Electronic health record: Wiring Europe’s healthcare

The European Commission wants to boost the digital economy by enabling all Europeans to have access to online medical records anywhere in Europe by 2020. With the newly enacted Directive 2011/24/EU on patients’ rights in cross-border healthcare due for implementation by 2013, it is inevitable that a centralised European health record system will become a reality even before 2020. However, the concept of a centralised supranational central server raises concern about storing electronic medical records in a central location. The privacy threat posed by a supranational network is a key concern. Cross-border and Interoperable electronic health record systems make confidential data more easily and rapidly accessible to a wider audience and increase the risk that personal data concerning health could be accidentally exposed or easily distributed to unauthorised parties by enabling greater access to a compilation of the personal data concerning health, from different sources, and throughout a lifetime.     

A Behavioural Understanding of Privacy and its Implications for Privacy Law

This article draws upon social interaction theory (the work of Irwin Altman) to develop a theory of the right to privacy, which reflects the way that privacy is experienced. This theory states that the right to privacy is a right to respect for barriers, and that an invasion of privacy occurs when a privacy barrier is penetrated. The first part of the paper establishes the position of the author's theory in the existing scholarship. The second part of the paper expands upon the theory to explain the nature of privacy barriers and the way that the author's theory manages a number of specific privacy issues, including threats to privacy, attempted invasions of privacy, unforeseeable interferences with privacy and waiving the right to privacy. The final part of the paper demonstrates the impact that this approach to privacy could have upon judicial reasoning, in particular Article 8 European Convention on Human Rights.     

Transgender Marriage and the Legal Obligation to Disclose Gender History

Section 12 of the Matrimonial Causes Act 1973 as amended by the Gender Recognition Act 2004 requires transgender people to disclose their ‘gender history’ to the other party to a marriage prior to the marriage ceremony. Failure to do so enables the other party to exit the relationship through nullity proceedings. This article argues that this provision is discriminatory and encroaches on the right to privacy, breaching Articles 14 and 8 of the European Convention on Human Rights. It challenges the idea, implicit in the provision, that non‐disclosure of gender history is unethical or fraudulent. Crucially, the article considers and rejects the claim that discrimination against and encroachments on the privacy of transgender people are justified because inadvertent sexual congress with a transgender person is potentially harmful. Finally, if a consent‐based right to know exists, it argues that it ought to be trumped by considerations of justice, legal consistency and public policy.     

The ‘Right to be Forgotten’ – Worth remembering?

In the last few years there has been a lot of buzz around a so-called ‘right to be forgotten’. Especially in Europe, this catchphrase is heavily debated in the media, in court and by regulators. Since a clear definition has not emerged (yet), the following article will try to raise the veil on this vague concept. The first part will weigh the right’s pros and cons against each other. It will appear that the ‘right to be forgotten’ clearly has merit, but needs better definition to avoid any negative consequences. As such, the right is nothing more than a way to give (back) individuals control over their personal data and make the consent regime more effective. The second part will then evaluate the potential implementation of the right. Measures are required at the normative, economical, technical, as well as legislative level. The article concludes by proposing a ‘right to be forgotten’ that is limited to data processing situations where the individual has given his or her consent. Combined with a public interest exception, this should (partially) restore the power balance and allow individuals a more effective control over their personal data.     

The ITS Directive: More than a timeframe with privacy concerns and a means for access to public data for digital road maps?

Roads are ever more congested, pollution keeps rising and traffic-related deaths remain at unacceptable levels. It is clear that society’s needs with regard to transportation and mobility have become unsustainable. Intelligent Transport Systems (ITS) are often heralded as a potential solution to this problem, yet have still to yield tangible results. The EU has, however, adopted the ITS Directive, aiming for an EU-wide implementation of ITS solutions. Three questions are raised. First, can the ITS Directive really provide for the required substantial provisions in this field? Second, as ITS solutions are often deemed to be pervasive and intrusive, how does the ITS Directive interact with the EU legal framework on privacy and data protection? Third, given the involvement of private commercial entities in the field of providing road, traffic and travel data, can a public–private partnership be found to allow for the re-use of both public and private sector data in ITS solutions?     

Forensic DNA retention: Public perspective studies in the United Kingdom and around the world

This review analysed public perspective studies on forensic DNA retention in the United Kingdom and around the world. The studies generally show strong public support for the long-term or indefinite retention of DNA from convicts and suspects. There is considerable support for the retention of DNA from all or some arrestees and potentially the entire population. This was predicated upon the belief that forensic DNA databases have crime-solving abilities, which the public rate highly. In the UK, it was found that the current Protection of Freedoms Act 2012 regime is broadly representative of the recommendations of the surveyed British public. Nevertheless, the studies highlighted a gap in forensic DNA education among the public, suggesting that public views may not be well informed. Overall, there was clear evidence of privacy concerns and the potential misuse of DNA records among the public, with a significant number opposing the retention of DNA from the innocent. It was found that most of the studies were qualitative or non-representative of the relevant population, limiting the generalisation of the results. There was also limited studies among a representative sample of primary stakeholders who are well-informed or directly exposed to the benefits, challenges and risks associated with DNA retention. A research into stakeholders rating of different forensic DNA retention regimes is therefore highly recommended. This is important because the studies suggest divergent views among criminal justice professionals and other members of the public, with the former expressing expansive views and the latter expressing restrictive views. The primary stakeholder's survey will help establish whether the relevant safeguards have been put in place to protect both public security and individual interests.     

The General Data Protection Regulation and the rise of certification as a regulatory instrument

The endorsement of certification in Article 42 and 43 of the General Data Protection Regulation (hereinafter GDPR) extends the scope of this procedure to the enforcement of fundamental rights. The GDPR also leverages the high flexibility of this procedure to make of certification something else than a voluntary process attesting the conformity with technical standards. This paper argues that the GDPR turned certification into a new regulatory instrument in data protection, I suggest to call it monitored self-regulation, seeking to fill the gap between self-regulation and traditional regulation in order to build a regulation continuum.     

论网络时代隐私权及其法律保护

随着网络规模的爆炸性扩张,计算机网络技术已经改变了人们传统的生存和生活方式,这也使得个人隐私权的保护受到前所未有的严峻挑战。个人数据被非法收集、储存、使用和传播的现象层出不穷,网络隐私权受到多方面的侵犯。我们应综合考虑目前的立法状况和网络时代侵犯隐私权的特征,借鉴他国的先进经验并结合我国具体国情,以国家立法与行业自律相结合的方式,全面保护公民的网络隐私权。     

Solving the legal challenges of trustworthy online identity

Digital identity management is fundamental to the further development of the Internet economy. It is a foundational requirement for most substantive e-commerce transactions and other online activities.     

义务冲突——艾滋病防治中的伦理法律难题

随着艾滋病预防对策的深入研究,新的伦理难题——义务冲突凸显出来。一方面,放弃艾滋病患者的隐私将其患病实情告之其性伴侣以保护其生命权、健康权还是保护艾滋病患者的隐私而漠视其性伴侣的人身权利？同时,鉴于当前艾滋病人犯罪已成为一种新型、危害性比较大的犯罪形式,是保护病人自主、保障艾滋病患者的隐私,还是维护公共健康、放弃艾滋病患者的隐私权？利益权衡中,只能取救死扶伤的道德、法律义务而舍弃保护患者隐私的法律义务,取公共健康而放弃个人权利。