当前位置:
X-MOL 学术
›
International Journal of Law and Information Technology
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
The idea of ‘emergent properties’ in data privacy: towards a holistic approach
International Journal of Law and Information Technology Pub Date : 2017-01-01 , DOI: 10.1093/ijlit/eaw015 Samson Y. Esayas
International Journal of Law and Information Technology Pub Date : 2017-01-01 , DOI: 10.1093/ijlit/eaw015 Samson Y. Esayas
‘The whole is more than the sum of its parts.’ This article applies lessons from the concept of ‘emergent properties’ in systems thinking to data privacy law. This concept, rooted in the Aristotelian dictum ‘the whole is more than the sum of its parts’, where the ‘whole’ represents the ‘emergent property’, allows systems engineers to look beyond the properties of individual components of a system and understand the system as a single complex. Applying this concept, the article argues that the current EU data privacy rules focus on individual processing activity based on a specific and legitimate purpose, with little or no attention to the totality of the processing activities – i.e. the whole – based on separate purposes. This implies that when an entity processes personal data for multiple purposes, each processing must comply with the data privacy principles separately, in light of the specific purpose and the relevant legal basis. This (atomized) approach is premised on two underlying assumptions: (i) distinguishing among different processing activities and relating every piece of personal data to a particular processing is possible, and (ii) if each processing is compliant, the data privacy rights of individuals are not endangered. However, these assumptions are untenable in an era where companies process personal data for a panoply of purposes, where almost all processing generates personal data and where data are combined across several processing activities. These practices blur the lines between different processing activities and complicate attributing every piece of data to a particular processing. Moreover, when entities engage in these practices, there are privacy interests independent of and/or in combination with the individual processing activities. Informed by the discussion about emergent property, the article calls for a holistic approach with enhanced responsibility for certain actors based on the totality of the processing activities and data aggregation practices.
中文翻译:
数据隐私中的“紧急属性”的想法:一种整体方法
“整体不仅仅是其各个部分的总和。” 本文将系统思维中“紧急属性”的概念应用于数据隐私法。这个概念植根于亚里士多德的格言中,“整体大于部分的总和”,其中“整体”代表“紧急属性”,使系统工程师可以超越系统单个组件的属性并了解其本质。系统作为一个单一的复合体。应用这一概念,文章认为,当前的欧盟数据隐私规则侧重于基于特定合法目的的单个加工活动,而很少或根本不关注基于单独目的的加工活动的整体(即整体)。这意味着当实体出于多种目的处理个人数据时,每次处理都必须根据特定目的和相关法律依据分别遵守数据隐私原则。这种(原子化的)方法基于两个基本假设:(i)区分不同的处理活动,并将每条个人数据与特定处理相关联,以及(ii)如果每项处理均合规,则个人的数据隐私权没有受到威胁。但是,在公司出于各种目的处理个人数据的时代,几乎所有处理都生成个人数据并且在多个处理活动中合并数据的时代,这些假设是站不住脚的。这些做法模糊了不同处理活动之间的界线,并使将每条数据归因于特定处理变得复杂。而且,当实体从事这些实践时,存在独立于和/或与单个处理活动结合的隐私利益。受到有关紧急财产的讨论的启发,本文呼吁采用整体方法,并根据处理活动和数据汇总实践的整体,对某些行为者承担更大的责任。
更新日期:2017-01-01
中文翻译:
数据隐私中的“紧急属性”的想法:一种整体方法
“整体不仅仅是其各个部分的总和。” 本文将系统思维中“紧急属性”的概念应用于数据隐私法。这个概念植根于亚里士多德的格言中,“整体大于部分的总和”,其中“整体”代表“紧急属性”,使系统工程师可以超越系统单个组件的属性并了解其本质。系统作为一个单一的复合体。应用这一概念,文章认为,当前的欧盟数据隐私规则侧重于基于特定合法目的的单个加工活动,而很少或根本不关注基于单独目的的加工活动的整体(即整体)。这意味着当实体出于多种目的处理个人数据时,每次处理都必须根据特定目的和相关法律依据分别遵守数据隐私原则。这种(原子化的)方法基于两个基本假设:(i)区分不同的处理活动,并将每条个人数据与特定处理相关联,以及(ii)如果每项处理均合规,则个人的数据隐私权没有受到威胁。但是,在公司出于各种目的处理个人数据的时代,几乎所有处理都生成个人数据并且在多个处理活动中合并数据的时代,这些假设是站不住脚的。这些做法模糊了不同处理活动之间的界线,并使将每条数据归因于特定处理变得复杂。而且,当实体从事这些实践时,存在独立于和/或与单个处理活动结合的隐私利益。受到有关紧急财产的讨论的启发,本文呼吁采用整体方法,并根据处理活动和数据汇总实践的整体,对某些行为者承担更大的责任。
京公网安备 11010802027423号