisational Developments
- 6.2.1 DEVELOPMENTS GENERALLY
- 6.2.2 DEVELOPMENTS IN MASS SURVEILLANCE AND CONTROL
- 6.2.3 PROBLEMS WITH QUALITY OF DATA/INFORMATION
- 6.3 Fears
- 6.3.1 FEARS OVER THREATS TO PRIVACY AND TO RELATED VALUES
- 6.3.2 ECONOMIC FEARS
- 6.4 Legal Factors
- 6.4.1 POSITIVE LEGAL FACTORS
- 6.4.2 NEGATIVE LEGAL FACTORS
- 7. Values and Interests Safeguarded by Data Protection Laws
- 7.1 Introduction
- 7.2 Interests of Data Subjects
- 7.2.1 PRIVACY AND INTEGRITY
- 7.2.2 VALUES AND INTERESTS ASSOCIATED WITH PRIVACY
- 7.2.3 INFORMATIONAL VALUES AND INTERESTS
- 7.2.4 NORWEGIAN INTEREST MODELS
- 7.2.5 A RE-ELABORATION OF DATA PROTECTION INTERESTS
- 7.3 Interests of Data Controllers
- 8. Concluding Observations for Part II
- PART III: DATA PROTECTION RIGHTS FOR PRIVATE COLLECTIVE ENTITIES
- 9. Background to Issue
- 9.1 Parameters of the Issue
- 9.2 Early Enthusiasm for Protecting Collective Entity Data
- 9.3 Official Motives for Giving Data Protection Rights to Collective Entities
- 9.4 Opposition to Data Protection Rights for Collective Entities
- 10. Existing Safeguards for Data on Collective Entities Pursuant to Data Protection Laws
- 10.1 Express Protection
- 10.1.1 LEGISLATIVE POINTS OF DEPARTURE
- 10.1.2 DISCRIMINATORY PROVISIONS
- 10.1.3 DISCRIMINATORY PRACTICES
- 10.2 Sectoral Express Protection
- 10.3 Indirect Protection
- 11. Consequences of Protecting Data on Collective Entities
- 11.1 Allegations about Consequences
- 11.2 Actual Consequences
- 11.2.1 SURVEY METHOD
- 11.2.2 ACCESS RIGHTS
- 11.2.3 TRANSBORDER DATA FLOWS
- 11.2.4 ORGANISATIONAL BURDENS
- 11.2.5 THE 'MIXED FILE' AND 'SMALL BUSINESS' PROBLEMS
- 11.2.6 CONCLUSIONS ON SURVEY RESULTS
- 11.3 Actual Cases of Data Protection for Organised Collective Entities
- 11.3.1 DENMARK
- 11.3.2 NORWAY
- 11.3.3 CONCLUSIONS ON THE ABOVE CASES
- 12. Data Protection Interests of Collective Entities
- 12.1 The Privacy-based Argument against Data Protection Rights for Collective Entities
- 12.1.1 ELEMENTS OF ARGUMENT
- 12.1.2 RELATIONSHIP BETWEEN PRIVACY AND COLLECTIVE ENTITIES
- 12.2 Applicability of Other Data Protection Interests to Collective Entities
- 12.3 Summing Up
- 13. Social, Economic and Political Factors
- 13.1 Introduction
- 13.2 Social Impact/Risk
- 13.3 Information Use
- 13.4 Vulnerability and Resources
- 13.5 Expectations and Accountability
- 13.6 Summing Up
- 14. Legal Factors
- 14.1 Introduction
- 14.2 Protection of Collective Entities under other Branches of Law
- 14.2.1 EXTENT OF PROTECTION
- 14.2.2 DESIRABILITY OF PROTECTION
- 14.3 Possible Legislative Regimes for Protecting Collective Entity Data
- 14.4 Summing Up
- 15. Protection for Data on Non-organised Collective Entities
- 15.1 Introduction
- 15.2 Nature of Non-organised Collective Entities
- 15.3 Previous Approaches to Issue
- 15.4 Existing Safeguards under Data Protection Laws
- 15.5 Group Actions
- 15.6 Extending Protection Levels?
- 15.7 Summing Up
- 16. Concluding Observations for Part III
- PART IV PROFILING - REGULATION BY DATA PROTECTION LAWS
- 17. Profiling as Practice and Problem
- 17.1 Introduction
- 17.2 Profiling as Practice
- 17.3 Profiling as Problem
- 18. Regulation of Profiling
- 18.1 Introduction
- 18.2 The Concept of Personal Data Revisited - Particularly in Light of Internet Profiling
- 18.3 Express Regulation of Profiling
- 18.3.1 EC DIRECTIVE
- 18.3.2 GERMANY'S TELESERVICES DATA PROTECTION ACT
- 18.3.3 THE SWISS FEDERAL DATA PROTECTION ACT
- 18.3.4 NORWEGIAN PDA
- 18.4 Indirect Regulation of Profiling
- 18.4.1 PRINCIPLE OF FAIR AND LAWFUL PROCESSING
- 18.4.2 PRINCIPLE OF PURPOSE SPECIFICATION
- 18.4.3 PRINCIPLE OF MINIMALITY
- 18.4.4 PRINCIPLE OF INFORMATION QUALITY
- 18.4.5 PRINCIPLE OF DATA SUBJECT PARTICIPATION AND CONTROL
- 18.4.6 GENERAL EXCEPTIONS AND DEROGATIONS
- 18.4.7 REGULATION PURSUANT TO A LICENSING REGIME
- 19. Concluding Remarks on Part IV
- 20. Conclusion
- Select Bibliography 1249
- Index
- Back Cover
