Anonymisation of personal data – A missed opportunity for the European Commission

As early as the 1970's, privacy studies recognised that ‘anonymisation’ needed to be approached with caution. This caution has since been vindicated by the increasing sophistication of techniques for reidentification. Yet the courts in the UK have so far only hesitatingly grappled with the issues involved, while European courts have produced no guidance.     

Russian PNR system: Data protection issues and global prospects

The usage of Passenger Name Record (PNR) for security purposes is growing worldwide. At least six countries have PNR systems; over thirty are planning to introduce them. On 1 December 2013, a Russian PNR system will be implemented. But enhanced collection of personal data leads to increased surveillance and privacy concerns. Russian authorities state that passengers' rights will be respected, but a closer look at the Russian regime reveals a number of critical points. From a global perspective, the Russian regime is only one of many PNR systems, including new ones to come in the future. Apparently, for the majority of them, similar challenges and problems will apply. At the same time, for the EU, with its strict data protection requirements, PNR requests by third countries (i.e. non-EU countries) create conflicts of laws. In order to resolve them, the EU concludes bilateral PNR agreements. However, the current deals, especially the one between the EU and the USA, involve a number of weaknesses. Accepting the latter, and having a pending proposal on the EU PNR system, the EU has weakened its position in negotiations with third countries. How will the EU deal with the Russian as well as with all the future requests for PNR? This paper provides legal analysis of the Russian PNR regime, pointing out common problems and giving prognosis on the global situation.     

Say cheese! Privacy and facial recognition

The popular social networking site, Facebook, recently launched a facial recognition tool to help users tag photographs they uploaded to Facebook. This generated significant controversy, arising as much as anything, from the company’s failure to adequately inform users of this new service and to explain how the technology works.The incident illustrates the sensitivity of facial recognition technology and the potential conflict with data privacy laws. However, facial recognition has been around for some time and is used by businesses and public organisations for a variety of purposes – primarily in relation to law enforcement, border control, photo editing and social networking. There are also indications that the technology could be used by commercial entities for marketing purposes in the future.This article considers the technology, its practical applications and the manner in which European data protection laws regulate its use. In particular, how much control should we have over our own image? What uses of this technology are, and are not, acceptable? Ultimately, does European data protection law provide an adequate framework for this technology? Is it a framework which protects the privacy of individuals without unduly constraining the development of innovative and beneficial applications and business models?     

The limits of privacy in automated profiling and data mining

Automated profiling of groups and individuals is a common practice in our information society. The increasing possibilities of data mining significantly enhance the abilities to carry out such profiling. Depending on its application, profiling and data mining may cause particular risks such as discrimination, de-individualisation and information asymmetries. In this article we provide an overview of the risks associated with data mining and the strategies that have been proposed over the years to mitigate these risks. From there we shall examine whether current safeguards that are mainly based on privacy and data protection law (such as data minimisation and data exclusion) are sufficient. Based on these findings we shall suggest alternative policy options and regulatory instruments for dealing with the risks of data mining, integrating ideas from the field of computer science and that of law and ethics.     

European national news

The regular article tracking developments at the national level in key European countries in the area of IT and communications – co-ordinated by Herbert Smith LLP and contributed to by firms across Europe. This column provides a concise alerting service of important national developments in key European countries. Part of its purpose is to compliment the Journal’s feature articles and briefing notes by keeping readers abreast of what is currently happening “on the ground” at a national level in implementing EU level legislation and international conventions and treaties. Where an item of European National News is of particular significance, CLSR may also cover it in more detail in the current or a subsequent edition.     

Are Internet protocol addresses personal data? The fight against online copyright infringement

Internet Protocol addresses [IP addresses] are central for Internet electronic communications. They individualize computers and their users to make the delivery of data packets possible. IP addresses are also often used to identify websurfers for litigation purposes. In particular, they constitute a key in the fight against online copyright infringement to identify infringers. However, it is a matter of dispute to know if IP addresses are personal data. In a review of relevant case law, the present paper seeks to identify when IP addresses are - or should be - considered as personal data. It suggests a contextual approach to the concept of personal data.     

Body scanners versus privacy and data protection

In recent history, the world has experienced dramatic events which have had a substantial effect on the balance between human rights protection and security measures. Body scanners installed at airports are intended to protect our lives. But at the same time they have a serious impact on privacy and data protection. The international legislation allows limiting people’s rights and freedoms, but only if it is in accordance with the law and is proportionate and necessary for national security, public safety and for the protection of the rights and freedoms of others. Do body scanners respect these principles? The article examines the current situation, its background and future prospects. It discusses and analyzes the key terms and legal instruments, problems, disputes and proposed “safeguards”. The work concludes by pointing out the unlawfulness of current regimes and sets forth perspective on the possible solutions.     

基于外贸视角的经济增长方式转型——以长江三角洲地区为例

中国发达地区传统的经济增长方式转型是牵引中国经济持续发展的主要动力。从对外贸易的角度审视,尽管长江三角洲地区外贸总量快速增长,但加工贸易增值系数和经济效益不高,在全球产业链中处于低端。以往依靠税收优惠和稀缺土地资源进行的招商引资,在带动地区经济规模的扩张和外贸粗放增长的同时,也产生了成本上升和资源无法支撑外贸继续发展的副作用。频繁遭遇的各种贸易壁垒,则从国外市场的需求和生产技术国际标准方面,构成了对长三角地区外贸发展模式的倒逼机制。增强自主技术创新的能力,积极探索引资方式的创新,稳步推进“走出去”的多元化战略,建设和完善高效应对贸易摩擦的机制,才能实现经济持续、稳健、快速的发展。     

大数据技术运用嵌入“智慧党建”的底层逻辑与发展图景北大核心SSCI

《中共中央关于加强党的政治建设的意见》明确提出了运用大数据等新兴技术推进“智慧党建”的要求。虽然相关实践活动得以积极开展,但目前对于大数据技术运用嵌入“智慧党建”的底层逻辑和发展图景还缺乏更清晰的认识。“智慧党建”的规定性要求与主要趋向应集中体现于蓄力智能创新、强化党的领导、加强政治建设、运用新兴技术及建设系统体系诸方面。相关底层逻辑应聚焦于增强“智慧党建”的感知化、互联化、智能化、科学性及安全性等方面。相关发展图景应围绕着在“智慧党建”中不断强化政治统领作用、推动党员坚定理想信念、提升组织活动的质与效、增进与群众的血肉联系、加强执纪守法管控力度、促动优良制度生成优化及实现监督监控工作创新等层面而展开。     

Digital traces and physical activities: opportunities,challenges and pitfalls

The strong integration of consumer electronics in everyday life offers many new investigative opportunities. In particular, digital traces from smartphones, smartwatches and activity trackers can now increasingly be used to infer information about actions performed by their users in the physical world that might not be obtainable from any other types of forensic evidence.While potentially very valuable from an investigative perspective, making forensically justifiable statements about such traces can sometimes be more difficult than expected. Requirements for this have not yet received much attention in the digital forensic literature. To help filling this gap, we describe the principles we use in determining the evidential value of such traces, which emphasize the need for experimental verification. For such research, aimed at determining the evidential value of these traces, we coin the term data2activity.In this paper, we devote attention to the potential and limitations of data2activity traces, focusing on challenges and giving two examples to illustrate potential pitfalls in interpreting data. Finally, future research directions into data2activity traces are indicated that, in our opinion, should be given attention. These include development of future-proof data acquisition and storage methodology, enabling division-of-effort and sharing of information, as well as development of labeling methodology for free-living experiments.