We are living in an inter-connected, global digital society where the services of different operating systems are universal in nature, but many Internet activities are still being tackled by national laws and regulations. A long-existing question is which law is applicable in cases of Internet activities because the online world does not have any physical boundaries. How the European Union (EU) approaches this duality has become a concern for data protection laws. By analysing some recent Court of Justice of the European Union case laws, this article seeks to discover how the EU data protection law tackles disputes involving transnational issues online, which includes its extra-territorial application and cross-border data transfers. The article also indicates that there is an enormous gap between legislation and practice.
Protection of privacy is currently a debated topic with regard to collecting and processing of location data via smartphones. This article seeks to discover whether meaningful protection of privacy is fostered by default location settings and the practice of seeking users' permission by requiring approval of general terms and conditions, or if these instead cause users to unknowingly share location data. The article also asks whether such practices comply with human rights law and European Union (EU) data protection law. Moreover, the article discusses whether it is feasible to adopt transparent, explicit and specific steps to secure user privacy at all levels of smartphone usage, and argues that users should enjoy some control over personal data associated with smartphone usage, including location, and that this control should be executed under a legal arrangement which also secures users' privacy and enables app developers' or operating system providers' lawful purposes with regard to processing location data.
Article 35 of the General Data Protection Regulation (GDPR) states that data controllers are required to carry out data protection impact assessment (DPIA) if a processing operation, particularly involving the use of new technologies, is 'likely to result in a high risk to the rights and freedoms of natural persons'. The focus in this paper is on the role and responsibilities of data controllers in a smart city platform in assessing 'high risk' and the importance of impact assessment in relation to data processing with the latest technologies for the protection of personal data.
Autonomous or robot vehicles are manufactured with such advanced technologies that they are technically able to operate without human intervention. The number of sensors deployed in automated vehicles is increasing, which runs a high risk of the excessive collection and processing of personal data. Considering European Union and Finnish perspectives on robot buses as an instance of advancements of autonomous vehicles, this article briefly outlines the general legal issues related to developing robot buses, and focuses on public interest and legitimate interest as lawful bases for processing personal data in running such vehicles in the mass transportation system.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.