Privacy for the Homo Digitalis: Proposal for a New Regulatory Framework for Data Protection in the Light of Big Data and the Internet of Things

98 Pages Posted: 25 May 2016 Last revised: 6 Jul 2016

See all articles by Lokke Moerel

Lokke Moerel

Tilburg University - Tilburg Institute for Law, Technology, and Society

Corien Prins

Tilburg Law School

Date Written: May 25, 2016

Abstract

The authors analyze innovations in data processing as a result of developments such as 'big data' and the 'Internet of Things' and discuss why these developments undermine the effectiveness and legitimacy of the current as well as upcoming EU data protection regime, thereby focusing on the private sector. The authors undertake a detailed analysis of key data processing principles used in the European data protection regime (purpose limitation, informational self-determination and data quality) and argue that due to social trends and technological developments the principle of purpose limitation should be abandoned as a separate criterion. Also, other principles (such as consent and the performance of an agreement) should no longer be recognised as independent legal grounds to legitimize data processing. The authors propose, instead, a test based on whether there is a legitimate interest for data collection and processing (as well as further processing) of data. The authors argue that such a test will provide for a more effective data protection regime that will have more legitimacy than the assessment under the existing legal regime that is primarily based on the purposes for which data may be collected and further used. Based on their analysis, the authors develop a framework to be used by companies as the principal (and only) test for the whole life cycle of personal data processing (collection, use, further use and destruction of data). This test has been drafted in such a way that it enables companies to comply with the new requirements under the upcoming EU General Data Protection Regulation, that will become effective in 2018. The authors conclude their analysis with proposals to increase the (effectiveness of) enforcement of the data protection rules.

Suggested Citation

Moerel, E.M.L. and Prins, J.E.J. (Corien), Privacy for the Homo Digitalis: Proposal for a New Regulatory Framework for Data Protection in the Light of Big Data and the Internet of Things (May 25, 2016). Available at SSRN: https://ssrn.com/abstract=2784123 or http://dx.doi.org/10.2139/ssrn.2784123

E.M.L. Moerel

Tilburg University - Tilburg Institute for Law, Technology, and Society ( email )

Tilburg, 5000LE
Netherlands

J.E.J. (Corien) Prins (Contact Author)

Tilburg Law School ( email )

Tilburg, 5000 LE
Netherlands

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
2,715
Abstract Views
11,038
Rank
9,146
PlumX Metrics