Cover of book: The General Data Protection Regulation and the effective protection of data subjects’ rights in the online environment
Buy in shop
, to see if you have full access to this publication.
Book Titles No access

The General Data Protection Regulation and the effective protection of data subjects’ rights in the online environment

To what extent are these rights enforced during mass harm situations?
Authors:
Publisher:
 21.06.2021

Summary

After an extensive overview of the GDPR, this work examines the new right to representation enshrined in Art. 80 (1) GDPR, which right permits data subjects to designate a competent association to exercise their rights to enforcement, including the right to obtain compensation, on condition that Member State law so permits. With this right being dependent on national law, this work examines how collective redress for data protection mass harm is dealt with in the major European jurisdictions, before giving an overview of the general EU situation and challenges encountered.

Keywords

Bibliographic data

Copyright year
2021
Publication date
21.06.2021
ISBN-Print
978-3-8487-8201-7
ISBN-Online
978-3-7489-2607-8
Publisher
Nomos, Baden-Baden
Series
Schriften des Augsburg Center for Global Economic Law and Regulation - Arbeiten zum Internationalen Wirtschaftsrecht und zur Wirtschaftsregulierung
Volume
85
Language
English
Pages
320
Product type
Book Titles

Table of contents

ChapterPages
  1. Titelei/Inhaltsverzeichnis No access 1 - 18
    1. 1. ABSTRACT No access
    2. 2. BACKGROUND No access
    3. 3. THE GDPR AND THE NOTION OF PERSONAL DATA No access
    4. 4. SOME HARM ASSOCIATED WITH INADEQUATE DATA PROTECTION No access
    5. 5. DATA PROTECTION AND COMPETITION IN THE INTERNAL MARKET No access
      1. A. The conferral of the status of fundamental Human Right on the right to data protection No access
      2. B. Technological advancements No access
      3. C. The preparatory role of the Data Protection Directive (DPD) No access
      4. D. The need to correct some inherent weaknesses of the DPD No access
    7. 7. MASS HARM SITUATIONS AND DATA PROTECTION No access
    8. 8. THE SCOPE AND STRUCTURE OF THIS WORK No access
            1. a. The substantial understanding of the data subject No access
            2. b. Imbalance of power No access
            3. c. Detriment No access
            4. d. Conditionality in relation to the execution of a contract No access
          2. II. Specific consent No access
          3. III. Informed Consent No access
          4. IV. Unambiguous consent No access
          1. I. Processing is necessary for the performance of a contract to which the data subject is party No access
          2. II. Processing is necessary in order to take steps at the request of the data subject prior to entering into a contract No access
          1. I. The existence of a legal obligation No access
          2. II. Emanation of the legal obligation from a Member State law No access
          1. I. Protecting the vital interests of the data subject No access
          2. II. Protecting the vital interests of a third-party No access
          1. I. Processing is necessary in performing a task in the public interest No access
          2. II. Processing is necessary in the exercise of official authority vested in the controller No access
          1. I. The existence of a legitimate interest No access
          2. II. Legitimate interests of third parties No access
          3. III. The 3-step test No access
            1. a. The categories of personal data involved No access
            2. b. The impact of the processing on the data subject No access
            3. c. Transparency and fairness of the processing No access
            4. d. The category of data subjects involved No access
            5. e. Processing that is subject to the ePrivacy Directive No access
            6. f. The scope of the processing No access
            7. g. Security of the processing No access
            8. h. The benefits of the processing No access
            9. i. The reasonable expectations of the data subject No access
            10. j. Balancing of interests in the context of press freedom No access
            1. a. Specific provisions regulating unsolicited commercial communications No access
            2. b. Specific provisions regarding the use of cookies and similar technologies No access
            3. c. Specific rules regulating the processing of traffic data No access
            4. d. Specific requirements for the processing of location data No access
        7. G. Additional requirements for the processing of personal data relating to criminal records No access
          1. I. The explicit character of consent No access
          2. II. The ability to prove explicit consent No access
          3. III. Other areas where explicit consent is required No access
        2. B. Processing is necessary in the field of employment and social security and social protection law No access
        3. C. Vital interests No access
        4. D. Processing within the scope of legitimate activities of appropriate opinion bodies No access
        5. E. Publicly available personal data No access
        6. F. The establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity No access
        7. G. Substantial public interest No access
        8. H. Processing is necessary for the purposes of preventive or occupational medicine, the assessment of the employee’s aptitude and other health-care related purposes No access
        9. I. The processing is necessary for reasons of public interest in the area of public health No access
          1. I. Processing for research-related purposes No access
          2. II. Processing for statistical purposes No access
          1. I. Fairness and transparency No access
          2. II. Purpose limitation No access
          3. III. Data Minimization No access
          4. IV. Accuracy No access
          5. V. Storage limitation No access
          6. VI. Integrity and confidentiality No access
          7. VII. Accountability No access
        2. B. Processor’s obligations under the GDPR No access
          1. I. The designation of an EU Representative No access
          2. II. The designation of a Data Protection Officer No access
          1. I. The notion of data transfer under the GDPR No access
          2. II. The notion of onward transfers under the GDPR No access
            1. a. Data transfers based on an adequacy decision from the Commission No access
            2. b. Data transfers based on appropriate safeguards (Art. 46 GDPR) and post Schrems II considerations No access
            3. c. Transfers based on derogations for specific situations (Art. 49(1) GDPR) No access
              1. i. The not-repetitive character of such transfers No access
              2. ii. Must concern a limited number of data subjects No access
              3. iii. The balancing of interests No access
              4. iv. The provision of additional information to the data subject No access
              5. v. The obligation to inform the DPA No access
          1. I. Information to be provided where personal data are collected from the data subject No access
          2. II. Information to be provided where personal data have not been obtained from the data subject No access
            1. a. Information relating to processing for a new purpose No access
            2. b. Breach notifications No access
            3. c. Whenever the data subject exercises his right No access
            4. d. Whenever the provision of information is required by Member State Law No access
            1. a. Layered notices No access
            2. b. Tools and icons No access
            3. c. “Push” and “pull” notices No access
            4. d. Information challenges No access
          1. I. Information to be provided when a data subject exercises the right of access No access
          2. II. Limitations to the right of access No access
        3. C. Right to rectification No access
          1. I. Grounds for exercising the right to erasure No access
          2. II. Limitations of the right to erasure No access
        5. E. Right to restriction of processing No access
          1. I. The scope of the right to data portability No access
            1. a. Limited to data concerning the data subject No access
            2. b. Limited to personal data provided by the data subject No access
            3. c. Limited to processing activities that have consent or contract as legal basis No access
            4. d. The right is only available in automated processing activities No access
            5. e. The right may be limited by the rights and freedoms of other natural persons No access
        7. G. Right to object to processing No access
            1. a. ‘decision producing legal effects’ No access
            2. b. ‘similarly significantly affects him or her’ No access
            3. c. ‘a decision based solely on automated processing’ No access
          2. II. Derogations to the general prohibition of automated decision-making and profiling No access
        1. A. The scope of data protection restrictions No access
        2. B. The form of data protection restrictions No access
          1. I. Tasks of a data protection authority No access
          2. II. The remedies available at the supervisory authority No access
          3. III. Administrative fines No access
          4. IV. Factors determining the amount of fine No access
            1. a. Minor administrative fines No access
            2. b. Some major administrative fines No access
          6. VI. Additional considerations for the enforcement of the GDPR: penalties provided by Member States for violations that fall outside the scope of administrative fines No access
            1. a. Remedies do not include compensation for the data subject No access
            2. b. Not all DPAs are authorized to impose administrative fines No access
            3. c. Certain entities may be exempted from administrative fines No access
            4. d. Decisions of DPAs are subject to appeal No access
        2. B. The right to an effective judicial remedy against the DPA No access
        3. C. The right to effective judicial remedy against a controller or processor No access
        4. D. The right to compensation No access
        5. E. The right to representation No access
      1. 1. Directive 98/27/EC of 19 May 1998 (Injunctions Directive I) No access
      2. 2. Directive 2009/22/EC of 23 April 2009 (Injunctions Directive II) No access
      3. 3. The corrective powers of the DPAs: a mitigation of the absence of collective injunctive relief for data protection matters No access
      4. 4. The Parliament Resolution No. 2011/2089(INI) of 2 February 2012 on an EU Collective Redress No access
      5. 5. Directive 2013/11/EU of 21 May 2013 (Directive on consumer ADR) No access
      6. 6. Commission Recommendation of 11 June 2013 on common principles of collective redress (2013/396/EU) No access
      7. 7. Proposal for a Representative Actions Directive (RAD) of 11 April 2018 No access
        1. A. Consumer Compensatory Collective Redress under the Code of Economic Law (CEL) No access
        2. B. Eligible fields for compensatory representative action in Belgium No access
        3. C. Compensatory Collective Redress for SMEs under the CEL No access
        4. D. Compensatory collective redress for harm resulting from the infringement of the GDPR No access
        5. E. ADR in the Belgian collective compensatory redress system No access
        6. F. Case Law No access
        7. G. Summary of the Belgian compensatory collective redress system No access
        1. A. Group Litigation Orders No access
        2. B. Representative Actions No access
        3. C. Compensatory Collective redress for mass harm resulting from the infringement of the GDPR No access
        4. D. ADR in the English compensatory collective redress system No access
        5. E. Case Law No access
        6. F. Summary of the English compensatory redress system No access
        1. A. Class action before the civil court under Law No.2016-1547 No access
        2. B. ADR in the French compensatory collective redress mechanism No access
        3. C. Class Action before the administrative judge under Law No.2016-1547 No access
        4. D. Compensatory Collective redress for mass harm resulting from the infringement of the GDPR No access
        5. E. Case Law No access
        6. F. Summary of the French collective redress system No access
        1. A. Compensatory Collective redress under the ICC No access
        2. B. Representative action procedure under the ICC No access
        3. C. Collective redress under Legislative Decree No. 117 of 3 July 2017 No access
        4. D. Compensatory Collective Redress for damage resulting from the infringement of the GDPR No access
        5. E. ADR in the Italian compensatory collective redress system No access
        6. F. Case Law No access
        7. G. Summary of the Italian compensatory collective redress mechanism No access
        8. H. Recent developments: Law No. 31 of 12 April 2019 No access
        1. A. Compensatory collective redress under Law 1/2000 of 07 January 2000on Civil Procedure No access
        2. B. Other relevant provisions on the Spanish class action No access
        3. C. Compensatory collective action for harm resulting from the infringement of the GDPR in Spain No access
        4. D. Consumer ADR in the Spanish collective redress mechanism No access
        5. E. Case law No access
        6. F. Summary of the Spanish compensatory collective redress No access
        1. A. Early attempts of the German compensatory collective redress No access
        2. B. Compensatory Collective Redress under Sec.79of the Code of Civil Procedure (ZPO) No access
        3. C. Compensatory collective redress under Law of 12 July 2018 on Model Declaratory Action No access
        4. D. ADR in the German compensatory collective redress mechanism No access
        5. E. The German Compensatory collective redress mechanism and mass harm resulting from the infringement of the GDPR No access
        6. F. Case Law No access
        7. G. Summary of the German Compensatory collective redress system No access
      1. 1. GENERAL OVERVIEW OF COMPENSATORY COLLECTIVE REDRESS IN THE EU No access
      2. 2. THE ABSENCE OF A LEGALLY BINDING UNION ACT: A JUSTIFICATION FOR THE INCONSISTENT COMPENSATORY COLLECTIVE REDRESS APPROACHES IN THE EU No access
        1. A. Consumer awareness No access
          1. I. The inability of representative entities to bring action in a Member State other than their home country No access
          2. II. Challenges relating to individual participation in collective actions in another Member State No access
        3. C. Challenges relating to the funding of representative organizations No access
        4. D. Fears relating to the abuse of collective redress No access
      1. 1. GENERAL SUMMARY No access
      2. 2. PERSPECTIVES PERTAINING TO THE PROPOSED REPRESENTATIVE ACTIONS DIRECTIVE No access
  5. Bibliography No access 299 - 320

Similar publications

from the topics "Data Protection Law & Information Law & Digital Law"
Cover of book: Data Act und Datenschutz
Book Titles No access
Marc-Philipp Geiselmann
Data Act und Datenschutz
Cover of book: Data Access and Portability
Book Titles No access
Yannic Duller
Data Access and Portability
Cover of book: Perspektiven des Datenschutz- und Cybersicherheitsrechts
Edited Book Full access
Lukas Staffler, Jakob Ebbinghaus
Perspektiven des Datenschutz- und Cybersicherheitsrechts
Cover of book: Bürokratieabbau im Datenschutz
Edited Book No access
Alexander Roßnagel, Astrid Wallmann
Bürokratieabbau im Datenschutz
Cover of book: Personal Data Breaches
Book Titles No access
Steffen Sundermann
Personal Data Breaches

Notice

This work is protected by copyright and may only be used in accordance with the provisions of the Terms of Use and License Agreement. Any use of the work beyond this is expressly prohibited and will be prosecuted.

Give feedback

We welcome your feedback on content and features. Your message helps us to continuously improve our service.

Rating
Attach images
or drag and drop
PNG or JPG (max. 3 MB)

Login

Forgotten your password?
Login via Open Athens
Don't have an account yet?
Register now

Cite publication

Download: RIS BibTex