The necessity of the implementation of Privacy by Design in sectors where data protection concerns arise

This article examines the extent to which Privacy by Design can safeguard privacy and personal data within a rapidly evolving society. This paper will first briefly explain the theoretical concept and the general principles of Privacy by Design, as laid down in the General Data Protection Regulation. Then, by indicating specific examples of the implementation of the Privacy by Design approach, it will be demonstrated why the implementation of Privacy by Design is a necessity in a number of sectors where specific data protection concerns arise (biometrics, e-health and video-surveillance) and how it can be implemented.     

政府信息公开形势下的公安档案开放

公安档案开放是实现公民信息利用权和公安档案自身价值的具体体现,在当前我国努力实　　现政府信息公开和依法行政的新形势下,公安档案开放的意义更加深远。公安档案部门应严格按照法　　律法规和政策制度的要求,处理好保密与开放的关系,明确档案开放的范围,严格档案开放的程序,并注　　意公民隐私权的保护。     

European remedial coherence in the regulation of non-consensual disclosures of sexual images

The non-consensual dissemination of sexually explicit images or videos for no legitimate purpose represents a serious sexual violation by means of breaching an individual's ability to control their own sexual identity. This article argues that the only adequate legal response to this behaviour is targeted criminal regulation, and that action on a regional level is within the European Union's competence by virtue of Article 83(1) TFEU. The approaches of EU Member States to the phenomenon through targeted criminal law are examined in order to extract positive and negative elements of the respective regulatory systems. Drawing on the experiences of these States, as well as on existing EU criminal directives, a draft directive is included to illustrate what form a European regional system of criminal regulation may take.     

Data security: Past,present and future

The loss by Her Majesty's Revenue and Customs (HMRC) of two CDs containing 25 million child benefit details has changed the data security landscape forever. No longer is data security the exclusive and rather arcane preserve of spotty technology professionals or data protection lawyers. HMRC has thrust data security onto the front pages of the mainstream media and brought it very suddenly to the top of the political and commercial agendas of senior politicians and boards of directors. In this article, the author will outline the reasons behind the rise of data security as a front line issue and examine the lessons to be learnt from HMRC. He will analyse the different facets of data security risk and explore ways in which organisations can go about managing it. He will outline the attitude of regulators to data security and where regulatory developments are likely to take us. The final part of the article looks into the future, with particular focus on the emergence of privacy enhancing technologies.     

我国强制隔离戒毒的制度检讨

自愿戒毒、社区戒毒和社区康复反映了我国戒毒模式由过去以强制戒毒、劳教戒毒为中心向现在以社区戒毒为中心的转变。戒毒也实现了从行政处罚到治疗矫正的理念嬗变。遗憾的是,现行强制隔离戒毒制度却偏离了这种理念,仍然固守昔日的＂处罚＂逻辑,制度内容和戒毒人员的权利弱化难以体现戒毒人员的主体地位和戒毒的治疗矫正性质。这种现状应得到改变,还强制隔离戒毒以应有面貌,使我国戒毒模式体系真正实现协调和统一。     

界定网络侵犯隐私权的标准及考虑因素

当今时代是一个计算机网络时代,人类从来没有如此依赖过网络。网络发展所带来的负面影响已波及甚广,尤其是网络对隐私权的侵犯更是使得人人自危。因此,应当加快这方面的立法工作,以利于有效的调整互联网关系,维护网络世界的秩序。     

The challenge and imperative of private sector cybersecurity: An international comparison

Attacks on computers and information networks, both public and private, are disclosed in the news daily. Most recently, Apple, Facebook, and Twitter acknowledged that they were attacked and were now taking additional measures to secure their networks. In January of 2013, Kaspersky Labs reported discovering malware that not only targeted government information in Eastern Europe, former Soviet republics, and Central Asia, but also had been actively doing so since 2007. The scope of global cyber attacks is staggering and the solutions to securing property and protecting national security are illusive, in large part because infrastructure is owned and operated by private, rather than public, entities. Nations struggle with choosing the most effective strategy and potential regulation of the private sector in order to reduce overall cybersecurity risk. This paper reviews the nature of cyber threats, and compares the United States and European approach to promoting cybersecurity in the private sector. Furthermore, the paper discusses how different approaches can affect cybersecurity risk, and suggests a framework for visualizing the impact of law and strategy on security.     

Location and tracking of mobile devices: Überveillance stalks the streets

During the last decade, location-tracking and monitoring applications have proliferated, in mobile cellular and wireless data networks, and through self-reporting by applications running in smartphones that are equipped with onboard global positioning system (GPS) chipsets. It is now possible to locate a smartphone user's location not merely to a cell, but to a small area within it. Innovators have been quick to capitalise on these location-based technologies for commercial purposes, and have gained access to a great deal of sensitive personal data in the process. In addition, law enforcement utilises these technologies, can do so inexpensively and hence can track many more people. Moreover, these agencies seek the power to conduct tracking covertly, and without a judicial warrant. This article investigates the dimensions of the problem of people-tracking through the devices that they carry. Location surveillance has very serious negative implications for individuals, yet there are very limited safeguards. It is incumbent on legislatures to address these problems, through both domestic laws and multilateral processes.     

Robots in the cloud with privacy: A new threat to data protection?

The focus of this paper is on the class of robots for personal or domestic use, which are connected to a networked repository on the internet that allows such machines to share the information required for object recognition, navigation and task completion in the real world. The aim is to shed light on how these robots will challenge current rules on data protection and privacy. On one hand, a new generation of network-centric applications could in fact collect data incessantly and in ways that are “out of control,” because such machines are increasingly “autonomous.” On the other hand, it is likely that individual interaction with personal machines, domestic robots, and so forth, will also affect what U.S. common lawyers sum up with the Katz's test as a reasonable “expectation of privacy.” Whilst lawyers continue to liken people's responsibility for the behaviour of robots to the traditional liability for harm provoked by animals, children, or employees, attention should be drawn to the different ways in which humans will treat, train, or manage their robots-in-the-cloud, and how the human–robot interaction may affect the multiple types of information that are appropriate to reveal, share, or transfer, in a given context.     

Mandatory implementation for in-vehicle eCall: Privacy compatible?

This article examines whether there are any objections to implementing a mandatory eCall system in the Community and how these could be dealt with. It starts with a short introduction to the motives why the European Commission considers a mandatory in-vehicle eCall. The art. 29 Working Party has issued a working document on eCall identifying several issues regarding personal data protection. The issues in this document will serve as a reference to determine whether there are any objections regarding data protection to implementing a mandatory eCall system. Additionally we will look at a possible eCall implementation in the Community.