Relevant bibliographies by topics / General Data Protection Regulation (GDPR)

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'General Data Protection Regulation (GDPR)'

Author: Grafiati
Published: 4 June 2021
Last updated: 31 January 2023

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'General Data Protection Regulation (GDPR).'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "General Data Protection Regulation (GDPR)"

1

Knott, Nigel. "The General Data Protection Regulation." Faculty Dental Journal 9, no. 2 (April 2018): 54–57. http://dx.doi.org/10.1308/rcsfdj.2018.54.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Bhaimia, Sahar. "The General Data Protection Regulation: the Next Generation of EU Data Protection." Legal Information Management 18, no. 1 (March 2018): 21–28. http://dx.doi.org/10.1017/s1472669618000051.

Full text
Abstract:
AbstractThis article, written by Sahar Bhaimia, presents an overview of the General Data Protection Regulation (EU) (2016/679) (GDPR) which will apply automatically across the EU on 25 May 2018. The GDPR is an update and reform of existing EU data protection law, first established by the Data Protection Directive (1995/46/EC). The article is for knowledge managers and information services professionals who may be asked to take on responsibility for GDPR, and focuses on the UK. It covers the fundamentals of EU data protection law, highlights key changes brought about by the GDPR, and provides practical tips and suggestions for knowledge managers.
APA, Harvard, Vancouver, ISO, and other styles
3

Vlahou, Antonia, Dara Hallinan, Rolf Apweiler, Angel Argiles, Joachim Beige, Ariela Benigni, Rainer Bischoff, et al. "Data Sharing Under the General Data Protection Regulation." Hypertension 77, no. 4 (April 2021): 1029–35. http://dx.doi.org/10.1161/hypertensionaha.120.16340.

Full text
Abstract:
The General Data Protection Regulation (GDPR) became binding law in the European Union Member States in 2018, as a step toward harmonizing personal data protection legislation in the European Union. The Regulation governs almost all types of personal data processing, hence, also, those pertaining to biomedical research. The purpose of this article is to highlight the main practical issues related to data and biological sample sharing that biomedical researchers face regularly, and to specify how these are addressed in the context of GDPR, after consulting with ethics/legal experts. We identify areas in which clarifications of the GDPR are needed, particularly those related to consent requirements by study participants. Amendments should target the following: (1) restricting exceptions based on national laws and increasing harmonization, (2) confirming the concept of broad consent, and (3) defining a roadmap for secondary use of data. These changes will be achieved by acknowledged learned societies in the field taking the lead in preparing a document giving guidance for the optimal interpretation of the GDPR, which will be finalized following a period of commenting by a broad multistakeholder audience. In parallel, promoting engagement and education of the public in the relevant issues (such as different consent types or residual risk for re-identification), on both local/national and international levels, is considered critical for advancement. We hope that this article will open this broad discussion involving all major stakeholders, toward optimizing the GDPR and allowing a harmonized transnational research approach.
APA, Harvard, Vancouver, ISO, and other styles
4

Bryukhovetsky, Kirill, and Ilya Livshitz. "An analysis of a General Data Protection Regulation impact on fuel and energy companies." Energy Safety and Energy Economy 5 (November 2020): 55–63. http://dx.doi.org/10.18635/2071-2219-2020-5-55-63.

Full text
Abstract:
General Data Protection Regulation has been adopted in 2018 and establishes privacy and security protection for data gathered on anyone in the European Union. Russian power engineering companies have to potentially comply with GDPR in regards of processing and storing customer data. This paper contains an analysis of certain GDPR requirements and their meaning for power engineering companies and their departments for the purpose of compliance risk assessment. The results can help make decisions on compliance risk assessment initiatives to diminish data protection risks for international businesses, including power engineering companies.
APA, Harvard, Vancouver, ISO, and other styles
5

Lovell, M., and M. A. Foy. "General Data Protection Regulation May 2018 (GDPR)." Bone & Joint 360 7, no. 4 (August 2018): 41–42. http://dx.doi.org/10.1302/2048-0105.74.360622.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Mazur, Marek. "SCOPE AND NATURE OF CHANGES IN PERSONAL DATA PROTECTION SYSTEMS OF PUBLIC INSTITUTIONS IN THE LIGHT OF THE PROVISIONS OF THE GDPR (GENERAL DATA PROTECTION REGULATION)." Kultura Bezpieczeństwa. Nauka – Praktyka - Refleksje 31, no. 31 (September 28, 2018): 169–86. http://dx.doi.org/10.5604/01.3001.0012.8602.

Full text
Abstract:
The EU GDPR Regulation introduced rules and regulations on the protection of individuals with regard to the processing of their personal data regardless of their citizenship or place of residence. The article focuses on issues related directly to the regulation on the protection of personal data and related to documents that regulate the protection of personal data and their processing in public institutions in Poland. The author presents basic estimates about the entry of the GDPR Regulation, indicates the importance of individual Dobies/organisations and entities playing a key role in the protection of personal data on the territory of Poland. It describes the documents that establish minimum standards for personal data protection systems to be developed in public institutions to guarantee security. In this article, the author attempted to indicate the scope and nature of changes in personal data systems in the light of the provisions of the GDPR Regulation.
APA, Harvard, Vancouver, ISO, and other styles
7

Becker, Regina, Adrian Thorogood, Johan Ordish, and Michael J. S. Beauvais. "COVID-19 Research: Navigating the European General Data Protection Regulation." Journal of Medical Internet Research 22, no. 8 (August 27, 2020): e19799. http://dx.doi.org/10.2196/19799.

Full text
Abstract:
Researchers must collaborate globally to rapidly respond to the COVID-19 pandemic. In Europe, the General Data Protection Regulation (GDPR) regulates the processing of personal data, including health data of value to researchers. Even during a pandemic, research still requires a legal basis for the processing of sensitive data, additional justification for its processing, and a basis for any transfer of data outside Europe. The GDPR does provide legal grounds and derogations that can support research addressing a pandemic, if the data processing activities are proportionate to the aim pursued and accompanied by suitable safeguards. During a pandemic, a public interest basis may be more promising for research than a consent basis, given the high standards set out in the GDPR. However, the GDPR leaves many aspects of the public interest basis to be determined by individual Member States, which have not fully or uniformly made use of all options. The consequence is an inconsistent legal patchwork that displays insufficient clarity and impedes joint approaches. The COVID-19 experience provides lessons for national legislatures. Responsiveness to pandemics requires clear and harmonized laws that consider the related practical challenges and support collaborative global research in the public interest.
APA, Harvard, Vancouver, ISO, and other styles
8

Cvik, Eva Daniela, Radka MacGregor Pelikánová, and Michal Malý. "Selected Issues from the Dark Side of the General Data Protection Regulation." Review of Economic Perspectives 18, no. 4 (December 1, 2018): 387–407. http://dx.doi.org/10.2478/revecp-2018-0020.

Full text
Abstract:
Abstract The Regulation (EU) 2016/679 on the protection of personal data (GDPR) was enacted in 2016 and applies from 25thMay 2018 in the entire EU. The GDPR is a product of an ambitious reform and represents a direct penetration of the EU law into the legal systems of the EU member states. The EU works on the enhancement of awareness about the GDPR and points out its bright side. However, the GDPR has its dark side as well, which will inevitably have a negative impact. Hence, the goal of this paper is twofold - (i) to scientifically identify, forecast, and analyze selected problematic aspects of the GDPR and its implementation, in particular for Czech municipalities, and (ii) to propose recommendations about how to reduce, or even avoid, their negative impacts. These theoretic analyses are projected to a Czech case study focusing on municipalities, which offers fresh primary data and allows a further refining of the proposed recommendations. An integral part of the performed analyses is also a theoretic forecast of expenses linked to the GDPR, which municipalities will have to include in their mandatory expenses and mid-term prognostic expectations regarding the impact on the budgets of these municipalities from Central Bohemia. The GDPR, like Charon, is at the crossing, the capacity and knowledge regarding its application is critical for operating in the EU in 2018. It is time both to admit that the GDPR has its dark side and to present real and practical recommendations about how to mitigate it.
APA, Harvard, Vancouver, ISO, and other styles
9

Martin, Nicholas, Christian Matt, Crispin Niebel, and Knut Blind. "How Data Protection Regulation Affects Startup Innovation." Information Systems Frontiers 21, no. 6 (November 18, 2019): 1307–24. http://dx.doi.org/10.1007/s10796-019-09974-2.

Full text
Abstract:
AbstractWhile many data-driven businesses have seen rapid growth in recent years, their business development might be highly contingent upon data protection regulation. While it is often claimed that stricter regulation penalizes firms, there is only scarce empirical evidence for this. We therefore study how data protection regulation affects startup innovation, exploring this question during the ongoing introduction of the EU General Data Protection Regulation (GDPR). Our results show that the effects of data protection regulation on startup innovation are complex: it simultaneously stimulates and constrains innovation. We identify six distinct firm responses to the effects of the GDPR; three that stimulate innovation, and three that constrain it. We furthermore identify two key stipulations in the GDPR that account for the most important innovation constraints. Implications and potential policy responses are discussed.
APA, Harvard, Vancouver, ISO, and other styles
10

Sirait, Yohanes Hermanto. "GENERAL DATA PROTECTION REGULATION (GDPR) DAN KEDAULATAN NEGARA NON-UNI EROPA." Gorontalo Law Review 2, no. 2 (October 30, 2019): 60. http://dx.doi.org/10.32662/golrev.v2i2.704.

Full text
Abstract:
Generally, the GDPR applies to data processing activities conducted by organisations established in the European Union (EU). But in certain activities, GDPR may also apply outside EU according to extra-teritorial principle. This principle has correlation to concept of sovereignty in international law. This article aims to examine whether a state must abide to GDPR when the requirement fulfiled or should the states use their sovereignty as a basis to deny it. This article is normative legal research. It focus on case-law, statutes and other legal source as primary and subsidiary source. The analysis is deductive by reasoning from more general to more specific. The result show that extra-teritorial principle under GDPR is in accordance to international law. The practice is common in the world in order to protect the citizen and national interest from any threat from abroad. The chance of overlapping between this principles with state’s sovereignty is hardly to occur as the principle only works when the interest of European citizen violated.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "General Data Protection Regulation (GDPR)"

1

Nord, Lisa. "Programvaruutvecklingen efter GDPR : Effekten av GDPR hos mjukvaruföretag." Thesis, Blekinge Tekniska Högskola, Institutionen för programvaruteknik, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-20146.

Full text
Abstract:
GDPR (General data protection regulation, generella dataskyddsförordningen) är en ny europeisk förordning som reglerar behandlingen av känsliga uppgifter samt det fria flödet av dessa inom EU. Förordningen utgör ett skydd för fysiska personer vid behandling av deras personuppgifter inom unionen vilket är en grundläggande rättighet.  GDPR har sedan den trädde i kraft i Maj 2018 varit en förordning att räkna med då dess bötesbelopp är höga. Alla företag inom Europa behöver följa reglerna samt företag utanför EU som hanterar europeiska personuppgifter. Målet med detta arbete är se vilken effekt GDPR har haft hos svenska mjukvaruutvecklare och hur de ser på sin arbetsbörda. Detta har gjorts genom en enkätundersökning hos svenska mjukvaruföretag som blivit slumpmässigt utvalda. Av uppsatsens resultat framgår det att många mjukvaruföretag som skapar egen programvara eller distribuerar programvara för en tredje part har den nya förordningen inneburit ett tyngre arbetslass samt omförhandling av existerande programvarulösningar. Något som inneburit nya arbetsplatser eller arbetsgrupper hos många företag. När GDPR först trädde ikraft lades det ner många arbetstimmar på att omvandla redan existerande lösningar för att uppfylla kraven. Trots detta har det lagts många fler timmar vid utveckling även efter GDPR för att se till att den nya programvaran även den lever upp till de krav som är ställda.  Av resultatet kan vi även finna att många företag ser väldigt strikt på hantering av känsliga uppgifter de samlat in från deras kunder men ser mindre strikt på lagring och hantering av personuppgifter av sina egna anställda.
GDPR(General data protection regulation) is a new European regulation that regulates data, protection, and privacy. It also addresses the transfer of personal data to countries outside of the European Union. Ever since the GDPR was enforceable May 2018, it has been a regulation for businesses to strictly follow and be wary of due to the hefty fines. All European businesses need to follow the new regulation and likewise, so to the businesses outside of the E.U. in which handles any type of personal data of Europeans. The goal with this thesis is to see the effect the GDPR has had for Swedish software developers and how they portray their workload. This data has been shown in the form of a questionnaire which was randomly distributed to a number of Swedish software companies.  In conclusion, this thesis shows that the new regulation has had a big impact on the developers that create new software/distributes software, primarily in form of a heavier workload and the need to re-negotiate already existing software. This has provided new jobs and/or new teams for many of the companies that were a part of this study. When GDPR was first introduced, the software companies spent countless hours on converting already existing software. Even tho they spend a lot of time in the beginning, the dedication of time is spent on every solution to make sure it meets the requirements of GDPR: We can also see that many businesses spend a lot more time and money on data protection for their clients personal data, but they do not treat their employees personal data in the same way.
APA, Harvard, Vancouver, ISO, and other styles
2

Duricu, Alexandra. "Data Protection Impact Assessment (DPIA) and Risk Assessment in the context of the General Data Protection Regulation (GDPR)." Thesis, Luleå tekniska universitet, Institutionen för system- och rymdteknik, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-74384.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Wallace, Amelia. "Protection of Personal Data in Blockchain Technology : An investigation on the compatibility of the General Data Protection Regulation and the public blockchain." Thesis, Stockholms universitet, Institutet för rättsinformatik (IRI), 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:su:diva-167303.

Full text
Abstract:
On 25 May 2018 the General Data Protection Regulation, GDPR, came into force in the EU. The regulation strengthened the rights of the data subjects’ in relation to the data controllers and processors and gave them more control over their personal data. The recitals of the GDPR state that it was the rapid development in technology and globalisation that brought new challenges for the protection of personal data. Private companies and public authorities where making use of personal data on an unprecedented scale in order to pursue their own activities. The protection should be technologically neutral and not dependant on the technique used. This leads to questions on whether the protection that is offered through the GDPR is de facto applicable on all technologies. One particular technology which has caught interest of both private companies and public authorities is the blockchain. The public distributed blockchain is completely decentralized, meaning it is the users who decide the rules and its content. There are no intermediaries in power and the transactions of value or other information is sent peer to peer. By using asymmetric cryptography and advanced hash algorithms the transactions sent in the blockchain are secured. Whilst the interest and use of blockchain is increasing and the GDPR attempting to be applicable on all techniques, the characteristics of the public blockchain must be analysed under the terms of the GDPR. The thesis examines whether natural persons can be identified in a public blockchain, who is considered data controller and data processor of a public blockchain and whether the principles of the GDPR can be applied in such a decentralised and publicly distributed technology.
Den 25 maj 2018 tradde den nya dataskyddsforordningen, GDPR, i kraft i EU vilken slog hardare mot personuppgiftsansvariga och personuppgiftsbitraden an vad det tidigare dataskyddsdirektivet gjort. Med reformen ville EU starka personuppgiftsskyddet genom att ge de registrerade mer kontroll over sina personuppgifter. I skalen till forordningen anges att det var den snabba tekniska utvecklingen och globaliseringen som skapat nya utmaningar for skyddet da privata foretag och offentliga myndigheter anvander personuppgifter i en helt ny omfattning idag. Skyddet bor saledes vara teknikneutralt och inte beroende av den teknik som anvands. Detta oppnar upp for fragor om huruvida skyddet som GDPR erbjuder faktiskt ar applicerbart pa samtliga tekniker. En sarskild teknologi som fangat intresse hos saval privatpersoner som foretag och offentliga myndigheter ar blockkedjan. Den oppet distribuerade blockkedjetekniken ar helt decentraliserad, vilket innebar att det ar dess anvandare som styr och bestammer over innehallet. Nagra mellanman finns inte, utan vardetransaktioner och andra overforingar av information sands direkt mellan anvandare. Genom asymmetrisk kryptografi och avancerade hash algoritmer sakras de overforingar som sker via blockkedjan. Nagot som uppmarksammats under den okande anvandningen och intresset for blockkedjan samt ikrafttradandet av GDPR ar hur personuppgifter bor hanteras i en sadan decentraliserad teknologi, dar inga mellanman kan bara ansvaret for eventuell personuppgiftsbehandling. Flera av den publika blockkedjeteknikens egenskaper bor problematiseras, framfor allt dess oppenhet och tillganglighet for varje person i varlden, samt dess forbud mot rattelse och radering av inlagda data. Denna uppsats behandlar fragorna huruvida fysiska personer kan identifieras i en publik blockkedja, vem som kan anses vara personuppgiftsansvarig och personuppgiftsbitrade i en publik blockkedja, samt om de principer och krav som uppstalls i GDPR kan efterlevas i en sadan decentraliserad och oppet distribuerad teknologi.
APA, Harvard, Vancouver, ISO, and other styles
4

Landström, Peter, and Rombouts Julia Ulvegärde. "Införandet av General Data Protection Regulation och dess påverkan på svenska företag." Thesis, Högskolan i Borås, Akademin för bibliotek, information, pedagogik och IT, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:hb:diva-15081.

Full text
Abstract:
I dagsläget har en individ väldigt lite kontroll över den persondata som samlas in och hur den används och vem som hanterar den. Detta vill EU ändra på med den nya dataskyddsförordningen General Data Protection Regulation (GDPR) som träder i kraft nästa år. De nya reglerna innefattar en större kontroll för individen över den data som har samlats av företag. Förordningen tvingar företag att strukturera om sina system så de är förenliga med GDPR. Då höga bötesbelopp kan drabba de företag som inte följer reglerna blir alla de som hanterar personuppgifter tvungna att se över sina processer över hanteringen. Uppsatsen har som syfte att undersöka hur väl förberedda svenska medelstora till stora företag är ett år innan införandet av GDPR och hur de arbetar med förändringarna ur ett tekniskt perspektiv, ett organisatoriskt perspektiv samt ur ett juridiskt perspektiv. Med ett teoretiskt fundament som grund genomfördes intervjuer på tre olika företag som hanterar personuppgifter i sina system, både som personuppgiftsansvariga och som personuppgiftsbiträden. Resultatet av studien användes för att designa en utvärderingsmodell som företag kan använda ett år efter införandet av GDPR. Utvärderingen kommer att skapa en överblick på hur väl övergången har gått och om det finns några områden som behöver ytterligare arbete. De slutsatser som drogs var att det fanns en del frågetecken gällande hur de tekniska lösningarna skulle se ut för att vara i linje med GDPR, de juridiska frågorna hanterades till stor del med hjälp av biträdesavtal mellan personuppgiftsansvariga, personuppgiftsbiträden och tredje part. Ur ett organisatoriskt perspektiv var det utbildning av personal och kunskap om GDPR och de ändringar i arbetssätt som detta medför.
At present an individual has very little control over the personal data collected, how it is used and who manages it. This is something the EU wants to change with the new General Data Protection Regulation (GDPR), which will come into force next year. The new regulation includes greater control for the individual regarding the data collected by companies. The Regulation forces companies to restructure their systems so that they are compliant with GDPR. Since high sanctions may affect those companies that do not comply with the rules, all those who handle personal data will have to review the processes that relate to the handling of personal data. The aim of this thesis is to investigate how well prepared Swedish medium to large sized companies are one year before the introduction of GDPR. The thesis focuses on how companies work with the changes from a technical perspective, an organizational perspective and from a legal perspective. With a theoretical foundation as a basis, interviews were conducted on three different companies that handle personal data, both as data controller and as data processor. The result of the study was used to design an evaluation model that companies can use one year after the introduction of GDPR. The evaluation will provide an overview of how well the transition has been and if there are any areas that need further work. There were some uncertainties regarding how the technical solutions would need to be designed and implemented to help the company being compliant with GDPR. The legal issues were largely handled through processing agreements between data controllers, data processors and third parties. The organizational perspective meant training of staff and questions regarding how to raise awareness about GDPR and the changes in working practices.
APA, Harvard, Vancouver, ISO, and other styles
5

Ghasem, Lollo. "GDPR - The General Data Protection Regulation : Hur medvetna är människor i Skövde kommun i ålder 18-65 om GDPR och de rättigheter som medför?" Thesis, Högskolan i Skövde, Institutionen för informationsteknologi, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-17295.

Full text
Abstract:
GDPR (The General Data Protection Regulation) är ett nytt EU-direktiv som träde i kraft 25 maj 2018. EU-direktivet gäller i hela Europa och har i syfte att styra hur och vem som får hantera personuppgifter. All form av behandling av information som direkt eller indirekt kan knytas till en person styrs av GDPR. För alla myndigheter, företag och organisationer innebär detta en stor förändring. GDPR stärker privatpersoners rättigheter och hjälper de att ha kontroll över hur deras personuppgifter behandlas och används. Som privatperson delar vi med oss av våra personuppgifter mer än vad vi tror. Några av de sätt på vilka personlig information samlas in är via användning av bilar, smarta telefoner, program, bärbara datorer och webbplatser. Enligt en undersökning som har genomförts av Europakommissionen angående ”Data Protection”, det vill säga dataskydd visar resultatet att det är endast 13% av svenska befolkningen som upplever att de har full kontroll över all data som de lämnar ut online (Commission, 2015). De här 13 % av svenska befolkningen är även medvetna om att de har tillgång till att rätta, ändra och radera data som finns lagrad om dem. Denna studie fokuserar på att undersöka hur medvetna människor i Skövde kommun i ålder 18–65 är om GDPR och de rättigheter som medförs. För att genomföra studien har en enkätundersökning tillämpats som datainsamlingsmetod. Resultatet av studien visar att majoriteten av människorna är medvetna om GDPR och vad det innebär i generella drag och de känner även till de tre rättigheterna rätt till information, rätt till rättelse och rätt till radering. Människorna i Skövde kommun anser att det är viktigt att veta hur personuppgifterna hanteras och behandlas för att obehöriga personer inte ska få tillgång till de. Slutsatser som går att dra från studien är att människorna är måna om sina personuppgifter. De vill gärna ha kontroll över personuppgifterna och veta hur de hanteras, behandlas samt om en olycka inträffar som leder till att personuppgifterna blir stulna eller förstörda vill de gärna bli informerade om det.
GDPR (The General Data Protection Regulation) is a new EU directive that came into force on May 25, 2018. The EU directive applies throughout Europe and has the purpose of managing how and who may handle personal data. Any form of processing of information that can be directly or indirectly linked to a person is governed by GDPR. For all authorities, companies and organizations, this is a major change. GDPR strengthens the right of individuals and helps them control how their personal data is processed and used.
APA, Harvard, Vancouver, ISO, and other styles
6

Billman, Astrid, and Anna Dyrhage. "Dataskyddsförordningens införande : Hur organisationer förhåller sig till dataskyddsförordningen, riskbedömning och efterlevnad." Thesis, Uppsala universitet, Institutionen för informatik och media, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-354014.

Full text
Abstract:
On May 25 2018, the General Data Protection Regulation from EU was introduced, which aims to protect individual fundamental rights and freedoms, in particular their right to protection of personal data. The data protection regulation replaces the EU's previous data protection directive and will help prevent the flow of data within the Union being hindered, as the data protection ordinance will apply to all members of EU. This case study aims to gaining an understanding of how different organisations’ risk management against the data protection regulation looks, and whether it will lead to compliance or not. Four Swedish organisations have been studied, presented, and then analysed based on a theoretical framework, designed after the different parts of a general risk management process. The study is of qualitative form and data have been collected through both semi structured and structured interviews. The data protection regulation was not yet implemented during the course of this study, and it was during this time that all parts were designed and the information was collected. The study concludes that the organizations will not be completely compliant against the data protection regulation, which has a number of reasons: They do not take the regulation seriously, they are wrongly doing the change which lengthens the processes, and they delay their compliance due to greater economic profit.
Den 25 maj 2018 infördes EU:s dataskyddsförordning General Data Protection Regulation, som syftar till att skydda enskildas grundläggande rättigheter och friheter, särskilt deras rätt till skydd av personuppgifter. Dataskyddsförordningen ersatte EU:s tidigare dataskyddsdirektiv, och kommer bidra till att flödet av uppgifter inom unionen inte hindras på grund av att olika länder har olika lagar gällande dataskydd och personuppgifter, då dataskyddsförordningen kommer tillämpas alla medlemsstater inom EU. Syftet med denna studie är att ge en ökad förståelse kring hur olika organisationers riskbedömning gentemot dataskyddsförordningen ser ut, och om den kommer leda till att dataskyddsförordningen efterföljs eller ej. Fyra svenska organisationer har studerats, redovisats och sedan analyserats utifrån ett teoretiskt ramverk utformat efter en generell riskbedömnings olika delar. Studien är av kvalitativ form och data har samlats in genom både semistrukturerade och strukturerade intervjuer. Dataskyddsförordningen var inte implementerad under studiens gång, och det var under denna tid som samtliga delar utformades och informationen samlades in. Studien kommer fram till att organisationerna inte kommer vara helt lagenliga gentemot dataskyddsförordningens införande, vilket beror på flera olika anledningar: Förordningen tas inte på fullt allvar, förändringsarbetet görs på fel sätt vilket förlänger processen och efterlevnaden skjuts upp på grund av ekonomiska skäl.
APA, Harvard, Vancouver, ISO, and other styles
7

Henriksson, Samuel. "Ideella föreningars hantering av GDPR." Thesis, Högskolan i Skövde, Institutionen för informationsteknologi, 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:his:diva-18818.

Full text
Abstract:
Personuppgiftlagen (PUL) fanns mellan 1992 och 2018 för att skydda människors personliga integritet. The General data protection regulation tog över 2018 dels för att fylla i de luckorsom fanns i PUL men också för att samma regler skulle gälla i alla EUs medlemsländer. För alla organisationer innebar det förändringar om på vilket sätt de ska hantera personuppgifter (Danielsson, Nilsson och Lindström 2019a). I den kvalitativa studie intervjuas respondenter från fem olika ideella föreningar för att ta reda på hur de har valt hantera dataskyddsförordningen. Studien kommer att fokusera på hur föreningarna skyddar sitt medlemsregister, skillnaden på hur de arbetar med personuppgifter nu kontra innan GDPR, hur de aktivt arbetar för att följa GDPR och vilka förändringar de har tvingats genomgå.
APA, Harvard, Vancouver, ISO, and other styles
8

Bitar, Hadi, and Björn Jakobsson. "GDPR: Securing Personal Data in Compliance with new EU-Regulations." Thesis, Luleå tekniska universitet, Institutionen för system- och rymdteknik, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:ltu:diva-64342.

Full text
Abstract:
New privacy regulations bring new challenges to organizations that are handling and processing personal data regarding persons within the EU. These challenges come mainly in the form of policies and procedures but also with some opportunities to use technology often used in other sectors to solve problems. In this thesis, we look at the new General Data Protection Regulation (GDPR) in the EU that comes into full effect in May of 2018, we analyze what some of the requirements of the regulation means for the industry of processing personal data, and we look at the possible solution of using hardware security modules (HSMs) to reach compliance with the regulation. We also conduct an empirical study using the Delphi method to ask security professionals what they think the most important aspects of securing personal data, and put that data in relation to the identified compliance requirements of the GDPR to see what organizations should focus on in their quest for compliance with the new regulation. We found that a successful implementation of HSMs based on industry standards and best practices address four of the 35 identified GDPR compliance requirements, mainly the aspects concerning compliance with anonymization through encryption, and access control. We also deduced that the most important aspect of securing personal data according to the experts of the Delphi study is access control followed by data inventory and classification.
APA, Harvard, Vancouver, ISO, and other styles
9

Taka, Anni-Maria. "Cross-Border Application of EU's General Data Protection Regulation (GDPR) - A private international law study on third state implications." Thesis, Uppsala universitet, Juridiska institutionen, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-326633.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Knutsson, Mikael. "Compliance with the General Data Protection Regulation: an exploratory case study on business systems’ adaptation." Thesis, KTH, Medieteknik och interaktionsdesign, MID, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-209772.

Full text
Abstract:
Current moves into a heavily digitalized era has led to a phase where our privacy is being eroded as we hand over our personal data to organizations and their systems. At the same time, the applicable laws to give security to the individuals have failed to incorporate these legal developments. However, in April 2016 the European Union proposed a change to a new regulation called the General Data Protection Regulation (GDPR). The GDPR will be implemented and start to apply in May 2018, thus the main purpose of this study was to investigate how organizations can adapt to changing regulations on how personal data should be stored and managed, and what the key tension points are within specifically closed IT-systems. The goal of the GDPR and this study on its feature implementation is to guarantee the EU citizens their right to privacy. Through an exploratory case study involving an in-depth analysis of two closed IT-systems this study develops a broader understanding on how organizations should adapt their daily businesses in order to be fully compliant with the new bylaws. This study identifies four critical issues which are used to discuss how the new bylaws could affect the EU citizens’ privacy. To accomplish this and open up for further investigation within the field of data privacy laws - four different propositions to modifications were suggested.
Den aktuella övergången till en omfattande digitaliserad tid har lett till en fas där vår integritet går förlorad då vi överlämnar vår personliga information till organisationer och deras system. Samtidigt har de tillämpade datalagarna med syfte att skydda individen misslyckats med att införliva denna utveckling. Därför har den Europeiska Unionen i april 2016 föreslagit en förändring till en ny reglering som får namnet Dataskyddsförordningen. Dataskyddsförordningen kommer blir implementerad och börja gälla i maj 2018 och därav var huvudsyftet med den här studien att undersöka hur organisationer bör anpassa sig till de nya riktlinjerna för hur personlig information bör lagras och hanteras samt vilka spänningspunkterna är för slutna IT-system. Målet med Dataskyddsförordningen och vad den här studien beaktade i dess kommande utförande är att garantera EU-medborgare rätten till sin integritet. Genom att utföra en undersökande fallstudie innehållandes en djupgående analys av två slutna IT-system har den här studien bidragit med en bredare förståelse för hur organisationer bör anpassa sina dagliga verksamhet för att vara helt medgörliga med Dataskyddsförordningen. Studien har identifierat fyra kritiska problem som har legat till grund för att diskutera hur den nya förordningen kommer påverka EU-medborgarnas rätt till sin integritet. För att göra det möjligt samt öppna upp för framtida undersökningar inom ramen för dataskyddslagar föreslogs fyra förslag på generella förändringar.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "General Data Protection Regulation (GDPR)"

1

Voigt, Paul, and Axel von dem Bussche. The EU General Data Protection Regulation (GDPR). Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-57959-7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Sloot, Bart. The General Data Protection Regulation in Plain Language. NL Amsterdam: Amsterdam University Press, 2020. http://dx.doi.org/10.5117/9789463726511.

Full text
Abstract:
The General Data Protection Regulation in Plain Language is a guide for anyone interested in the much-discussed rules of the GDPR. In this legislation, which came into force in 2018, the European Union meticulously describes what you can and cannot do with data about other people. Violating these rules can lead to a fine of up to 20 million euros. This book sets out the most important obligations of individuals and organisations that process data about others. These include taking technical security measures, carrying out an impact assessment and registering all data-processing procedures within an organisation. It also discusses the rights of citizens whose data are processed, such as the right to be forgotten, the right to information and the right to data portability.
APA, Harvard, Vancouver, ISO, and other styles
3

Security, rights, and liabilities in e-commerce. Boston: Artech House, 2002.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

Office, General Accounting. International trade: Romanian trade data : report to the chairman, Committee on Finance, U.S. Senate. Washington, D.C: The Office, 1992.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Kuner, Christopher, Lee A. Bygrave, Christopher Docksey, and Laura Drechsler, eds. The EU General Data Protection Regulation (GDPR). Oxford University Press, 2020. http://dx.doi.org/10.1093/oso/9780198826491.001.0001.

Full text
Abstract:
This new book provides an article-by-article commentary on the new EU General Data Protection Regulation. Adopted in April 2016 and applicable from May 2018, the GDPR is the centrepiece of the recent reform of the EU regulatory framework for protection of personal data. It replaces the 1995 EU Data Protection Directive and has become the most significant piece of data protection legislation anywhere in the world. This book is edited by three leading authorities and written by a team of expert specialists in the field from around the EU and representing different sectors (including academia, the EU institutions, data protection authorities, and the private sector), thus providing a pan-European analysis of the GDPR. It examines each article of the GDPR in sequential order and explains how its provisions work, thus allowing the reader to easily and quickly elucidate the meaning of individual articles. An introductory chapter provides an overview of the background to the GDPR and its place in the greater structure of EU law and human rights law. Account is also taken of closely linked legal instruments, such as the Directive on Data Protection and Law Enforcement that was adopted concurrently with the GDPR, and of the ongoing work on the proposed new E-Privacy Regulation.
APA, Harvard, Vancouver, ISO, and other styles
6

Publishing, IT Governance. EU General Data Protection Regulation (GDPR) - an Implementation and Compliance Guide. IT Governance Ltd, 2020.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Kolah, Ardi. GDPR Handbook: A Guide to the EU General Data Protection Regulation. Kogan Page, Limited, 2015.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
8

Kolah, Ardi. GDPR Handbook: A Guide to Implementing the EU General Data Protection Regulation. Kogan Page, Limited, 2018.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
9

Becker, Friedrich Helmut. Datenschutzgrundverordnung - DSGVO / General Data Protection Regulation - GDPR : Synopse : Deutsch-Englisch / Synopsis: German-English. Independently Published, 2018.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

Hallinan, Dara. Protecting Genetic Privacy in Biobanking through Data Protection Law. Oxford University Press, 2021. http://dx.doi.org/10.1093/oso/9780192896476.001.0001.

Full text
Abstract:
Biobanks are critical infrastructure for medical research. Biobanks, however, are also the subject of considerable ethical and legal uncertainty. Given that biobanks process large quantities of genomic data, questions have emerged as to how genetic privacy should be protected. What types of genetic privacy rights and rights holders should be protected and to what extent? Since 25 May 2018, the General Data Protection Regulation (GDPR) has applied and now occupies a key position in the European legal framework for the regulation of biobanking. This book takes an in-depth look at the function, problems, and opportunities presented by European data protection law under the GDPR as a framework for the protection of genetic privacy in biobanking. It argues that the substantive framework presented by the GDPR already offers an admirable baseline level of protection for the range of genetic privacy rights engaged by biobanking. The book further contends that while numerous problems with this standard of protection are indeed identifiable, the GDPR offers the flexibility to accommodate solutions to these problems, as well as the procedural mechanisms to realise these solutions.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Book chapters on the topic "General Data Protection Regulation (GDPR)"

1

Voigt, Paul, and Axel von dem Bussche. "Scope of Application of the GDPR." In The EU General Data Protection Regulation (GDPR), 9–30. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-57959-7_2.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Voigt, Paul, and Axel von dem Bussche. "Enforcement and Fines Under the GDPR." In The EU General Data Protection Regulation (GDPR), 201–17. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-57959-7_7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Voigt, Paul, and Axel von dem Bussche. "Rights of Data Subjects." In The EU General Data Protection Regulation (GDPR), 141–87. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-57959-7_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Voigt, Paul, and Axel von dem Bussche. "Special Data Processing Activities." In The EU General Data Protection Regulation (GDPR), 235–43. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-57959-7_9.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Hallinan, Dara. "Biobank Oversight and Sanctions Under the General Data Protection Regulation." In GDPR and Biobanking, 121–44. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-49388-2_8.

Full text
Abstract:
AbstractThis contribution offers an insight into the function and problems of the oversight and sanctions mechanisms outlined in the General Data Protection Regulation as they relate to the biobanking context. These mechanisms might be considered as meta-mechanisms—mechanisms relating to, but not consisting of, substantive legal principles—functioning in tandem to ensure biobank compliance with data protection principles. Each of the mechanisms outlines, on paper at least, comprehensive and impressive compliance architecture—both expanding on their capacity in relation to Directive 95/46. Accordingly, each mechanism looks likely to have a significant and lasting impact on biobanks and biobanking. Despite this comprehensiveness, however, the mechanisms are not immune from critique. Problems appear regarding the standard of protection provided for research subject rights, regarding the disproportionate impact on legitimate interests tied up with the biobanking process—particularly genomic research interests—and regarding their practical implementability in biobanking.
APA, Harvard, Vancouver, ISO, and other styles
6

Voigt, Paul, and Axel von dem Bussche. "Practical Implementation of the Requirements Under the GDPR." In The EU General Data Protection Regulation (GDPR), 245–49. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-57959-7_10.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Voigt, Paul, and Axel von dem Bussche. "Introduction and ‘Checklist’." In The EU General Data Protection Regulation (GDPR), 1–7. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-57959-7_1.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Voigt, Paul, and Axel von dem Bussche. "Organisational Requirements." In The EU General Data Protection Regulation (GDPR), 31–86. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-57959-7_3.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Voigt, Paul, and Axel von dem Bussche. "Material Requirements." In The EU General Data Protection Regulation (GDPR), 87–140. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-57959-7_4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Voigt, Paul, and Axel von dem Bussche. "Interaction with the Supervisory Authorities." In The EU General Data Protection Regulation (GDPR), 189–99. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-57959-7_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "General Data Protection Regulation (GDPR)"

1

Savić, Dragan, and Mladen Veinović. "Challenges of General Data Protection Regulation (GDPR)." In Sinteza 2018. Belgrade, Serbia: Singidunum University, 2018. http://dx.doi.org/10.15308/sinteza-2018-23-30.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Šidlauskas, Aurimas. "GENERAL DATA PROTECTION REGULATION (GDPR) AWARENESS TRAINING OPPORTUNITIES IN LITHUANIA." In 14th annual International Conference of Education, Research and Innovation. IATED, 2021. http://dx.doi.org/10.21125/iceri.2021.2109.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Sathiyanarayanan, Mithileysh, and Odunayo Fadahunsi. "Visual-Based Intelligence (VBI) Analysis for General Data Protection Regulation (GDPR)." In 2021 4th International Conference on Computing and Communications Technologies (ICCCT). IEEE, 2021. http://dx.doi.org/10.1109/iccct53315.2021.9711909.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Indhumini Ranathunga, P. A., and A. P. R. Wickramarachchi. "General Data Protection Regulation(GDPR) Adoption in Sri Lankan Businesses: A Data Governance Model." In 2022 2nd International Conference on Advanced Research in Computing (ICARC). IEEE, 2022. http://dx.doi.org/10.1109/icarc54489.2022.9753790.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Annam, Jagadeeswara Rao, Pavan Kumar Ande, Bhargavi Kanuri, Chitturi Prasad, B. Sobhan Babu, and Poojitha Tatineni. "User valuation of secrecy Framing based on General Data Protection Regulation (GDPR) users." In 2021 Third International Conference on Inventive Research in Computing Applications (ICIRCA). IEEE, 2021. http://dx.doi.org/10.1109/icirca51532.2021.9544896.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Babalola, Olumide. "Internet of Things (IoT): Data Security and Privacy Concerns under the General Data Protection Regulation (GDPR)." In 10th International Conference on Natural Language Processing (NLP 2021). Academy and Industry Research Collaboration Center (AIRCC), 2021. http://dx.doi.org/10.5121/csit.2021.112324.

Full text
Abstract:
Internet of Things (IoT) refers to the seamless communication and interconnectivity of multiple devices within a certain network enabled by sensors and other technologies facilitating unusual processing of personal data for the performance of a certain goal. This article examines the various definitions of the IoT from technical and socio-technical perspectives and goes ahead to describe some practical examples of IoT by demonstrating their functionalities vis a vis the anticipated privacy and information security implications. Predominantly, the article discusses the information security and privacy risks posed by the operationality of IoT as envisaged under the EU GDPR and makes a few recommendations on how to address the risks.
APA, Harvard, Vancouver, ISO, and other styles
7

Geko, Melisa, and Simon Tjoa. "An Ontology Capturing the Interdependence of the General Data Protection Regulation (GDPR) and Information Security." In CECC 2018: Central European Cybersecurity Conference 2018. New York, NY, USA: ACM, 2018. http://dx.doi.org/10.1145/3277570.3277590.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Muchagata, Joana, and Ana Ferreira. "Mobile Apps for People with Dementia: Are They Compliant with the General Data Protection Regulation (GDPR)?" In 12th International Conference on Health Informatics. SCITEPRESS - Science and Technology Publications, 2019. http://dx.doi.org/10.5220/0007352200680077.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Pavli, Kristina, and Miha Dvojmoč. "General Data Protection Regulation (GDPR), the Data Protection Police Directive, and the Changes to National Legislation in the Republic of Slovenia." In Twelfth Biennial International Conference Criminal Justice and Security in Central and Eastern Europe: From Common Sense to Evidence-based Policy–making. University of Maribor Press, 2018. http://dx.doi.org/10.18690/978-961-286-174-2.46.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Kačer, Branka. "MEDICINSKO ODŠTETNI ASPEKT OPĆE UREDBE EUROPSKOG PARLAMENTA I VIJEĆA (GDPR)." In 14 Majsko savetovanje. University of Kragujevac, Faculty of Law, 2018. http://dx.doi.org/10.46793/xivmajsko.627k.

Full text
Abstract:
This paper discovers and analyses one legal gap, which the Regulation did not fill in. Of course it is not necessary that the problem be settled by the Regulation, but it is a shame that it was not governed by the Regulation. The subject is related to personal data and its protection, but it is most certainly in the public interest to collect specific data and to store it properly as well as to protect it. It has been demonstrated that, in one particular, yet real case, general principles from the Regulation do not work. This leads to the conclusion that the gap needs to be filled in as soon as possible, because of legal safety and the rule of law.
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "General Data Protection Regulation (GDPR)"

1

Minero Alejandre, Gemma. Ownership of Databases: Personal Data Protection and Intellectual Property Rights on Databases. Universitätsbibliothek J. C. Senckenberg, Frankfurt am Main, 2021. http://dx.doi.org/10.21248/gups.64578.

Full text
Abstract:
When we think on initiatives on access to and reuse of data, we must consider both the European Intellectual Property Law and the General Data Protection Regulation (GDPR). The first one provides a special intellectual property (IP) right – the sui generis right – for those makers that made a substantial investment when creating the database, whether it contains personal or non-personal data. That substantial investment can be made by just one person, but, in many cases, it is the result of the activities of many people and/or some undertakings processing and aggregating data. In the modern digital economy, data are being dubbed the ‘new oil’ and the sui generis right might be con- sidered a right to control any access to the database, thus having an undeniable relevance. Besides, there are still important inconsistences between IP Law and the GDPR, which must be removed by the European legislator. The genuine and free consent of the data subject for the use of his/her data must remain the first step of the legal analysis.
APA, Harvard, Vancouver, ISO, and other styles
2

de Miguel Beriain, Iñigo, Aliuska Duardo Sánchez, and José Antonio Castillo Parrilla. What Can We Do with the Data of Deceased People? A Normative Proposal. Universitätsbibliothek J. C. Senckenberg, Frankfurt am Main, 2021. http://dx.doi.org/10.21248/gups.64580.

Full text
Abstract:
The health and genetic data of deceased people are a particularly important asset in the field of biomedical research. However, in practice, using them is compli- cated, as the legal framework that should regulate their use has not been fully developed yet. The General Data Protection Regulation (GDPR) is not applicable to such data and the Member States have not been able to agree on an alternative regulation. Recently, normative models have been proposed in an attempt to face this issue. The most well- known of these is posthumous medical data donation (PMDD). This proposal supports an opt-in donation system of health data for research purposes. In this article, we argue that PMDD is not a useful model for addressing the issue at hand, as it does not consider that some of these data (the genetic data) may be the personal data of the living relatives of the deceased. Furthermore, we find the reasons supporting an opt-in model less convincing than those that vouch for alternative systems. Indeed, we propose a normative framework that is based on the opt-out system for non-personal data combined with the application of the GDPR to the relatives’ personal data.
APA, Harvard, Vancouver, ISO, and other styles
3

Kira, Beatriz, Rutendo Tavengerwei, and Valary Mumbo. Points à examiner à l'approche des négociations de Phase II de la ZLECAf: enjeux de la politique commerciale numérique dans quatre pays d'Afrique subsaharienne. Digital Pathways at Oxford, March 2022. http://dx.doi.org/10.35489/bsg-dp-wp_2022/01.

Full text
Abstract:
Realities such as the COVID-19 pandemic have expedited the move to online operations, highlighting the undeniable fact that the world is continuing to go digital. This emphasises the need for policymakers to regulate in a manner that allows them to harness digital trade benefits while also avoiding associated risk. However, given that digital trade remains unco-ordinated globally, with countries adopting different approaches to policy issues, national regulatory divergence on the matter continues, placing limits on the benefits that countries can obtain from digital trade. Given these disparities, ahead of the African Continental Free Trade Area (AfCFTA) Phase II Negotiations, African countries have been considering the best way to harmonise regulations on issues related to digital trade. To do this effectively, AfCFTA members need to identify where divergencies exist in their domestic regulatory systems. This will allow AfCFTA members to determine where harmonisation is possible, as well as what is needed to achieve such harmonisation. This report analyses the domestic regulations and policies of four focus countries – South Africa, Nigeria, Kenya and Senegal – comparing their regulatory approaches to five policy issues: i) regulation of online transactions; ii) cross-border data flows, data localisation, and personal data protection; iii) access to source code and technology transfer; iv) intermediary liability; and v) customs duties on electronic transmissions. The study highlights where divergencies exist in adopted approaches, indicating the need for the four countries – and AfCFTA members in general – to carefully consider the implications of the divergences, and determine where it is possible and beneficial to harmonise approaches. This was intended to encourage AfCFTA member states to take ownership of these issues and reflect on the reforms needed. As seen in Table 1 below, the study shows that the four countries diverge on most of the five policy issues. There are differences in how all four countries regulate online transactions – that is, e-signatures and online consumer protection. Nigeria was the only country out of the four to recognise all types of e-signatures as legally equivalent. Kenya and Senegal only recognise specific e-signatures, which are either issued or validated by a recognised institution, while South Africa adopts a mixed approach, where it recognises all e-signatures as legally valid, but provides higher evidentiary weight to certain types of e-signatures. Only South Africa and Senegal have specific regulations relating to online consumer protection, while Nigeria and Kenya do not have any clear rules. With regards to cross border data flows, data localisation, and personal data protection, the study shows that all four focus countries have regulations that consist of elements borrowed from the European Union (EU) General Data Protection Regulation (GDPR). In particular, this was regarding the need for the data subject's consent, and also the adequacy requirement. Interestingly, the study also shows that South Africa, Kenya and Nigeria also adopt data localisation measures, although at different levels of strictness. South Africa’s data localisation laws are mostly imposed on data that is considered critical – which is then required to be processed within South African borders – while Nigeria requires all data to be processed and stored locally, using local servers. Kenya imposes data localisation measures that are mostly linked to its priority for data privacy. Out of the four focus countries, Senegal is the only country that does not impose any data localisation laws. Although the study shows that all four countries share a position on customs duties on electronic transmissions, it is also interesting to note that none of the four countries currently have domestic regulations or policies on the subject. The report concludes by highlighting that, as the AfCFTA Phase II Negotiations aim to arrive at harmonisation and to improve intra-African trade and international trade, AfCFTA members should reflect on their national policies and domestic regulations to determine where harmonisation is needed, and whether AfCFTA is the right platform for achieving this efficiently.
APA, Harvard, Vancouver, ISO, and other styles
4

Zhuo, Ran, Bradley Huffaker, KC Claffy, and Shane Greenstein. The Impact of the General Data Protection Regulation on Internet Interconnection. Cambridge, MA: National Bureau of Economic Research, November 2019. http://dx.doi.org/10.3386/w26481.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

African Open Science Platform Part 1: Landscape Study. Academy of Science of South Africa (ASSAf), 2019. http://dx.doi.org/10.17159/assaf.2019/0047.

Full text
Abstract:
This report maps the African landscape of Open Science – with a focus on Open Data as a sub-set of Open Science. Data to inform the landscape study were collected through a variety of methods, including surveys, desk research, engagement with a community of practice, networking with stakeholders, participation in conferences, case study presentations, and workshops hosted. Although the majority of African countries (35 of 54) demonstrates commitment to science through its investment in research and development (R&D), academies of science, ministries of science and technology, policies, recognition of research, and participation in the Science Granting Councils Initiative (SGCI), the following countries demonstrate the highest commitment and political willingness to invest in science: Botswana, Ethiopia, Kenya, Senegal, South Africa, Tanzania, and Uganda. In addition to existing policies in Science, Technology and Innovation (STI), the following countries have made progress towards Open Data policies: Botswana, Kenya, Madagascar, Mauritius, South Africa and Uganda. Only two African countries (Kenya and South Africa) at this stage contribute 0.8% of its GDP (Gross Domestic Product) to R&D (Research and Development), which is the closest to the AU’s (African Union’s) suggested 1%. Countries such as Lesotho and Madagascar ranked as 0%, while the R&D expenditure for 24 African countries is unknown. In addition to this, science globally has become fully dependent on stable ICT (Information and Communication Technologies) infrastructure, which includes connectivity/bandwidth, high performance computing facilities and data services. This is especially applicable since countries globally are finding themselves in the midst of the 4th Industrial Revolution (4IR), which is not only “about” data, but which “is” data. According to an article1 by Alan Marcus (2015) (Senior Director, Head of Information Technology and Telecommunications Industries, World Economic Forum), “At its core, data represents a post-industrial opportunity. Its uses have unprecedented complexity, velocity and global reach. As digital communications become ubiquitous, data will rule in a world where nearly everyone and everything is connected in real time. That will require a highly reliable, secure and available infrastructure at its core, and innovation at the edge.” Every industry is affected as part of this revolution – also science. An important component of the digital transformation is “trust” – people must be able to trust that governments and all other industries (including the science sector), adequately handle and protect their data. This requires accountability on a global level, and digital industries must embrace the change and go for a higher standard of protection. “This will reassure consumers and citizens, benefitting the whole digital economy”, says Marcus. A stable and secure information and communication technologies (ICT) infrastructure – currently provided by the National Research and Education Networks (NRENs) – is key to advance collaboration in science. The AfricaConnect2 project (AfricaConnect (2012–2014) and AfricaConnect2 (2016–2018)) through establishing connectivity between National Research and Education Networks (NRENs), is planning to roll out AfricaConnect3 by the end of 2019. The concern however is that selected African governments (with the exception of a few countries such as South Africa, Mozambique, Ethiopia and others) have low awareness of the impact the Internet has today on all societal levels, how much ICT (and the 4th Industrial Revolution) have affected research, and the added value an NREN can bring to higher education and research in addressing the respective needs, which is far more complex than simply providing connectivity. Apart from more commitment and investment in R&D, African governments – to become and remain part of the 4th Industrial Revolution – have no option other than to acknowledge and commit to the role NRENs play in advancing science towards addressing the SDG (Sustainable Development Goals). For successful collaboration and direction, it is fundamental that policies within one country are aligned with one another. Alignment on continental level is crucial for the future Pan-African African Open Science Platform to be successful. Both the HIPSSA ((Harmonization of ICT Policies in Sub-Saharan Africa)3 project and WATRA (the West Africa Telecommunications Regulators Assembly)4, have made progress towards the regulation of the telecom sector, and in particular of bottlenecks which curb the development of competition among ISPs. A study under HIPSSA identified potential bottlenecks in access at an affordable price to the international capacity of submarine cables and suggested means and tools used by regulators to remedy them. Work on the recommended measures and making them operational continues in collaboration with WATRA. In addition to sufficient bandwidth and connectivity, high-performance computing facilities and services in support of data sharing are also required. The South African National Integrated Cyberinfrastructure System5 (NICIS) has made great progress in planning and setting up a cyberinfrastructure ecosystem in support of collaborative science and data sharing. The regional Southern African Development Community6 (SADC) Cyber-infrastructure Framework provides a valuable roadmap towards high-speed Internet, developing human capacity and skills in ICT technologies, high- performance computing and more. The following countries have been identified as having high-performance computing facilities, some as a result of the Square Kilometre Array7 (SKA) partnership: Botswana, Ghana, Kenya, Madagascar, Mozambique, Mauritius, Namibia, South Africa, Tunisia, and Zambia. More and more NRENs – especially the Level 6 NRENs 8 (Algeria, Egypt, Kenya, South Africa, and recently Zambia) – are exploring offering additional services; also in support of data sharing and transfer. The following NRENs already allow for running data-intensive applications and sharing of high-end computing assets, bio-modelling and computation on high-performance/ supercomputers: KENET (Kenya), TENET (South Africa), RENU (Uganda), ZAMREN (Zambia), EUN (Egypt) and ARN (Algeria). Fifteen higher education training institutions from eight African countries (Botswana, Benin, Kenya, Nigeria, Rwanda, South Africa, Sudan, and Tanzania) have been identified as offering formal courses on data science. In addition to formal degrees, a number of international short courses have been developed and free international online courses are also available as an option to build capacity and integrate as part of curricula. The small number of higher education or research intensive institutions offering data science is however insufficient, and there is a desperate need for more training in data science. The CODATA-RDA Schools of Research Data Science aim at addressing the continental need for foundational data skills across all disciplines, along with training conducted by The Carpentries 9 programme (specifically Data Carpentry 10 ). Thus far, CODATA-RDA schools in collaboration with AOSP, integrating content from Data Carpentry, were presented in Rwanda (in 2018), and during17-29 June 2019, in Ethiopia. Awareness regarding Open Science (including Open Data) is evident through the 12 Open Science-related Open Access/Open Data/Open Science declarations and agreements endorsed or signed by African governments; 200 Open Access journals from Africa registered on the Directory of Open Access Journals (DOAJ); 174 Open Access institutional research repositories registered on openDOAR (Directory of Open Access Repositories); 33 Open Access/Open Science policies registered on ROARMAP (Registry of Open Access Repository Mandates and Policies); 24 data repositories registered with the Registry of Data Repositories (re3data.org) (although the pilot project identified 66 research data repositories); and one data repository assigned the CoreTrustSeal. Although this is a start, far more needs to be done to align African data curation and research practices with global standards. Funding to conduct research remains a challenge. African researchers mostly fund their own research, and there are little incentives for them to make their research and accompanying data sets openly accessible. Funding and peer recognition, along with an enabling research environment conducive for research, are regarded as major incentives. The landscape report concludes with a number of concerns towards sharing research data openly, as well as challenges in terms of Open Data policy, ICT infrastructure supportive of data sharing, capacity building, lack of skills, and the need for incentives. Although great progress has been made in terms of Open Science and Open Data practices, more awareness needs to be created and further advocacy efforts are required for buy-in from African governments. A federated African Open Science Platform (AOSP) will not only encourage more collaboration among researchers in addressing the SDGs, but it will also benefit the many stakeholders identified as part of the pilot phase. The time is now, for governments in Africa, to acknowledge the important role of science in general, but specifically Open Science and Open Data, through developing and aligning the relevant policies, investing in an ICT infrastructure conducive for data sharing through committing funding to making NRENs financially sustainable, incentivising open research practices by scientists, and creating opportunities for more scientists and stakeholders across all disciplines to be trained in data management.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'General Data Protection Regulation (GDPR)' for particular source types:
Journal articles Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography