Hylly
Henkilönnimi
Nimeke- ja vastuullisuusmerkintö The Challenges faced by the extraterritorial scope of the general data protection regulation
Julkaistu
Ulkoasutiedot
Sarjamerkintö ei-lisäkirjausmuodossa Journal of Intellectual Property, Information Technology and Electronic Commerce Law, ISSN 2190-3387 ; 9(2)
Huomautus sisällöstä, tiivistelmä tms. The General Data Protection Regulation (GDPR) imposes a significant burden of compliance on overseas businesses which process personal data of EU individuals. An impressive number of articles warns about the new risks incurred by data processors around the world; be they one of the Internet giants, or a non-EU company which dared to offer goods to EU consumers, or that had the idea to use cookies on its website to track EU consumers. However, does the EU actually have the necessary means to ensure that the rules are followed by all? And if not, is the EU equipped to enforce compliance? Those are legitimate questions in the light of the context in which the EU has extended its jurisdiction. Not only has it been decided unilaterally, but such rules are to be enforced in cyberspace, in an international context, and on operators, which may not have any physical presence in the EU. One may think that processors have no reason to panic, there is little chance that the GDPR enforcers will find them and force them to comply under the threat of fines. Yet, internet users witness an undeniable wave of change in the terms of the use and processing of data on a majority of websites. Does this phenomenon reveal a real power of enforcement on the EU side? This work attempts to answer this question by analysing two factors which greatly impact the efficiency of extraterritorial claims. First, the legitimacy of the extraterritorial claim. Through the application of international law principles, it will be seen that the extraterritorial claim of the EU, despite its broadness, is rather legitimate and even part of a shared tendency among jurisdictions around the world to extend the reach of data protection laws. Second, the enforcement tools of the regulation. This work reveals that the EU may benefit from some direct enforcement tools such as representatives and international cooperation, but also, and more importantly, through indirect means. In particular, the EU may rely on the risk of reputational damage, the incentives to self-compliance, and the rules on data transfers to third countries.
Asiasana
Asiasana - Kontrolloimaton
Sarjalisäkirjaus - yhtenäistetty nimeke Journal of Intellectual Property, Information Technology and Electronic Commerce Law, 2190-3387 ; 9(2)
Elektronisen aineiston sijainti ja käyttö (URI) https://www.jipitec.eu/issues/jipitec-9-2-2018/4723/JIPITEC_9_2_2018_126_Azzi Linkki verkkoaineistoon
*000 ab a ar
*00114978
*008 s2018||||gw |||||||||||||||||eng||
*040 $aFI-CUTE$bfin$erda
*041 $aeng
*1001 $aAzzi, Adele.
*24514$aThe Challenges faced by the extraterritorial scope of the general data protection regulation /$cAdèle Azzi.
*260 $c2018
*300 $as. 126-137
*300 $a(pdf)
*336 $ateksti$btxt$2rdacontent
*337 $atietokonekäyttöinen$bc$2rdamedia
*338 $averkkoaineisto$bcr$2rdacarrier
*4901 $aJournal of Intellectual Property, Information Technology and Electronic Commerce Law,$x2190-3387 ;$v9(2)
*520 $aThe General Data Protection Regulation (GDPR) imposes a significant burden of compliance on overseas businesses which process personal data of EU individuals. An impressive number of articles warns about the new risks incurred by data processors around the world; be they one of the Internet giants, or a non-EU company which dared to offer goods to EU consumers, or that had the idea to use cookies on its website to track EU consumers. However, does the EU actually have the necessary means to ensure that the rules are followed by all? And if not, is the EU equipped to enforce compliance? Those are legitimate questions in the light of the context in which the EU has extended its jurisdiction. Not only has it been decided unilaterally, but such rules are to be enforced in cyberspace, in an international context, and on operators, which may not have any physical presence in the EU. One may think that processors have no reason to panic, there is little chance that the GDPR enforcers will find them and force them to comply under the threat of fines. Yet, internet users witness an undeniable wave of change in the terms of the use and processing of data on a majority of websites. Does this phenomenon reveal a real power of enforcement on the EU side? This work attempts to answer this question by analysing two factors which greatly impact the efficiency of extraterritorial claims. First, the legitimacy of the extraterritorial claim. Through the application of international law principles, it will be seen that the extraterritorial claim of the EU, despite its broadness, is rather legitimate and even part of a shared tendency among jurisdictions around the world to extend the reach of data protection laws. Second, the enforcement tools of the regulation. This work reveals that the EU may benefit from some direct enforcement tools such as representatives and international cooperation, but also, and more importantly, through indirect means. In particular, the EU may rely on the risk of reputational damage, the incentives to self-compliance, and the rules on data transfers to third countries.
*650 7$atietosuoja$0http://www.yso.fi/onto/yso/p3636$2yso/fin
*650 7$adata$0http://www.yso.fi/onto/yso/p27250$2yso/fin
*650 7$akansainvälinen oikeus$2yso/fin$0http://www.yso.fi/onto/yso/p12347
*653 $aGDPR
*653 $acompliance
*653 $aoverseas data processing
*653 $aextraterritorial scope
*653 $aenforcement
*653 $ainternational law
*653 $ainternational cooperation
*830 0$aJournal of Intellectual Property, Information Technology and Electronic Commerce Law,$x2190-3387 ;$v9(2)
*852 $hSA-JIPITEC
*85640$uhttps://www.jipitec.eu/issues/jipitec-9-2-2018/4723/JIPITEC_9_2_2018_126_Azzi$yLinkki verkkoaineistoon
^
Tästä teoksesta ei ole arvioita.
Näpäytä
kun haluat kirjoittaa ensimmäisen arvion.