Posted on Categories privacy/personal data protection, research

DSRC – vehicle-to-vehicle communication and data protection

Dedicated Short Range Communication (DSRC) is a system in which information is shared between vehicles (V2V) and between vehicles and infrastructure (V2I). In general, this technology is intended to aid the flow of anonymised information on driving conditions. It seems however that DSRC might also entail collection and processing of personal data.

Continue reading “DSRC – vehicle-to-vehicle communication and data protection”

Posted on Categories changes in law, privacy/personal data protection

Ways of excluding applicability of the GDPR

At a meeting summarising public consultations on a bill implementing the General Data Protection Regulation (GDPR) in Poland, the Ministry of Digital Affairs confirmed that during legislative work a change was approved providing for major exceptions to the GDPR. This change was proposed in October 2017 by the Ministry of Development. This proposed exception is an interesting example of how hard it can be to draft legislation properly aligned to the needs of a digital economy.

Continue reading “Ways of excluding applicability of the GDPR”

Posted on Categories privacy/personal data protection

A few smartphone pushes instead of endless scrolling through terms and conditions

Two new documents were issued in December 2017 by the EU’s Article 29 Data Protection Working Party explaining how to interpret and apply the provisions of the General Data Protection Regulation on the consent that must be obtained from data subjects and the information that must be provided to data subjects for processing their data. The Guidelines on Consent under Regulation 2016/679 and the Guidelines on Transparency under Regulation 2016/679 demonstrate that the era of lengthy, fine-print terms and conditions is over. Data controllers will achieve better compliance with the GDPR by using brief and easily understood FAQ and notices.

Continue reading “A few smartphone pushes instead of endless scrolling through terms and conditions”

Posted on Categories privacy/personal data protection

Data not entirely anonymous

As anonymisation of data appears to the main method for escaping the restrictive regime of the General Data Protection Regulation, it’s worthwhile for data processers to be aware of the risks they may be exposed to if this is not done properly or the data can be traced back to specific people. Should firms applying artificial intelligence to anonymised data expect to be held liable when it turns out that the data they are using have not been permanently anonymised but only been given a pseudonym—a reversible operation?

Continue reading “Data not entirely anonymous”

Posted on Categories artificial intelligence, privacy/personal data protection

Another look at AI and GDPR

In February 2018 the EU’s Article 29 Data Protection Working Party published its Guidelines on Automated individual decision-making and Profiling for the purposes of Regulation 2016/679. The guidelines explore Art. 21–22 of the General Data Protection Regulation, and although the title may not indicate it, provide another element in the legal framework for development and use of artificial intelligence. They also show that this framework may be truly restrictive.

Continue reading “Another look at AI and GDPR”

Posted on Categories changes in law, privacy/personal data protection

How will the new ePrivacy Regulation affect the operation of websites?

The General Data Protection Regulation entering into force on 25 May 2018 is not the only privacy revolution in store for the EU. The proposed ePrivacy Regulation is also generating greater and greater controversy and may change the shape of the internet as we know it.

Continue reading “How will the new ePrivacy Regulation affect the operation of websites?”