Follow-up. Data protection and privacy in the era of outstanding digitization

From EuroDIG Wiki
Jump to: navigation, search

Please use your own words to describe this session. You may use external references, websites or publications as a source of information or inspiration, if you decide to quote them, please clearly specify the source.


Session teaser

Follow-up on WS7 which will address data protection and privacy in the era of the Cloud, implications of EU regulations and the right to be forgotten in a context of outstanding digitization.

Session description

This is a follow-up session to the Workshop 7 which will be oriented to commenting on all topics discussed during the Workshop with a focus on specific recommendation and outline of the most important aspects.

The world has changed significantly since the Cloud computing revealed its full potential. Alongside with all the positives aspects of the Cloud our society is facing a rather important issue concerning data protection of individuals and businesses.

Some of the major concerns of individuals and business using the cloud are:

  • How is my data protected?
  • How is my data used?
  • Where is my data, and who has access to it?
  • What does the cloud provider do in response to government demands for customer data?

The applicable legal framework shall ensure stability and predictability in terms of data protection, cyber security and data transfer outside EU. Furthermore according to the EU directive (and the national data protection laws) the processing of special categories of personal data is subject to stricter requirements - special categories of personal data: racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and the processing of data concerning health or sex life.

On the other hand IPv6’s huge increase in address space is an important factor in the development of the Internet of Things. With that much number of IPs, humans may easily assign an IP address to every "thing" on the planet. An increase in the number of smart nodes, as well as the amount of upstream data the nodes generate, is expected to raise new concerns about data privacy, data sovereignty and security.

The follow-up of Workshop 7 will be oriented to commenting on all topics discussed during the Workshop with a focus on specific recommendation

Keywords

Data protection, Data portability, Data transfers, Big data, The right to be forgotten, Human rights, Data protection regulations, IoT, Privacy

Format

Roundtable

Further reading

Aticle 29 Working Party Statements on Cloud Computing

EU Data protection directive

Guidelines to help EU businesses use the Cloud

People

  • Focal Point: Radoslav Rizov
  • Org team: Frederic Donck, Mariya Hristova, Stanimir Nenov, Nikola Penchev, Iva Todorov, Ventsislav Popov, Alexander Blagoev,
  • Key participants|Panelists:
    • PhD Nevin Feti
    • Radoslav Rizov
    • Iva Todorova
    • Nikola Penchev
    • Stanimir Nenov
    • Maarten Botterman
    • Alexander Blagoev
    • Tsvetelina Dimitrova
  • Moderator: Radoslav Rizov
  • Reporter: Alexander Blagoev
  • Remote moderator: Mariya Hristova

Conf. call schedule & minutes

Current discussion

See the discussion tab on the upper left side of this page

Mailing list

Contact: ws7@eurodig.org

Video record

Video record

Final report

  • Data protection is not set up to stop the social life, because the social life is impossible without exchanging personal data, what data protection authorities shall do is set the standards which every controller and processor should follow in order to process the data in a proper manner. At the end of the day the people have the right to give or refuse consent to the controller or the processor.
  • Eventually “the right to be forgotten” shall be considered as “the right to be de-indexed” since the links are removed but the original source still exists and may be accessed via other search engines not complying with the obligation of the ECJ.
  • Theoretically it may not be the best idea to leave search engines themselves the task of deciding whether to delete information or not with regards to “the right to be forgotten” claims, because currently the decisions are based on vague, ambiguous and unclear criteria.
  • It is reasonable to consider encryption and firewalls methods in order to protect the data gathered by devices connected to the internet. Internet of things shall be explored in a safe and secure manner with regards to privacy.
  • Society needs more transparency on data that is collected by both the government and the businesses.

Session twitter hashtag

Hashtag: #eurodigws7