Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Protection and Enabling Psi Re-use EVPSI & LAPSI Final Meeting

Published by词四 皮 Modified over 7 years ago

Similar presentations

Presentation on theme: "Data Protection and Enabling Psi Re-use EVPSI & LAPSI Final Meeting"— Presentation transcript:

1 Data Protection and Enabling Psi Re-use EVPSI & LAPSI Final Meeting
Tools for Enforcing Data Protection and Enabling Psi Re-use EVPSI & LAPSI Final Meeting Turin, 9-10/7/2012 Eleonora Bassi University of Turin

2 The case for reuse of personal data from psi shows that
data protection and data circulation are not incompatible. It is not only a matter of balancing: it involves our concept of data protection. The challenge is protecting data (and personal data) for their circulation, not only for collection and conservation. Following this approach, Open Data policies and Data Protection laws have a similar objective: to create a fair environment for the circulation and the processing of data.

3 Working Party Art. 29 recommended to adopt a case by case approach
“in order to strike the balance between the right to privacy and the right to public access” (Opinion 7/2003, wp 83) different solutions for different kinds of data and for different purposes

4 Proactive Approach: In his Opinion on Open Data Package (18 April 2012) EDPS stated that "it is crucial that public sector bodies take a proactive approach when making personal data available for reuse. A proactive approach would make it possible to make the data publicly available with the explicit purpose of reuse, subject to specific conditions and safeguards in compliance with data protection rules" (§ 39) "this requires that the scope for a public disclosure of personal data is analysed proactively and at the earliest stage, and that the persons involved are informed accordingly so as to allow them to exercise their rights" (§23)

5 Recommended Tools: PETs Privacy by Design Anonymisation
Privacy Policies PIA Codes of Conduct Guidelines

6 Anonymisation by Default
Art. 29 Working Party recommended the use of anonymisation techniques for the re-use of personal data collected by public bodies (Opinion 7/2003 wp83) In his Opinion on the Open Data Package EDPS recommended 1) anonymisation as a default rule (§45) 2) different levels of anonymisation (with respect to the context: nature of the data, the purpose of the processing and the potential risks for individuals) (§46) 3) PSBs could be compensated for costs of anonymisation (§§63-65)

7 Privacy by Design & PETs
Both Psbs and Reusers have to adopt technical and organizational measures for confidentiality and security of processing (Art. 17 Dir-95/46/EC) “Privacy by Design” mechanisms have a key role for managing the interaction between law and technology in privacy and data protection issues, ensuring the minimization and quality of the data, its controllability, transparency, confidentiality, etc... PETs are designed to protect personal privacy by eliminating or minimizing personal information to avoid unnecessary and unlawful data processing, without causing loss of functionality of the information system

8 Privacy Impact Assessment
In his Opinion on the Open Data Package EDPS suggested the adoption of PIA for the reuse of personal data (§§ 40-41) PIA must ensure: 1) adequate legal basis under national laws 2) the reuse is available only for a compatible purpose 3) reusers are required to comply with all data protection laws 4) other additional safeguards (anonymisation, security measures, etc..)

9 White Papers of best practices, DPOs activity, etc.
Soft Law Measures Privacy Policies for Openess at any level of public sector (national, local, sectorial..) following both a proactive and a case by case approach with particular attention to the nature of the data and the purpose of the reuse processing Codes of Conduct, Guidelines White Papers of best practices, DPOs activity, etc.

10 Data Protection Clause ?
The Inclusion of a Data Protection Clause in licence conditions (EDPS, §§ 50-56): it should include indications on purposes, security measures, the adoption of PIA, anonymisation

Download ppt "Data Protection and Enabling Psi Re-use EVPSI & LAPSI Final Meeting"

Similar presentations

Re-use of PSI Data Protection Issues Cécile de Terwangne Professor at the Law Faculty, Research Director at CRIDS University of Namur (Belgium) 2 nd LAPSI.

Re-use of PSI Data Protection Issues Cécile de Terwangne Professor at the Law Faculty, Research Director at CRIDS University of Namur (Belgium) 2 nd LAPSI.
Fundamental Interests and Open Data for Re-use Agustí Cerrillo-i-Martínez Universitat Oberta de Catalunya (Spain) LAPSI Primer & Public.

Fundamental Interests and Open Data for Re-use Agustí Cerrillo-i-Martínez Universitat Oberta de Catalunya (Spain) LAPSI Primer & Public.
Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.

Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.
PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR

PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR
European Data Protection Supervisor Security of e-Government, Brussels, 19 February 2013 Privacy and e-Government: the role of Data Protection legislation.

European Data Protection Supervisor Security of e-Government, Brussels, 19 February 2013 Privacy and e-Government: the role of Data Protection legislation.
Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.

Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
ICN Merger Working Group Work Product Merger Review Workshop March 10-11, 2009 Taipei.

ICN Merger Working Group Work Product Merger Review Workshop March 10-11, 2009 Taipei.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Protecting information rights –­ advancing information policy Privacy law reform for APP entities (organisations)

Protecting information rights –­ advancing information policy Privacy law reform for APP entities (organisations)
Company Confidential How to implement privacy and security requirements in practice? Tobias Bräutigam, OTT Senior Legal Counsel, Nokia 8 October 2012 1.

Company Confidential How to implement privacy and security requirements in practice? Tobias Bräutigam, OTT Senior Legal Counsel, Nokia 8 October
Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.

Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.
Key Elements of Legislation For Disaster Risk Reduction Second Meeting of Asian Advisory Group of Parliamentarians for DRR 5-7 February, 2014, Vientiane,

Key Elements of Legislation For Disaster Risk Reduction Second Meeting of Asian Advisory Group of Parliamentarians for DRR 5-7 February, 2014, Vientiane,
© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.

© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.
Compliance with IOSCO requirements AMEDA Leadership Forum Alexandria Egypt Monday 27 th April 2009 by Dr. Ashraf EL Sharkawy Senior Advisor to the CMA.

Compliance with IOSCO requirements AMEDA Leadership Forum Alexandria Egypt Monday 27 th April 2009 by Dr. Ashraf EL Sharkawy Senior Advisor to the CMA.
The Eighth Asian Bioethics Conference Biotechnology, Culture, and Human Values in Asia and Beyond Confidentiality and Genetic data: Ethical and Legal Rights.

The Eighth Asian Bioethics Conference Biotechnology, Culture, and Human Values in Asia and Beyond Confidentiality and Genetic data: Ethical and Legal Rights.
IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.

IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.
Europe's work in progress: quality of mHealth Pēteris Zilgalvis, J.D., Head of Unit, Health and Well-Being, DG CONNECT Voka Health Community 29 September.

Europe's work in progress: quality of mHealth Pēteris Zilgalvis, J.D., Head of Unit, Health and Well-Being, DG CONNECT Voka Health Community 29 September.
European Data Protection Supervisor Pharmaceutical Regulatory & Compliance Congress, Brussels, 7 June 2007 European Privacy and Data Protection Policy.

European Data Protection Supervisor Pharmaceutical Regulatory & Compliance Congress, Brussels, 7 June 2007 European Privacy and Data Protection Policy.
Policies for Information Sharing April 10, 2006 Mark Frisse, MD, MBA, MSc Marcy Wilder, JD Janlori Goldman, JD Joseph Heyman, MD.

Policies for Information Sharing April 10, 2006 Mark Frisse, MD, MBA, MSc Marcy Wilder, JD Janlori Goldman, JD Joseph Heyman, MD.

Similar presentations

Ads by Google