当前位置:
X-MOL 学术
›
Regul. Gov.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Demystifying the modernized European data protection regime: Cross-disciplinary insights from legal and regulatory governance scholarship
Regulation & Governance ( IF 3.203 ) Pub Date : 2021-05-04 , DOI: 10.1111/rego.12401 Karen Yeung 1 , Lee A. Bygrave 2
Regulation & Governance ( IF 3.203 ) Pub Date : 2021-05-04 , DOI: 10.1111/rego.12401 Karen Yeung 1 , Lee A. Bygrave 2
Affiliation
This article critically examines fundamental aspects of the recently reformed European regime for protection of personal data, focusing on the General Data Protection Regulation (GDPR) adopted by the European Union (EU) in 2016. Although the GDPR is now a central concern for many organizations across multiple sectors, many complain that it is arcane, confusing, and complex. By combining knowledge from two disciplinary perspectives – from regulatory governance scholarship, on the one hand, with legal scholarship from the fields of data protection law, constitutional law, and fundamental rights, on the other hand – this article seeks to “demystify” the key elements of the regime's architecture and approach in light of the significant uncertainties concerning the nature of its requirements. In particular, this article examines the tension between the regime's pronounced “risk-based” approach to compliance and its basic objective of safeguarding fundamental rights, and the challenges facing data protection authorities in providing timely clarifications of the regime's norms. We argue that, despite its complex and arcane character and continuing uncertainty about the precise scope of its requirements, the regime is an innovative hybrid with a significant degree of in-built “future-proofing” that should help render it more resistant to being rapidly overtaken or outpaced by organizational–technological developments. The secondary aim of this article is to demonstrate how academic insights from two distinct but related disciplinary perspectives – legal scholarship and regulatory governance studies – offer a potentially fruitful approach to enrich understandings of the European data protection regime in particular, and of the mechanics, efficacy, and legitimacy of regulatory governance regimes more generally.
中文翻译:
揭开现代化欧洲数据保护制度的神秘面纱:来自法律和监管治理学术的跨学科见解
本文批判性地审视了最近改革的欧洲个人数据保护制度的基本方面,重点关注欧盟 (EU) 于 2016 年通过的《通用数据保护条例》(GDPR)。尽管 GDPR 现在是许多组织关注的核心问题在多个部门中,许多人抱怨它神秘、混乱和复杂。通过结合两个学科角度的知识——一方面来自监管治理学术,另一方面来自数据保护法、宪法和基本权利领域的法律学术——本文试图“揭开”关键的神秘面纱。鉴于有关其要求性质的重大不确定性,该制度的架构和方法的要素。特别是,本文探讨了该制度明显的“基于风险”的合规方法与其保障基本权利的基本目标之间的紧张关系,以及数据保护当局在及时澄清该制度的规范方面面临的挑战。我们认为,尽管该制度具有复杂和神秘的特征,并且对其要求的确切范围仍然存在不确定性,但该制度是一种创新的混合体,具有很大程度的内置“面向未来”,这应该有助于使其更能抵抗快速发展被组织技术发展超越或超越。
更新日期:2021-05-04
中文翻译:
揭开现代化欧洲数据保护制度的神秘面纱:来自法律和监管治理学术的跨学科见解
本文批判性地审视了最近改革的欧洲个人数据保护制度的基本方面,重点关注欧盟 (EU) 于 2016 年通过的《通用数据保护条例》(GDPR)。尽管 GDPR 现在是许多组织关注的核心问题在多个部门中,许多人抱怨它神秘、混乱和复杂。通过结合两个学科角度的知识——一方面来自监管治理学术,另一方面来自数据保护法、宪法和基本权利领域的法律学术——本文试图“揭开”关键的神秘面纱。鉴于有关其要求性质的重大不确定性,该制度的架构和方法的要素。特别是,本文探讨了该制度明显的“基于风险”的合规方法与其保障基本权利的基本目标之间的紧张关系,以及数据保护当局在及时澄清该制度的规范方面面临的挑战。我们认为,尽管该制度具有复杂和神秘的特征,并且对其要求的确切范围仍然存在不确定性,但该制度是一种创新的混合体,具有很大程度的内置“面向未来”,这应该有助于使其更能抵抗快速发展被组织技术发展超越或超越。
京公网安备 11010802027423号