Moderator: Maria Àngels Barbarà i Fondevila. Director, Catalan Data Protection Authority
Internet social networks, non-contractual liability for infringements of data protection rights by the data controller and International Private Law
Alfonso Ortega Giménez, Profesor de Derecho internacional privado de la Universidad Miguel Hernández de Elche (Alicante)
The dramatic growth of participation in social networking sites can be approached from the international private law.
Users normally accept all the terms of conditions of social networking sites. But what law is to be applied? It depends. In these terms it is normally stated what law and what jurisdiction is to be applied. Thus, the user is not protected by the law as there is a high degree of defencelessness as they have to deal with “foreign” laws most of the times.
Big Data and Social Control In The Perspective Of Proposed EU Reform On Data Protection
Alessandro Mantelero, Polytechnic University of Turin; Giuseppe Vaciago, University of Insubria.
There is an asymmetric distribution of the control over information. Interaction between the private and the public sector is mediated by these data and this imbalance of power.
There is a political and strategical value of the European regulation on data protection, as there is a predominance of US companies in the ICT sector, which implies an influence of the US administration on national companies.
Indeed, is not only about jurisdiction in terms of what law applies, but also the fact that most data of European citizens are stored overseas (usually in the US).
An added political/strategic/security issue, then, is that the US Administration can require the firms in US soil (e.g. most of all in cloud services) to access all the data in their silos.
Data portability reduces the risk of lock in as it allows for transferring data from one place to another. In this sense, it also reduces monopolistic practices, reduces the power of the service provider and eases establishing more balanced regulation.
E-Health in the Age of Big Data: The EU Proposed Regulation on Health Data Protection
Panagiotis Kitsos, LLM, PhD. IT Law Team, Dept. of Applied Informatics. University of Macedonia, Researcher; Aikaterini Yannoukakou, Librarian MSc. IT Law Team, Dept. of Applied Informatics. University of Macedonia, PhD candidate
What are the challenges that big data poses in the field of e-Health? Many uses so far: drug data extracted from prescription records, devide data collected from implantable cardiac devices, clinical data collected form medical records and medical images, claims and financial data, patient behaviour and sentiment data, etc. All these are already transforming healthcare.
But there are many privacy concerns, most of the related to the possibility to “re-identify” patients even if their respective data has been anonymised.
Another concern is the right to be forgotten in relationship with health records.
Maybe we have to move from what to protect to how to protect.
Discussion
Barbarà: is consent enough to protect the citizen? Is it informed enough to count as valid?
Ricardo Morte: if there are issues with jurisdiction, it is very likely that the citizen cannot appeal to the Constitutional Court. Is that this way? Is there any “equivalent” at the international/European level? Ortega: the problem comes not in what falls within the framework of the (commercial) agreement, which is quite well contemplated by the current regulation, but in what falls outside of the framework of the agreement, in what is extra-contractual.