| 1. |
-
GDPR and Biobanking : Individual Rights, Public Interest and Research Regulation across Europe
- 2021
-
Samlingsverk (redaktörskap) (refereegranskat)abstract
- This open access book focuses on the discrepancies in biobank research regulations that are among the most significant hurdles to effective research collaboration. The General Data Protection Regulation (GDPR) has established stringent requirements for the processing of health and genetic data, while simultaneously allowing considerable multi-level exceptions for the purposes of scientific research. In addition to directly applicable exceptions, the GDPR places the regulatory responsibility for further defining how the Member States strike a balance between the individuals' rights and the public interest in research within their national legal orders. Since Member States' approaches to the trade-off between data subjects' rights on the one hand, and appropriate safeguards on the other, differ according to their ethical and legal traditions, their data protection requirements for research also differ considerably.This study takes a comprehensive approach to determine how the GDPR affects regulatory regimes on the use of personal data in biobanking research, with a particular focus on the balance between individuals' rights, public interest and scientific research. In this regard, it has two main goals: first, to scrutinize the GDPR research regime, its objective and constitutive elements, the impact it has on biobanking, and its role in a changing EU landscape post-Brexit; and second, to examine how various exceptions have been operationalized nationally, and what challenges and opportunities this diversification entails. The book not only captures the complexity GDPR creates for biobanking, but also sheds light on various approaches to tackling the corresponding challenges. It offers the first comprehensive analysis of GDPR for biobanking, and the most up-to-date overview of the national biobank regulatory frameworks in Europe.
|
|
| 2. |
|
|
| 3. |
- Slokenberga, Santa, et al.
(författare)
-
EU data transfer rules and African legal realities : is data exchange for biobank research realistic?
- 2019
-
Ingår i: International data privacy law. - : Oxford University Press (OUP). - 2044-3994 .- 2044-4001. ; 9:1, s. 30-48
-
Tidskriftsartikel (refereegranskat)abstract
- Key PointsTo effectively collaborate in biobanking and build capacity in low and middle-income countries, data transfer from European Union (EU) Member States to states in Africa is crucial.Although under the General Data Protection Regulation (GDPR) avenues for data transfer exist, the ones feasible for transcontinental data exchange for biobank research rely on EU enforcement which in essence means limited oversight possibilities and, consequently, considerable risks to the EU data subject’s privacy.To ensure effective data protection for data subjects in biobanking, raising the data protection bar in data recipient countries is crucial. Although Kenya, Nigeria, South Africa, and Uganda have taken considerable steps towards developing data protection frameworks, only that of South Africa and Nigeria’s Protection of Personal Information Bill seem to be such to meet the protection level set out by the GDPR. The legislative initiatives in Kenya and Uganda require revisions to ensure that protection of privacy is not undermined when data are being sent to these countries.Currently, considerable responsibility is placed in the hands of the legislatures in the countries of concern—and notably in Kenya, and Uganda—to set foundations for ending research and research integrity-harming practices. In Nigeria, these foundations are defined in the Protection of Personal Information Bill, but not adopted yet. South Africa, however, has taken a big step towards building routes for genuine biobank capacity-building in the country and collaboration in that regard.
|
|
| 4. |
|
|
| 5. |
- Chamberlain, Johanna, et al.
(författare)
-
The Relationship Between Damages and Administrative Fines in the EU General Data Protection Regulation
- 2019
-
Ingår i: SSRN Electronic Journal. - : Elsevier BV. - 1556-5068.
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- Two purposes of the GDPR are to provide effective remedies for ensuring extensive personal data rights and to change practices and policies of controllers and processors so that they become more aware of privacy protection. Article 58 GDPR lays down the investigative and corrective powers of the national supervisory authorities, such as issuing warnings or imposing new administrative fines. Article 79 GDPR states that every data subject whose rights according to the regulation have been infringed shall have access to an effective remedy. The two measures in focus here are those with the largest economic impact: Article 82 on damages and Article 83 on administrative fines. These articles target different areas and subjects – while the first has a compensatory purpose and is designed for use by individuals, the second has a preventive character and is implemented by Data Protection Authorities vis-á-vis controllers and processors. Considering these two profiles, an interesting question arises: Why are the provisions of Article 83 for imposing fines on companies and organisations so detailed, while the wording of Article 82 and hence the liability for controllers and processors is open to interpretation? What does this difference lead to in the application of the regulation, and more precisely, is it likely that the development in regards to administrative fines could spill over to the application of rules on damages?
|
|
| 6. |
- Gholami, Ali, et al.
(författare)
-
Design and Implementation of the advanced cloud privacy threat modeling
- 2016
-
Ingår i: International Journal of Network Security & Its Applications. - 0975-2307 .- 0974-9330. ; 8:2, s. 103-122
-
Tidskriftsartikel (refereegranskat)abstract
- Privacy-preservation for sensitive data has become a challenging issue in cloud computing. Threat modeling as a part of requirements engineering in secure software development provides a structured approach for identifying attacks and proposing countermeasures against the exploitation of vulnerabilities in a system. This paper describes an extension of Cloud Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in relation to processing sensitive data in cloud computing environments. It describes the modeling methodology that involved applying Method Engineering to specify characteristics of a cloud privacy threat modeling methodology, different steps in the proposed methodology and corresponding products. In addition, a case study has been implemented as a proof of concept to demonstrate the usability of the proposed methodology. We believe that the extended methodology facilitates the application of a privacy-preserving cloud software development approach from requirements engineering to design.
|
|
| 7. |
-
Information and law in transition : freedom of speech, the internet, privacy and democracy in the 21st century
- 2015
-
Proceedings (redaktörskap) (refereegranskat)abstract
- In this book we have gathered a number of prominent scholars who analyze the developments of information and law from their respective perspective. The papers were first presented at a colloquium at the Faculty of Law, Uppsala University in September 2014.The book is divided into two parts. The first part of the book is comprised of the contributions having a more general scope; developments within a new landscape, regulatory matters and questions relating to security, technology and information. The second part sets information and law in contexts and focuses towards more specific matters; fundamental rights in a new context, issues relating to the right to be forgotten and finally, welfare, health and research.The Internet and other information and communication technologies have created exciting new possibilities for connecting individuals across borders and continents. The new technologies also raise significant legal, ethical and political concerns. The Internet has thus permitted the instantaneous dissemination of information as well as created an entirely new arena for hate speech. New information and communication technologies have made possible the creation of large registries and databases with the potential to lead to effective cross-border law enforcement, foster important new research as well as unwarranted mapping of individual persons’ private life. How society responds to this can have an impact on how we perceive democracy, and the realization of the rule of law, as well as on transparency and legitimacy in communication between individuals and states. It also affects the relationship between the public sphere and the individual.
|
|
| 8. |
- Lind, Anna-Sara, 1977-, et al.
(författare)
-
Förvaltningen och EU:s dataskydd
- 2020
-
Ingår i: Den svenska förvaltningsmodellen. - Stockholm : Jure AB. - 9789186645144 ; , s. 258-285
-
Bokkapitel (övrigt vetenskapligt/konstnärligt)
|
|
| 9. |
- Lind, Anna-Sara, 1977-, et al.
(författare)
-
Introducing 250 years of transparency
- 2017
-
Ingår i: Transparency in the future. - : Ragulka förlag. - 9789185333752 ; , s. 9-17
-
Bokkapitel (övrigt vetenskapligt/konstnärligt)
|
|
| 10. |
|
|
