Catalyzing Privacy Law

Chander, Anupam; Kaminski, Margot E.; McGeveran, William

doi:10.2139/ssrn.3433922

Cited by 22 publications

(15 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…While there seems to be little desire to have a power-based European leadership on data protection, the principles and rights enshrined in the GDPR inspire legislators across the world to adopt similar provisions. Even some US states such as California have recently begun to update their regulatory framework, which also takes into account some GDPR features and principles (Rothstein & Tovino, 2019, p. 5;Chander et al, 2021).…”

Section: Section 5 Discussionmentioning

confidence: 99%

Extraterritorial application of the GDPR: promoting European values or power?

Gstrein

Zwitter

2021

Internet Policy Review

View full text Add to dashboard Cite

This article examines whether the territorial scope of the EU General Data Protection Regulation promotes European values. While the regulation received international attention, it remains questionable whether provisions with extraterritorial effect support a power-based approach or a value-driven strategy. Developments around the enforceability of a 'right to be forgotten' , or the difficulties in regulating transatlantic data flows, raise doubts as to whether unilateral standard setting does justice to the plurality and complexity of the digital sphere. We conclude that extraterritorial application of EU data protection law currently adopts a power-based approach which does not promote European values sustainably. Rather, it evokes wrong expectations about the universality of individual rights.

show abstract

Section: Section 5 Discussionmentioning

confidence: 99%

Extraterritorial application of the GDPR: promoting European values or power?

Gstrein

Zwitter

2021

Internet Policy Review

View full text Add to dashboard Cite

show abstract

“…In contrast to the EU approach, the US approach lacks a federal level, comprehensive data protection regulation for the private sector (Chander, Kaminski, and McGeveran, 2021). Instead, federal law on privacy is specific to particular sectors and activities, such as for example the Children's Online Privacy Protection Act (COPPA), the Gramm Leach Bliley Act (GLBA) concerning data collected by the financial service industry, the Fair Credit Reporting Act (FCRA) concerning credit data; the Health Information Portability and Accountability Act, protecting health information.…”

Section: Us Macro-level Data Governance Approachmentioning

confidence: 99%

Personal data ordering in context: the interaction of meso-level data governance regimes with macro frameworks

Bodó¹,

Irion²,

Janssen³

et al. 2021

Internet Policy Review

View full text Add to dashboard Cite

The technological infrastructures enabling the collection, processing, and trading of data have fuelled a rapid innovation of data governance models. We differentiate between macro, meso, and micro level models, which correspond to major political blocks; societal-, industry-, or community level systems, and individual approaches, respectively. We focus on meso-level models, which coalesce around: (1) organisations prioritising their own interests over interests of other stakeholders; (2) organisations offering technological and legal tools aiming to empower individuals; (3) community-based data intermediaries fostering collective rights and interests. In this article we assess these meso-level models, and discuss their interaction with the macro-level legal frameworks that have evolved in the US, the EU, and China. The legal landscape has largely remained inconsistent and fragmented, with enforcement struggling to keep up with the latest developments. We argue, first, that the success of meso-logics is largely defined by global economic competition, and, second, that these meso-logics may potentially put the EU's macrolevel framework with its mixed internal market and fundamental rights-oriented model under pressure. We conclude that, given the relative absence of a strong macro level-framework and an intensive competition of governance models at meso-level, it may be challenging to avoid compromises to the European macro framework. This paper is part of Governing "European values" inside data flows, a special issue of Internet Policy Review guest-edited by Kristina Irion,

show abstract

“…But claiming the CCPA and followon state and federal proposals are the consequence of the GDPR is largely inaccurate. 2 The E.U. has long had data protection laws, and the U.S. has long decided to ignore them.…”

Section: Distinguished Speakers Programmentioning

confidence: 99%