The CCPA (California Consumer Privacy Act) is a data privacy law that took effect on January 1, 2020. It applied to businesses that collect California residents' personal information, and its privacy requirements are similar to those of the GDPR (General Data Protection Regulation). On May 4, 2020, Californians for Consumer Privacy (an advocacy group, founded by Alistair MacTaggart) announced that it had collected more than 900,000 signatures to qualify the CPRA (California Privacy Rights Act) for the November 2020 ballot. Also known as 'CCPA 2.0', the CPRA enhances privacy protections established by the CCPA and builds on consumer rights. CPRA effectively replaces the CCPA and bolsters privacy protections for California consumers. While many elements of the two laws are similar, there are some striking differences that could impact CPRA implementation plans, including: Limiting deletion rights that apply to unstructured data A new right to data minimization with retention requirements related to personal data New definitions and obligations related to cross-context behavioral advertising Amending breach liability to include an email address in combination with a password or security question Establishing a new regulatory enforcement body: the California Privacy Protection Agency Organizations that fail to comply with the CPRA's requirements are subject to civil penalties of up to $7,500 and a civil suit that gives every affected consumer the right to seek between $100 and $750 in damages per incident, or actual damages if higher. The law is complex and requires careful reading to understand the actual requirements for organizations - The California Privacy Rights Act - An implementation and compliance guide is here to help you. Ensure your business is CPRA compliant with essential guidanceThis book is your ideal resource for understanding the CPRA and how you can implement a strategy to ensure your organization complies with the legislation. It will give you a comprehensive understanding of the legislation by providing definitions of key terms, explanations of the security requirements, details of the breach notification procedure, and covering the penalties for noncompliance. The California Privacy Rights Act - An implementation and compliance guide is essential reading for anyone with business interests in the state of California. Not only does it serve as an introduction to the legislation, it also discusses the challenges a business may face when trying to achieve CPRA compliance. It gives you the confidence to begin your CPRA compliance journey, while highlighting the potential ongoing developments of the CPRA. Buy this book and start implementing your CPRA compliance strategy today!

This book presents the latest and most relevant studies, surveys, and succinct reviews in the field of financial crimes and cybercrime, conducted and gathered by a group of top professionals, scholars, and researchers from China, India, Spain, Italy, Poland, Germany, and Russia. Focusing on the threats posed by and corresponding approaches to controlling financial crime and cybercrime, the book informs readers about emerging trends in the evolution of international crime involving cyber-technologies and the latest financial tools, as well as future challenges that could feasibly be overcome with a more sound criminal legislation framework and adequate criminal management. In turn, the book highlights innovative methods for combating financial crime and cybercrime, e.g., establishing an effective supervision system over P2P; encouraging financial innovation and coordination with international anti-terrorism organizations and multiple countries; improving mechanisms for extraditing and punishing criminals who defect to another country; designing a protection system in accordance with internationally accepted standards; and reforming economic criminal offenses and other methods that will produce positive results in practice. Given its scope, the book will prove useful to legal professionals and researchers alike. It gathers selected proceedings of the 10th International Forum on Crime and Criminal Law in the Global Era (IFCCLGE), held on Nov 20-Dec 1, 2019, in Beijing, China.

ISO/IEC 27701:2019: An introduction to privacy information management offers a concise introduction to the Standard, aiding those organisations looking to improve their privacy information management regime, particularly where ISO/IEC 27701:2019 is involved.

How does the 'on-line' world relate to the 'off-line' world? Is it different, separate, or even unique compared to the off-line world, or just a part thereof? And when do we need to regulate it, and how? These have become important, but complex questions for legislators, policy-makers, regulators, and politicians who design regulatory frameworks to address fast-moving technologies that change society in intricate ways. Over the course of time, governments and international organizations have developed regulatory 'starting points', in order to consistently and effectively deal with ICT and Internet regulation. These offer policy one-liners such as 'what holds off-line, must hold on-line' and 'regulation should be technology-neutral'. This book questions these regulatory starting points in detail and systematically explores their application, meaning and value for international e-regulation. It digs deeper than existing literature in trying to find out in which cases the starting points merit attention, and how we should really use them. This volume is the product of close collaboration and debate between scholars working at the Tilburg Institute for Law, Technology, and Society (TILT), to which international colleagues have added valuable reactions and reflections. The contributions in this volume have been written by TILT researchers Simone van der Hof, Bert-Jaap Koops, Miriam Lips, Sjaak Nouwt, Corien Prins, Maurice Schellekens. and Kees Stuurman, and by guest authors Dan Burk (University of Minnesota), Herbert Burkert (University of St. Gallen), and Yves Poullet (Facultes universitaires Notre-Dame de la Paix, Namur). This is Volume 9 in the Information Technology and Law (IT&Law) Series

Is it possible to achieve cybersecurity while safeguarding the fundamental rights to privacy and data protection? Addressing this question is crucial for contemporary societies, where network and information technologies have taken centre stage in all areas of communal life. This timely book answers the question with a comprehensive approach that combines legal, policy and technological perspectives to capture the essence of the relationship between cybersecurity, privacy and data protection in EU law. The book explores the values, interconnections and tensions inherent to cybersecurity, privacy and data protection within the EU constitutional architecture and its digital agendas. The work's novel analysis looks at the interplay between digital policies, instruments including the GDPR, NIS Directive, cybercrime legislation, e-evidence and cyber-diplomacy measures, and technology as a regulatory object and implementing tool. This original approach, which factors in the connections between engineering principles and the layered configuration of fundamental rights, outlines all possible combinations of the relationship between cybersecurity, privacy and data protection in EU law, from clash to complete reconciliation. An essential read for scholars, legal practitioners and policymakers alike, the book demonstrates that reconciliation between cybersecurity, privacy and data protection relies on explicit and brave political choices that require an active engagement with technology, so as to preserve human flourishing, autonomy and democracy.

Understand your GDPR obligations and prioritise the steps you need to take to comply The GDPR gives individuals significant rights over how their personal information is collected and processed, and places a range of obligations on organisations to be more accountable for data protection. The Regulation applies to all data controllers and processors that handle EU residents' personal information. It supersedes the 1995 EU Data Protection Directive and all EU member states' national laws that are based on it - including the UK's DPA (Data Protection Act) 1998. Failure to comply with the Regulation could result in fines of up to 20 million or 4% of annual global turnover - whichever is greater. This guide is a perfect companion for anyone managing a GDPR compliance project. It provides a detailed commentary on the Regulation, explains the changes you need to make to your data protection and information security regimes, and tells you exactly what you need to do to avoid severe financial penalties. Clear and comprehensive guidance to simplify your GDPR compliance project Now in its fourth edition, EU General Data Protection Regulation (GDPR) - An implementation and compliance guide provides clear and comprehensive guidance on the GDPR. It explains the Regulation and sets out the obligations of data processors and controllers in terms you can understand. Topics covered include: The DPO (data protection officer) role, including whether you need one and what they should do; Risk management and DPIAs (data protection impact assessments), including how, when and why to conduct one; Data subjects' rights, including consent and the withdrawal of consent, DSARs (data subject access requests) and how to handle them, and data controllers and processors' obligations; Managing personal data internationally, including updated guidance following the Schrems II ruling; How to adjust your data protection processes to comply with the GDPR, and the best way of demonstrating that compliance; and A full index of the Regulation to help you find the articles and stipulations relevant to your organisation. Supplemental material While most of the EU GDPR's requirements are broadly unchanged in the UK GDPR, the context is quite different and will have knock-on effects. You may need to update contracts regarding EU-UK data transfers, incorporate standard contractual clauses into existing agreements, and update your policies, processes and procedural documentation as a result of these changes. We have published a supplement that sets out specific extra or amended information for this pocket guide. Click here to download the supplement. About the authors The IT Governance Privacy Team, led by Alan Calder, has substantial experience in privacy, data protection, compliance and information security. This practical experience, their understanding of the background and drivers for the GDPR, and the input of expert consultants and trainers are combined in this must-have guide to GDPR compliance. Start your compliance journey now and buy this book today.

This book identifies the principles that should be applied when processing Big Data in the context of food safety risk assessments. Food safety is a critical goal in the protection of individuals' right to health and the flourishing of the food and feed market. Big Data is fostering new applications capable of enhancing the accuracy of food safety risk assessments. An extraordinary amount of information is analysed to detect the existence or predict the likelihood of future risks, also by means of machine learning algorithms. Big Data and novel analysis techniques are topics of growing interest for food safety agencies, including the European Food Safety Authority (EFSA). This wealth of information brings with it both opportunities and risks concerning the extraction of meaningful inferences from data. However, conflicting interests and tensions among the parties involved are hindering efforts to find shared methods for steering the processing of Big Data in a sound, transparent and trustworthy way. While consumers call for more transparency, food business operators tend to be reluctant to share informational assets. This has resulted in a considerable lack of trust in the EU food safety system. A recent legislative reform, supported by new legal cases, aims to restore confidence in the risk analysis system by reshaping the meaning of data ownership in this domain. While this regulatory approach is being established, breakthrough analytics techniques are encouraging thinking about the next steps in managing food safety data in the age of machine learning. The book focuses on two core topics - data ownership and data governance - by evaluating how the regulatory framework addresses the challenges raised by Big Data and its analysis in an applied, significant, and overlooked domain. To do so, it adopts an interdisciplinary approach that considers both the technological advances and the policy tools adopted in the European Union, while also assuming an ethical perspective when exploring potential solutions. The conclusion puts forward a proposal: an ethical blueprint for identifying the principles - Security, Accountability, Fairness, Explainability, Transparency and Privacy - to be observed when processing Big Data for food safety purposes, including by means of machine learning. Possible implementations are then discussed, also in connection with two recent legislative proposals, namely the Data Governance Act and the Artificial Intelligence Act.

This collection critically explores the use of financial technology (FinTech) and artificial intelligence (AI) in the financial sector and discusses effective regulation and the prevention of crime. Focusing on crypto-assets, InsureTech and the digitisation of financial dispute resolution, the book examines the strategic and ethical aspects of incorporating AI into the financial sector. The volume adopts a comparative legal approach to: critically evaluate the strategic and ethical benefits and challenges of AI in the financial sector; critically analyse the role, values and challenges of FinTech in society; make recommendations on protecting vulnerable customers without restricting financial innovation; and to make recommendations on effective regulation and prevention of crime in these areas. The book will be of interest to teachers and students of banking and financial regulation related modules, researchers in computer science, corporate governance, and business and economics. It will also be a valuable resource for policy makers including government departments, law enforcement agencies, financial regulatory agencies, people employed within the financial services sector, and professional services such as law, and technology.

The Internet has been integral to the globalization of a range of goods and production, from intellectual property and scientific research to political discourse and cultural symbols. Yet the ease with which it allows information to flow at a global level presents enormous regulatory challenges. Understanding if, when, and how the law should regulate online, international flows of information requires a firm grasp of past, present, and future patterns of information flow, and their political, economic, social, and cultural consequences.

In "The Global Flow of Information," specialists from law, economics, public policy, international studies, and other disciplines probe the issues that lie at the intersection of globalization, law, and technology, and pay particular attention to the wider contextual question of Internet regulation in a globalized world. While individual essays examine everything from the pharmaceutical industry to television to "information warfare" against suspected enemies of the state, all contributors address the fundamental question of whether or not the flow of information across national borders can be controlled, and what role the law should play in regulating global information flows.

Ex Machina series

Contributors: Frederick M. Abbott, C. Edwin Baker, Jack M. Balkin, Dan L. Burk, Miguel Angel Centeno, Dorothy E. Denning, James Der Derian, Daniel W. Drezner, Jeremy M. Kaplan, Eddan Katz, Stanley N. Katz, Lawrence Liang, Eli Noam, John G. Palfrey, Jr., Victoria Reyes, and Ramesh Subramanian

This book provides an overview of the topics of data, sovereignty, and governance with respect to data and online activities through a legal lens and from a cybersecurity perspective. This first chapter explores the concepts of data, ownerships, and privacy with respect to digital media and content, before defining the intersection of sovereignty in law with application to data and digital media content. The authors delve into the issue of digital governance, as well as theories and systems of governance on a state level, national level, and corporate/organizational level. Chapter three jumps into the complex area of jurisdictional conflict of laws and the related issues regarding digital activities in international law, both public and private. Additionally, the book discusses the many technical complexities which underlay the evolution and creation of new law and governance strategies and structures. This includes socio-political, legal, and industrial technical complexities which can apply in these areas. The fifth chapter is a comparative examination of the legal strategies currently being explored by a variety of nations. The book concludes with a discussion about emerging topics which either influence, or are influenced by, data sovereignty and digital governance, such as indigenous data sovereignty, digital human rights and self-determination, artificial intelligence, and global digital social responsibility. Cumulatively, this book provides the full spectrum of information, from foundational principles underlining the described topics, through to the larger, more complex, evolving issues which we can foresee ahead of us.

Summary Explains in easy-to-understand terms what executives and senior managers need to know and do about the ever-changing cyber threat landscape. Gives strategic, business-focused guidance and advice relevant to C-suite executives. Provides an effective and efficient framework for managing cyber governance, risk and compliance. Explains what is required to implement an effective cyber security strategy. Description With high-profile cyber attacks, data breaches and fines for GDPR (General Data Protection Regulation) non-compliance hitting the headlines daily, businesses must protect themselves and their reputations, while reassuring stakeholders they take cyber security seriously. Cyber attacks are becoming more sophisticated and prevalent, and the cost of data breaches is soaring. In addition, new regulations and reporting requirements make cyber security a critical business issue. Board members and senior management must understand the threat landscape and the strategies they can employ to establish, implement and maintain effective cyber resilience throughout their organisation. How Cyber Security Can Protect your Business - A guide for all stakeholders provides an effective and efficient framework for managing cyber governance, risk and compliance, which organisations can adapt to meet their own risk appetite and synchronise with their people, processes and technology. It explains what is meant by governance, risk and compliance, how it applies to cyber security and what is required to implement an effective cyber security strategy. The pocket guide: Gives readers a greater understanding of cyber governance, risk and compliance; Explains what executives, senior managers and their advisors need to know and do about the ever-changing cyber threat landscape; Provides context as to why stakeholders need to be aware of and in control of their organisation's cyber risk management and cyber incident response; Gives guidance on building an appropriate and efficient governance framework that enables organisations to demonstrate their cyber approach in a non-technical, strategic, business-focused way; Details an overview process to enable risk assessment, assess existing defence mitigations and provide a framework for developing suitable controls; and Includes a checklist to help readers focus on their higher-priority cyber areas. Suitable for all managers and executives, this pocket guide will be of interest to non-cyber specialists, including non-executive directors, who may be required to review cyber arrangements. For cyber specialists, it provides an approach for explaining cyber issues in non-jargonistic, business-based language. Kick-start your journey to becoming cyber secure - buy this pocket guide today!

Do conceptions of the Rule of Law reflect timeless truths, or are they in fact contingent on a particular information and communications infrastructure - one that we are fast leaving behind? Hildebrandt has engineered a provocative encounter between law and networked digital technologies that cuts to the heart of the dilemma confronting legal institutions in a networked world.' - Julie E. Cohen, Georgetown University, US'Many contemporary authors are wrestling with two technological developments which will change our society beyond recognition: big data analytics and smart technologies. Few though understand, or can explain, these developments in the way Mireille Hildebrandt does. In ambitiously bringing together legal theory, psychology, social ethnology and of course smart agency and ambient intelligence, Hildebrandt gives the most complete study of these vitally important developments. Books are often described as 'must read' though few actually are; this one genuinely is.' - Andrew Murray, London School of Economics, UK This timely book tells the story of the smart technologies that reconstruct our world, by provoking their most salient functionality: the prediction and preemption of our day-to-day activities, preferences, health and credit risks, criminal intent and spending capacity. Mireille Hildebrandt claims that we are in transit between an information society and a data-driven society, which has far reaching consequences for the world we depend on. She highlights how the pervasive employment of machine-learning technologies that inform so-called 'data-driven agency' threaten privacy, identity, autonomy, non-discrimination, due process and the presumption of innocence. The author argues how smart technologies undermine, reconfigure and overrule the ends of the law in a constitutional democracy, jeopardizing law as an instrument of justice, legal certainty and the public good. Nevertheless, the book calls on lawyers, computer scientists and civil society not to reject smart technologies, explaining how further engaging these technologies may help to reinvent the effective protection of the Rule of Law. Academics and researchers interested in the philosophy of law and technology will find this book both discerning and relevant. Practitioners and policy makers in the areas of law, computer science and engineering will benefit from the insight into smart technologies and their impact today.

This open access book focuses on the discrepancies in biobank research regulations that are among the most significant hurdles to effective research collaboration. The General Data Protection Regulation (GDPR) has established stringent requirements for the processing of health and genetic data, while simultaneously allowing considerable multi-level exceptions for the purposes of scientific research. In addition to directly applicable exceptions, the GDPR places the regulatory responsibility for further defining how the Member States strike a balance between the individuals' rights and the public interest in research within their national legal orders. Since Member States' approaches to the trade-off between data subjects' rights on the one hand, and appropriate safeguards on the other, differ according to their ethical and legal traditions, their data protection requirements for research also differ considerably. This study takes a comprehensive approach to determine how the GDPR affects regulatory regimes on the use of personal data in biobanking research, with a particular focus on the balance between individuals' rights, public interest and scientific research. In this regard, it has two main goals: first, to scrutinize the GDPR research regime, its objective and constitutive elements, the impact it has on biobanking, and its role in a changing EU landscape post-Brexit; and second, to examine how various exceptions have been operationalized nationally, and what challenges and opportunities this diversification entails. The book not only captures the complexity GDPR creates for biobanking, but also sheds light on various approaches to tackling the corresponding challenges. It offers the first comprehensive analysis of GDPR for biobanking, and the most up-to-date overview of the national biobank regulatory frameworks in Europe.

The digital era shows an unprecedented worldwide flow of data within multinational companies and their external service providers. Binding Corporate Rules (BCRs) are designed to allow these companies to transfer personal data across borders in compliance with EU Data Protection Law. This is the first work to give an in-depth assessment of the BCR regime. It discusses the origins of the regime and the material requirements of BCR, as well as how they should be applied in practice and made binding on the companies and employees. It also covers how BCRs may provide for enforceable rights for the beneficiaries of the regime and how they should be brought in line with requirements of European rules on private international law. The work also analyses a number of significant academic debates in the areas of transnational private regulation and data protection. It reflects on the debates as to the legitimacy of transnational private regulation as a method of regulating corporate conduct and also focuses on the merits and shortcomings of BCR as a method for regulating global data transfers. This book is essential reading for those who need to understand more about the BCR regime, and require insight into how cross-border data transfers could be better protected in the future.

Vital to the effective functioning of voluntary organisations is the trust of people - the beneficiaries, clients, regulators, donors, volunteers and paid staff. Open, fair and well-managed data protection practice is not just desirable in helping to achieve that trust, but essential. Get it wrong and there is reputational damage and costs attached. Data Protection for voluntary organisations will enable you to set a shining example of best practice and also comply with UK data legislation and the General Data Protection Regulation (GDPR) in force since 2018. This book will help you: * Understand the key principles and elements of data protection * Recognise your main responsibilities as a data controller * Distinguish when you can and can't retain data * Appreciate what the rights of the data subject are Who is this book for? A must-read for anyone in the UK voluntary sector who wants to get beyond tick-box data management. Invaluable to data managers or those who handle personal information such as IT, personnel, marketing and fundraising departments. For professional advisers, and academics it will also offers a valuable summary drawing out key data protection points by examining and interpreting the primary legislation.

This book provides a comparison and practical guide of the data protection laws of Canada, China (Hong Kong, Macau, Taiwan), Laos, Philippines, South Korea, United States and Vietnam. The book builds on the first book Data Protection Law. A Comparative Analysis of Asia-Pacific and European Approaches, Robert Walters, Leon Trakman, Bruno Zeller. As the world comes to terms with Artificial Intelligence (AI), which now pervades the daily lives of everyone. For instance, our smart or Iphone, and smart home technology (robots, televisions, fridges and toys) access our personal data at an unprecedented level. Therefore, the security of that data is increasingly more vulnerable and can be compromised. This book examines the interface of cyber security, AI and data protection. It highlights and recommends that regulators and governments need to undertake wider research and law reform to ensure the most vulnerable in the community have their personal data protected adequately, while balancing the future benefits of the digital economy.

This timely Research Handbook contains an analysis by leading scholars and practitioners of various legal questions concerning cyberspace and cyber activities. Comprehensive and thorough, it succeeds in mapping out the range of international rules that apply to cyberspace and to specific cyber activities, assesses their regulatory efficacy and offers insightful suggestions, where necessary, for revised standards. Contributors examine the application of fundamental international law principles to cyberspace such as the principle of sovereignty, jurisdiction, state responsibility, individual criminal responsibility, human rights and intellectual property rights. They explore the application of international rules to cyber terrorism, cyber espionage, cyber crime, cyber attacks and to cyber war. They deal with the meaning of cyber operations, the ethics of cyber operations as well as with cyber deterrence. Finally, they comment on the cyber security policies of international and regional institutions such as those of the United Nations, the European Union, NATO and of Asian-Pacific institutions. This Research Handbook will benefit scholars in the fields of international law, international relations, public and private law. Researchers will find the suggested future research avenues in this field invaluable whilst policy-makers and practitioners will gain fresh insights into topical issues concerning the regulation of cyberspace and of cyber activities. Contributors: K. Ambos, C. Antonopoulos, L. Arimatsu, K. Bannelier-Christakis, R. Buchan, P. Ducheine, D.P. Fidler, C. Focarelli, T.D. Gill, K. Heath, C. Henderson, P. Kastner, U. Kohl, F. Megret, E. Myjer, H. Nasu, A. Rahmatian, M. Roscini, N.C. Rowe, B. Saul, M. Schmitt, H. Trezise, N. Tsagourias, D. Turns, R.A. Wessel, K. Ziolkowski

Cyberspace is a difficult area for lawyers and lawmakers. With no physical constraining borders, the question of who is the legitimate lawmaker for cyberspace is complex. Rethinking the Jurisprudence of Cyberspace examines how laws can gain legitimacy in cyberspace and identifies the limits of the law?s authority in this space. Two key questions are central to the book: Who has authority to make laws within cyberspace and how do laws in cyberspace achieve legitimacy? Chris Reed and Andrew Murray answer these questions by examining the jurisprudential principles that explain law in the physical world and rethinking them for the cyberworld. In doing so they establish that cyberlaw is more similar to traditional law than previously thought, but that establishing legitimate authority is quite different. This book provides the first thorough examination of the jurisprudence of cyberspace law, asking why any law should be obeyed and how the rule of law is to be maintained there. Academics and researchers who are interested in the regulation of cyberspace will find this to be a compelling study. More broadly, it will appeal to those researching in the fields of transnational legal studies, jurisprudence and legal thought.

This book centres on Webcam Child Sex Tourism and the Sweetie Project initiated by the children's rights organization Terre des Hommes in 2013 in response to the exponential increase of online child abuse. Webcam child sex tourism is a growing international problem, which not only encourages the abuse and sexual exploitation of children and provides easy access to child-abuse images, but which is also a crime involving a relatively low risk for offenders as live-streamed webcam performances leave few traces that law enforcement can use. Moreover, webcam child sex tourism often has a cross-border character, which leads to jurisdictional conflicts and makes it even harder to obtain evidence, launch investigations or prosecute suspects. Terre des Hommes set out to actively tackle webcam child sex tourism by employing a virtual 10-year old Philippine girl named Sweetie, a so-called chatbot, to identify offenders in chatrooms. Sweetie 1.0 could be deployed only if police officers participated in chats, and thus was limited in dealing with the large number of offenders. With this in mind, a more pro-active and preventive approach was adopted to tackle the issue. Sweetie 2.0 was developed with an automated chat function to track, identify and deter individuals using the internet to sexually abuse children. Using chatbots allows the monitoring of larger parts of the internet to locate and identify (potential) offenders, and to send them messages to warn of the legal consequences should they proceed further. But using artificial intelligence raises serious legal questions. For instance, is sexually interacting with a virtual child actually a criminal offence? How do rules of criminal procedure apply to Sweetie as investigative software? Does using Sweetie 2.0 constitute entrapment? This book, the outcome of a comparative law research initiative by Leiden University's Center for Law and Digital Technologies (eLaw) and the Tilburg Institute for Law, Technology, and Society (TILT), addresses the application of substantive criminal law and criminal procedure to Sweetie 2.0 within various jurisdictions around the world. This book is especially relevant for legislators and policy-makers, legal practitioners in criminal law, and all lawyers and academics interested in internet-related sexual offences and in Artificial Intelligence and law. Professor Simone van der Hof is General Director of Research at t he Center for Law and Digital Technologies (eLaw) of the Leiden Law School at Leiden University, The Netherlands. Ilina Georgieva, LL.M., is a PhD researcher at the Faculty of Governance and Global Affairs at Leiden University, Bart Schermer is an associate professor at the Center for Law and Digital Technologies (eLaw) of the Leiden Law School, and Professor Bert-Jaap Koops is Professor of Regulation and Technology at the Tilburg Institute for Law, Technology, and Society (TILT), Tilburg University, The Netherlands.

This book assesses data protection rules that are applicable to the processing of personal data in a law enforcement context. It offers the first extensive analysis of the LED and Regulation (EU) 2018/1725. It illustrates the challenges arising from the unclear delineation between the different data protection instruments at both national and EU level. Taking a practical approach, it exemplifies situations where the application of data protection instruments could give rise to a lowering of data protection standards where the data protection rules applicable in the law enforcement context are interpreted broadly. The scope of data protection instruments applied by law enforcement authorities impacts processing for purposes of border control, migration management and asylum because there is an unclear delineation between the different data protection instruments.

The book provides a detailed overview and analysis of important EU Internet regulatory challenges currently found in various key fields of law directly linked to the Internet such as information technology, consumer protection, personal data, e-commerce and copyright law. In addition, it aims to shed light on the content and importance of various pending legislative proposals in these fields, and of the Court of Justice of the European Union's recent case law in connection with solving the different problems encountered. The book focuses on challenging legal questions that have not been sufficiently analyzed, while also presenting original thinking in connection with the regulation of emerging legal questions. As such, it offers an excellent reference tool for researchers, policymakers, judges, practitioners and law students with a special interest in EU Internet law and regulation.