Published on LinkedIn, 7 February 2019. *** This is part of the GDPR ethics series; A broad mission statement may be found in its opening text. *** Same as with Article 5, an article-by-article analysis of the GDPR from an ethics point of view need not go further than the first sentence when it comes to its Article
An article by article analysis of the GDPR from an ethics perspective need not go any further than the first line when it comes to its Article 5: “Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’)”. What is “lawful processing” one
Appointed a member of the law-making committee drafting the GDPR (and the Police and Criminal Justice Data Protection Directive) implementation law in Greece. The law-making committee, established under the Greek Ministry of Justice, has been in session since 2016 but has not been able to produce a final legislative act yet, although public consultation has
Article 4 of the GDPR contains its definitions. This is in line both with its predecessor, the EU 1995 Data Protection Directive, and general EU law-making: Customarily, in all EU technical legislation a set of definitions comes before the actual legal provisions. This is basic law-writing technique also met in complex contracts: Definitions come first so
Article 3 of the GDPR sets its geographical scope. The general rule is that it applies whenever a controller or a processor is established in the EU regardless where the processing takes place. That is something expected. However, the GDPR also applies to people who are in the EU whenever they surf the web (“offered
LinkedIn article, published on 21 Oct 2018 The household exemption dominates Article 2 of the GDPR, the automated/non-automated distinction being by now outdated: The GDPR does not apply whenever processing of personal data is done “by a natural person in the course of a purely personal or household activity”. In the age of digital
LinkedIn article, published on 30 September 2018 Article 1 of the GDPR rarely attracts much attention: At best, it is viewed as a repetition of the GDPR title; At worst, as a functional article, a necessary introduction to the GDPR – and to the much juicier articles that follow, on material scope and territoriality.
My presentation in the Europe Regulates Robotics conference, "Is the GDPR EU's digital constitution"? The conference was held in Pisa, 27-28 September.
Δημοσιεύθηκε στο startupper.gr, 21/05/2018 Καθώς η μέρα που ο Γενικός Κανονισμός για την Προστασία Δεδομένων θα τεθεί σε άμεση ισχύ σε ολόκληρη την Ευρωπαϊκή Ένωση πλησιάζει, χρήσιμο είναι, νομίζω, να εξετάσουμε ορισμένες διαφορετικές οπτικές σε σχέση με αυτόν (οι οποίες αποτελούν αυστηρά και μόνο προσωπική μου άποψη). Έτσι λοιπόν: – Αν δει κανείς τον Κανονισμό ως άτομο / πολίτης τότε
Δημοσιεύθηκε στο dEasy, 31.01.2018 Τις προάλλες, δηλαδή την Κυριακή 28 Ιανουαρίου, γιορτάσαμε την παγκόσμια ημέρα για τα προσωπικά δεδομένα. Εκείνες περίπου τις ημέρες βρέθηκα στο, ετήσιο, μεγάλο συνέδριο για τα προσωπικά δεδομένα στις Βρυξέλλες Computers, Privacy & Data Protection (CPDP), επομένως σκέφτηκα να μεταφέρω μερικές σκέψεις μου σχετικά – πάω στοίχημα ότι, με την πέραση που αυτές