This Research Handbook is an insightful overview of the key rules, concepts and tensions in privacy and data protection law. It highlights the increasing global significance of this area of law, illustrating the many complexities in the field through a blend of theoretical and empirical perspectives. Providing an excellent in-depth analysis of global privacy and data protection law, it explores multiple regional and national jurisdictions, bringing together interdisciplinary international contributions from Europe and beyond. Chapters cover critical topics in the field, including key features of the General Data Protection Regulation (GDPR), border surveillance, big data, artificial intelligence, and biometrics. It also investigates the relationship between privacy and data protection law and other fields of law, such as consumer law and competition law. With its detailed exploration and insights into privacy and data protection, this Research Handbook will prove a useful resource for information and media law students as well as academics researching fields such as data protection and privacy law and surveillance or security studies.

This book brings together papers that offer conceptual analyses, highlight issues, propose solutions, and discuss practices regarding privacy, data protection and enforcing rights in a changing world. It is one of the results of the 14th annual International Conference on Computers, Privacy and Data Protection (CPDP), which took place online in January 2021. The pandemic has produced deep and ongoing changes in how, when, why, and the media through which, we interact. Many of these changes correspond to new approaches in the collection and use of our data - new in terms of scale, form, and purpose. This raises difficult questions as to which rights we have, and should have, in relation to such novel forms of data processing, the degree to which these rights should be balanced against other poignant social interests, and how these rights should be enforced in light of the fluidity and uncertainty of circumstances. The book covers a range of topics, such as: digital sovereignty; art and algorithmic accountability; multistakeholderism in the Brazilian General Data Protection law; expectations of privacy and the European Court of Human Rights; the function of explanations; DPIAs and smart cities; and of course, EU data protection law and the pandemic - including chapters on scientific research and on the EU Digital COVID Certificate framework. This interdisciplinary book has been written at a time when the scale and impact of data processing on society - on individuals as well as on social systems - is becoming ever starker. It discusses open issues as well as daring and prospective approaches and is an insightful resource for readers with an interest in computers, privacy and data protection.

The subjects of Privacy and Data Protection are more relevant than ever, and especially since 25 May 2018, when the European General Data Protection Regulation became enforceable. This volume brings together papers that offer conceptual analyses, highlight issues, propose solutions, and discuss practices regarding privacy and data protection. It is one of the results of the eleventh annual International Conference on Computers, Privacy, and Data Protection, CPDP 2018, held in Brussels in January 2018. The book explores the following topics: biometrics and data protection in criminal justice processing, privacy, discrimination and platforms for men who have sex with men, mitigation through data protection instruments of unfair inequalities as a result of machine learning, privacy and human-robot interaction in robotized healthcare, privacy-by-design, personal data protection of deceased data subjects, large-scale face databases and the GDPR, the new Europol regulation, rethinking trust in the Internet of Things, fines under the GDPR, data analytics and the GDPR, and the essence of the right to the protection of personal data. This interdisciplinary book was written while the reality of the General Data Protection Regulation 2016/679 was becoming clear. It discusses open issues and daring and prospective approaches. It will serve as an insightful resource for readers with an interest in computers, privacy and data protection.

The subjects of Privacy and Data Protection are more relevant than ever, and especially since 25 May 2018, when the European General Data Protection Regulation became enforceable. This volume brings together papers that offer conceptual analyses, highlight issues, propose solutions, and discuss practices regarding privacy and data protection. It is one of the results of the eleventh annual International Conference on Computers, Privacy, and Data Protection, CPDP 2018, held in Brussels in January 2018. The book explores the following topics: biometrics and data protection in criminal justice processing, privacy, discrimination and platforms for men who have sex with men, mitigation through data protection instruments of unfair inequalities as a result of machine learning, privacy and human-robot interaction in robotized healthcare, privacy-by-design, personal data protection of deceased data subjects, large-scale face databases and the GDPR, the new Europol regulation, rethinking trust in the Internet of Things, fines under the GDPR, data analytics and the GDPR, and the essence of the right to the protection of personal data. This interdisciplinary book was written while the reality of the General Data Protection Regulation 2016/679 was becoming clear. It discusses open issues and daring and prospective approaches. It will serve as an insightful resource for readers with an interest in computers, privacy and data protection.

This book brings together papers that offer conceptual analyses, highlight issues, propose solutions, and discuss practices regarding privacy, data protection and enforcing rights in a changing world. It is one of the results of the 14th annual International Conference on Computers, Privacy and Data Protection (CPDP), which took place online in January 2021. The pandemic has produced deep and ongoing changes in how, when, why, and the media through which, we interact. Many of these changes correspond to new approaches in the collection and use of our data - new in terms of scale, form, and purpose. This raises difficult questions as to which rights we have, and should have, in relation to such novel forms of data processing, the degree to which these rights should be balanced against other poignant social interests, and how these rights should be enforced in light of the fluidity and uncertainty of circumstances. The book covers a range of topics, such as: digital sovereignty; art and algorithmic accountability; multistakeholderism in the Brazilian General Data Protection law; expectations of privacy and the European Court of Human Rights; the function of explanations; DPIAs and smart cities; and of course, EU data protection law and the pandemic - including chapters on scientific research and on the EU Digital COVID Certificate framework. This interdisciplinary book has been written at a time when the scale and impact of data processing on society - on individuals as well as on social systems - is becoming ever starker. It discusses open issues as well as daring and prospective approaches and is an insightful resource for readers with an interest in computers, privacy and data protection.

This commentary covers all topics and critical aspects elicited by the new European General Data Protection Regulation and its interpretation. The commentary focuses on the regulation itself, including cross-references to further provisions (eg the Police and Criminal Justice Data Protection Directive, the E-Privacy-Directive or the former Data Protection Directive 95/46/EC). Article by article the purpose of a provision is classified, its background, function and structure analysed and its content interpreted. The commentary provides an independent view of all topics, presenting both an overview and specific interpretation that provide far-reaching arguments. The editors and authors are outstanding experts in the field of data protection law well known for their practical as well as structured and thorough approach to data protection issues. They offer suitable solutions and sound arguments especially for international companies, legal councils and corporate lawyers as well as data protection agencies, NGOs and legislators.

The subjects of this volume are more relevant than ever, especially in light of the raft of electoral scandals concerning voter profiling. This volume brings together papers that offer conceptual analyses, highlight issues, propose solutions, and discuss practices regarding privacy and data protection. It is one of the results of the twelfth annual International Conference on Computers, Privacy and Data Protection, CPDP, held in Brussels in January 2019. The book explores the following topics: dataset nutrition labels, lifelogging and privacy by design, data protection iconography, the substance and essence of the right to data protection, public registers and data protection, modelling and verification in data protection impact assessments, examination scripts and data protection law in Cameroon, the protection of children's digital rights in the GDPR, the concept of the scope of risk in the GDPR and the ePrivacy Regulation. This interdisciplinary book has been written at a time when the scale and impact of data processing on society - not only on individuals, but also on social systems - is becoming ever starker. It discusses open issues as well as daring and prospective approaches, and will serve as an insightful resource for readers with an interest in computers, privacy and data protection.

This book examines the ability of citizens across ten European countries to exercise their democratic rights to access their personal data. It presents a socio-legal research project, with the researchers acting as citizens, or data subjects, and using ethnographic data collection methods. The research presented here evidences a myriad of strategies and discourses employed by a range of public and private sector organizations as they obstruct and restrict citizens' attempts to exercise their informational rights. The book also provides an up-to-date legal analysis of legal frameworks across Europe concerning access rights and makes several policy recommendations in the area of informational rights. It provides a unique and unparalleled study of the law in action which uncovered the obstacles that citizens encounter if they try to find out what personal data public and private sector organisations collect and store about them, how they process it, and with whom they share it. These are simple questions to ask, and the right to do so is enshrined in law, but getting answers to these questions was met by a raft of strategies which effectively denied citizens their rights. The book documents in rich ethnographic detail the manner in which these discourses of denial played out in the ten countries involved, and explores in depth the implications for policy and regulatory reform.

This book is about enforcing privacy and data protection. It demonstrates different approaches - regulatory, legal and technological - to enforcing privacy. If regulators do not enforce laws or regulations or codes or do not have the resources, political support or wherewithal to enforce them, they effectively eviscerate and make meaningless such laws or regulations or codes, no matter how laudable or well-intentioned. In some cases, however, the mere existence of such laws or regulations, combined with a credible threat to invoke them, is sufficient for regulatory purposes. But the threat has to be credible. As some of the authors in this book make clear - it is a theme that runs throughout this book - "carrots" and "soft law" need to be backed up by "sticks" and "hard law". The authors of this book view privacy enforcement as an activity that goes beyond regulatory enforcement, however. In some sense, enforcing privacy is a task that befalls to all of us. Privacy advocates and members of the public can play an important role in combatting the continuing intrusions upon privacy by governments, intelligence agencies and big companies. Contributors to this book - including regulators, privacy advocates, academics, SMEs, a Member of the European Parliament, lawyers and a technology researcher - share their views in the one and only book on Enforcing Privacy.

The subjects of Privacy and Data Protection are more relevant than ever with the European General Data Protection Regulation (GDPR) becoming enforceable in May 2018. This volume brings together papers that offer conceptual analyses, highlight issues, propose solutions, and discuss practices regarding privacy and data protection. It is one of the results of the tenth annual International Conference on Computers, Privacy and Data Protection, CPDP 2017, held in Brussels in January 2017. The book explores Directive 95/46/EU and the GDPR moving from a market framing to a 'treaty-base games frame', the GDPR requirements regarding machine learning, the need for transparency in automated decision-making systems to warrant against wrong decisions and protect privacy, the riskrevolution in EU data protection law, data security challenges of Industry 4.0, (new) types of data introduced in the GDPR, privacy design implications of conversational agents, and reasonable expectations of data protection in Intelligent Orthoses. This interdisciplinary book was written while the implications of the General Data Protection Regulation 2016/679 were beginning to become clear. It discusses open issues, and daring and prospective approaches. It will serve as an insightful resource for readers with an interest in computers, privacy and data protection.

This book is about enforcing privacy and data protection. It demonstrates different approaches - regulatory, legal and technological - to enforcing privacy. If regulators do not enforce laws or regulations or codes or do not have the resources, political support or wherewithal to enforce them, they effectively eviscerate and make meaningless such laws or regulations or codes, no matter how laudable or well-intentioned. In some cases, however, the mere existence of such laws or regulations, combined with a credible threat to invoke them, is sufficient for regulatory purposes. But the threat has to be credible. As some of the authors in this book make clear - it is a theme that runs throughout this book - "carrots" and "soft law" need to be backed up by "sticks" and "hard law". The authors of this book view privacy enforcement as an activity that goes beyond regulatory enforcement, however. In some sense, enforcing privacy is a task that befalls to all of us. Privacy advocates and members of the public can play an important role in combatting the continuing intrusions upon privacy by governments, intelligence agencies and big companies. Contributors to this book - including regulators, privacy advocates, academics, SMEs, a Member of the European Parliament, lawyers and a technology researcher - share their views in the one and only book on Enforcing Privacy.

This volume brings together papers that offer methodologies, conceptual analyses, highlight issues, propose solutions, and discuss practices regarding privacy and data protection. It is one of the results of the eight annual International Conference on Computers, Privacy, and Data Protection, CPDP 2015, held in Brussels in January 2015. The book explores core concepts, rights and values in (upcoming) data protection regulation and their (in)adequacy in view of developments such as Big and Open Data, including the right to be forgotten, metadata, and anonymity. It discusses privacy promoting methods and tools such as a formal systems modeling methodology, privacy by design in various forms (robotics, anonymous payment), the opportunities and burdens of privacy self management, the differentiating role privacy can play in innovation. The book also discusses EU policies with respect to Big and Open Data and provides advice to policy makers regarding these topics. Also attention is being paid to regulation and its effects, for instance in case of the so-called 'EU-cookie law' and groundbreaking cases, such as Europe v. Facebook. This interdisciplinary book was written during what may turn out to be the final stages of the process of the fundamental revision of the current EU data protection law by the Data Protection Package proposed by the European Commission. It discusses open issues and daring and prospective approaches. It will serve as an insightful resource for readers with an interest in privacy and data protection.

This timely interdisciplinary work on current developments in ICT and privacy/data protection, coincides as it does with the rethinking of the Data Protection Directive, the contentious debates on data sharing with the USA (SWIFT, PNR) and the judicial and political resistance against data retention. The authors of the contributions focus on particular and pertinent issues from the perspective of their different disciplines which range from the legal through sociology, surveillance studies and technology assessment, to computer sciences. Such issues include cutting-edge developments in the field of cloud computing, ambient intelligence and PETs; data retention, PNR-agreements, property in personal data and the right to personal identity; electronic road tolling, HIV-related information, criminal records and teenager's online conduct, to name but a few.

On 25 January 2012, the European Commission presented its long awaited new "Data protection package". With this proposal for a drastic revision of the data protection framework in Europe, it is fair to say that we are witnessing a rebirth of European data protection, and perhaps, its passage from an impulsive youth to a more mature state. Technology advances rapidly and mobile devices are significantly changing the landscape. Increasingly, we carry powerful, connected, devices, whose location and activities can be monitored by various stakeholders. Very powerful social network sites emerged in the first half of last decade, processing personal data of many millions of users. Updating the regulatory network was imminent and the presentation of the new package will initiate a period of intense debate in which the proposals will be thoroughly commented upon and criticized, and numerous amendments will undoubtedly be proposed. This volume brings together some 19 chapters offering conceptual analyses, highlighting issues, proposing solutions, and discussing practices regarding privacy and data protection. In the first part of the book, conceptual analyses of concepts such as privacy and anonymity are provided. The second section focuses on the contrasted positions of digital natives and ageing users in the information society. The third section provides four chapters on privacy by design, including discussions on roadmapping and concrete techniques. The fourth section is devoted to surveillance and profiling, with illustrations from the domain of smart metering, self-surveillance and the benefits and risks of profiling. The book concludes with case studies pertaining to communicating privacy in organisations, the fate of a data protection supervisor in one of the EU member states and data protection in social network sites and online media. This volume brings together some 19 chapters offering conceptual analyses, highlighting issues, proposing solutions, and discussing practices regarding privacy and data protection. In the first part of the book, conceptual analyses of concepts such as privacy and anonymity are provided. The second section focuses on the contrasted positions of digital natives and ageing users in the information society. The third section provides four chapters on privacy by design, including discussions on roadmapping and concrete techniques. The fourth section is devoted to surveillance and profiling, with illustrations from the domain of smart metering, self-surveillance and the benefits and risks of profiling. The book concludes with case studies pertaining to communicating privacy in organisations, the fate of a data protection supervisor in one of the EU member states and data protection in social network sites and online media.

This book on privacy and data protection offers readers conceptual analysis as well as thoughtful discussion of issues, practices, and solutions. It features results of the seventh annual International Conference on Computers, Privacy, and Data Protection, CPDP 2014, held in Brussels January 2014. The book first examines profiling, a persistent core issue of data protection and privacy. It covers the emergence of profiling technologies, on-line behavioral tracking, and the impact of profiling on fundamental rights and values. Next, the book looks at preventing privacy risks and harms through impact assessments. It contains discussions on the tools and methodologies for impact assessments as well as case studies. The book then goes on to cover the purported trade-off between privacy and security, ways to support privacy and data protection, and the controversial right to be forgotten, which offers individuals a means to oppose the often persistent digital memory of the web. Written during the process of the fundamental revision of the current EU data protection law by the Data Protection Package proposed by the European Commission, this interdisciplinary book presents both daring and prospective approaches. It will serve as an insightful resource for readers with an interest in privacy and data protection.

One of the most challenging issues facing our current information society is the accelerating accumulation of data trails in transactional and communication systems, which may be used not only to profile the behaviour of individuals for commercial, marketing and law enforcement purposes, but also to locate and follow things and actions. Data mining, convergence, interoperability, ever- increasing computer capacities and the extreme miniaturisation of the hardware are all elements which contribute to a major contemporary challenge: the profiled world. This interdisciplinary volume offers twenty contributions that delve deeper into some of the complex but urgent questions that this profiled world addresses to data protection and privacy. The chapters of this volume were all presented at the second Conference on Privacy and Data Protection (CPDP2009) held in Brussels in January 2009 (www.cpdpconferences.org). The yearly CPDP conferences aim to become Europe's most important meeting where academics, practitioners, policy-makers and activists come together to exchange ideas and discuss emerging issues in information technology, privacy and data protection and law. This volume reflects the richness of the conference, containing chapters by leading lawyers, policymakers, computer, technology assessment and social scientists. The chapters cover generic themes such as the evolution of a new generation of data protection laws and the constitutionalisation of data protection and more specific issues like security breaches, unsolicited adjustments, social networks, surveillance and electronic voting. This book not only offers a very close and timely look on the state of data protection and privacy in our profiled world, but it also explores and invents ways to make sure this world remains a world we want to live in.

This volume brings together papers that offer conceptual analyses, highlight issues, propose solutions, and discuss practices regarding privacy and data protection. The first section of the book provides an overview of developments in data protection in different parts of the world. The second section focuses on one of the most captivating innovations of the data protection package: how to forget, and the right to be forgotten in a digital world. The third section presents studies on a recurring, and still important and much disputed, theme of the Computers, Privacy and Data Protection (CPDP) conferences : the surveillance, control and steering of individuals and groups of people and the increasing number of performing tools (data mining, profiling, convergence) to achieve those objectives. This part is illustrated by examples from the domain of law enforcement and smart surveillance. The book concludes with five chapters that advance our understanding of the changing nature of privacy (concerns) and data protection.

On 25 January 2012, the European Commission presented its long awaited new Data protection package . With this proposal for a drastic revision of the data protection framework in Europe, it is fair to say that we are witnessing a rebirth of European data protection, and perhaps, its passage from an impulsive youth to a more mature state. Technology advances rapidly and mobile devices are significantly changing the landscape. Increasingly, we carry powerful, connected, devices, whose location and activities can be monitored by various stakeholders. Very powerful social network sites emerged in the first half of last decade, processing personal data of many millions of users. Updating the regulatory network was imminent and the presentation of the new package will initiate a period of intense debate in which the proposals will be thoroughly commented upon and criticized, and numerous amendments will undoubtedly be proposed.

This volume brings together some 19 chapters offering conceptual analyses, highlighting issues, proposing solutions, and discussing practices regarding privacy and data protection. In the first part of the book, conceptual analyses of concepts such as privacy and anonymity are provided. The second section focuses on the contrasted positions of digital natives and ageing users in the information society. The third section provides four chapters on privacy by design, including discussions on roadmapping and concrete techniques. The fourth section is devoted to surveillance and profiling, with illustrations from the domain of smart metering, self-surveillance and the benefits and risks of profiling. The book concludes with case studies pertaining to communicating privacy in organisations, the fate of a data protection supervisor in one of the EU member states and data protection in social network sites and online media.

This volume brings together some 19 chapters offering conceptual analyses, highlighting issues, proposing solutions, and discussing practices regarding privacy and data protection. In the first part of the book, conceptual analyses of concepts such as privacy and anonymity are provided. The second section focuses on the contrasted positions of digital natives and ageing users in the information society. The third section provides four chapters on privacy by design, including discussions on roadmapping and concrete techniques. The fourth section is devoted to surveillance and profiling, with illustrations from the domain of smart metering, self-surveillance and the benefits and risks of profiling. The book concludes with case studies pertaining to communicating privacy in organisations, the fate of a data protection supervisor in one of the EU member states and data protection in social network sites and online media."

Virtually all organisations collect, use, process and share personal data from their employees, customers and/or citizens. In doing so, they may be exposing themselves to risks, from threats and vulnerabilities, of that data being breached or compromised by negligent or wayward employees, hackers, the police, intelligence agencies or third-party service providers. A recent study by the Ponemon Institute found that 70 per cent of organisations surveyed had suffered a data breach in the previous year.
Privacy impact assessment is a tool, a process, a methodology to identify, assess, mitigate or avoid privacy risks and, in collaboration with stakeholders, to identify solutions.
Contributors to this book privacy commissioners, academics, consultants, practitioners, industry representatives are among the world s leading PIA experts. They share their experience and offer their insights to the reader in the policy and practice of PIA in Australia, Canada, New Zealand, the United Kingdom, the United States and elsewhere.
This book, the first such on privacy impact assessment, will be of interest to any organisation that collects or uses personal data and, in particular, to regulators, policy-makers, privacy professionals, including privacy, security and information officials, consultants, system architects, engineers and integrators, compliance lawyers and marketing professionals.
In his Foreword, surveillance studies guru Gary Marx says, This state-of-the-art book describes the most comprehensive tool yet available for policy-makers to evaluate new personal data information technologies before they are introduced. This book could save your organisation many thousands or even millions of euros (or dollars) and the damage to your organisation s reputation and to the trust of employees, customers or citizens if it suffers a data breach that could have been avoided if only it had performed a privacy impact assessment before deploying a new technology, product, service or other initiative involving personal data.
"

Although Europe has a significant legal data protection framework, built up around EU Directive 95/46/EC and the Charter of Fundamental Rights, the question of whether data protection and its legal framework are 'in good health' is increasingly being posed. Advanced technologies raise fundamental issues regarding key concepts of data protection. Falling storage prices, increasing chips performance, the fact that technology is becoming increasingly embedded and ubiquitous, the convergence of technologies and other technological developments are broadening the scope and possibilities of applications rapidly. Society however, is also changing, affecting the privacy and data protection landscape. The 'demand' for free services, security, convenience, governance, etc, changes the mindsets of all the stakeholders involved. Privacy is being proclaimed dead or at least worthy of dying by the captains of industry; governments and policy makers are having to manoeuvre between competing and incompatible aims; and citizens and customers are considered to be indifferent. In the year in which the plans for the revision of the Data Protection Directive will be revealed, the current volume brings together a number of chapters highlighting issues, describing and discussing practices, and offering conceptual analysis of core concepts within the domain of privacy and data protection. The book's first part focuses on surveillance, profiling and prediction; the second on regulation, enforcement, and security; and the third on some of the fundamental concepts in the area of privacy and data protection. Reading the various chapters it appears that the 'patient' needs to be cured of quite some weak spots, illnesses and malformations. European data protection is at a turning point and the new challenges are not only accentuating the existing flaws and the anticipated difficulties, but also, more positively, the merits and the need for strong and accurate data protection practices and rules in Europe, and elsewhere.

data. Furthermore, the European Union established clear basic principles for the collection, storage and use of personal data by governments, businesses and other organizations or individuals in Directive 95/46/EC and Directive 2002/58/EC on Privacy and Electronic communications. Nonetheless, the twenty-?rst century citizen - utilizing the full potential of what ICT-technology has to offer - seems to develop a digital persona that becomes increasingly part of his individual social identity. From this perspective, control over personal information is control over an aspect of the identity one projects in the world. The right to privacy is the freedom from unreasonable constraints on one's own identity. Transactiondata-bothtraf?candlocationdata-deserveourparticularattention. As we make phone calls, send e-mails or SMS messages, data trails are generated within public networks that we use for these communications. While traf?c data are necessary for the provision of communication services, they are also very sensitive data. They can give a complete picture of a person's contacts, habits, interests, act- ities and whereabouts. Location data, especially if very precise, can be used for the provision of services such as route guidance, location of stolen or missing property, tourist information, etc. In case of emergency, they can be helpful in dispatching assistance and rescue teams to the location of a person in distress. However, p- cessing location data in mobile communication networks also creates the possibility of permanent surveillance.

This timely interdisciplinary work on current developments in ICT and privacy/data protection, coincides as it does with the rethinking of the Data Protection Directive, the contentious debates on data sharing with the USA (SWIFT, PNR) and the judicial and political resistance against data retention. The authors of the contributions focus on particular and pertinent issues from the perspective of their different disciplines which range from the legal through sociology, surveillance studies and technology assessment, to computer sciences. Such issues include cutting-edge developments in the field of cloud computing, ambient intelligence and PETs; data retention, PNR-agreements, property in personal data and the right to personal identity; electronic road tolling, HIV-related information, criminal records and teenager's online conduct, to name but a few.

One of the most challenging issues facing our current information society is the accelerating accumulation of data trails in transactional and communication systems, which may be used not only to profile the behaviour of individuals for commercial, marketing and law enforcement purposes, but also to locate and follow things and actions. Data mining, convergence, interoperability, ever- increasing computer capacities and the extreme miniaturisation of the hardware are all elements which contribute to a major contemporary challenge: the profiled world. This interdisciplinary volume offers twenty contributions that delve deeper into some of the complex but urgent questions that this profiled world addresses to data protection and privacy. The chapters of this volume were all presented at the second Conference on Privacy and Data Protection (CPDP2009) held in Brussels in January 2009 (www.cpdpconferences.org). The yearly CPDP conferences aim to become Europe's most important meeting where academics, practitioners, policy-makers and activists come together to exchange ideas and discuss emerging issues in information technology, privacy and data protection and law. This volume reflects the richness of the conference, containing chapters by leading lawyers, policymakers, computer, technology assessment and social scientists. The chapters cover generic themes such as the evolution of a new generation of data protection laws and the constitutionalisation of data protection and more specific issues like security breaches, unsolicited adjustments, social networks, surveillance and electronic voting. This book not only offers a very close and timely look on the state of data protection and privacy in our profiled world, but it also explores and invents ways to make sure this world remains a world we want to live in.

New technologies affect the legal system, but do they and should they also affect constitutional rights? These are questions that every country has to address, taking into account their constitutional system and legal tradition. This book surveys changes in constitutional rights and human-rights policy related to developments in ICT and new technologies in the USA, Canada, France, Germany, Sweden, Belgium and the Netherlands. The seven country reports provide in-depth accounts of changes to the constitutional system (such as a constitutional review and the influence of international law), case law and (policy) developments with respect to freedom of expression, privacy, inviolability of the body, inviolability of the home and freedom of communication. The book is recommended to policy-makers, members of the judiciary, academics and practitioners, as it provides inspiration for diverging strategies to achieve continued protection for the widely-shared constitutional values of privacy and freedom of expression.

This book offers conceptual analyses, highlights issues, proposes solutions, and discusses practices regarding privacy and data protection in transitional times. It is one of the results of the 15th annual International Conference on Computers, Privacy and Data Protection (CPDP), which was held in Brussels in May 2022. We are in a time of transition. Artificial Intelligence is making significant breakthroughs in how humans use data and information, and is changing our lives in virtually all aspects. The pandemic has pushed society to adopt changes in how, when, why, and the media through which, we interact. A new generation of European digital regulations - such as the AI Act, Digital Services Act, Digital Markets Act, Data Governance Act, and Data Act - is on the horizon. This raises difficult questions as to which rights we should have, the degree to which these rights should be balanced against other poignant social interests, and how these rights should be enforced in light of the fluidity and uncertainty of circumstances. The book covers a range of topics, including: data protection risks in European retail banks; data protection, privacy legislation, and litigation in China; synthetic data generation as a privacy-preserving technique for the training of machine learning models; effectiveness of privacy consent dialogues; legal analysis of the role of individuals in data protection law; and the role of data subject rights in the platform economy. This interdisciplinary book has been written at a time when the scale and impact of data processing on society - on individuals as well as on social systems - is becoming ever more important. It discusses open issues as well as daring and prospective approaches and is an insightful resource for readers with an interest in computers, privacy and data protection.