Publicaties
Gekozen filters:
Gekozen filters:
Data Protection by Design and Technology Neutral Law Vrije Universiteit Brussel
This article argues that to achieve a technology neutral law, technology specific law is sometimes required. To explain this we discriminate between three objectives, often implied in the literature on technological neutrality of law. The first we call the compensation objective, which refers to the need to have technology specific law in place whenever specific technological designs threated the substance of human rights. The second we call the ...
Data Protection by Design and by Default Vrije Universiteit Brussel
When data protection by design and data subject rights clash KU Leuven
Data protection by design (DPbD), a holistic approach to embedding principles in technical and organizational measures undertaken by data controllers, building on the notion of Privacy by Design, is now a qualified duty in the GDPR. Practitioners have seen DPbD less holistically, instead framing it through the confidentiality-focussed lens of privacy enhancing technologies (PETs). We show that some confidentiality-focussed DPbD strategies used ...
Ensuring Trust in Pharmaceutical Supply Chains by Data Protection by Design Approach to Blockchains KU Leuven
Pharmaceutical supply chains are complex structures that include various participants. Furthermore, blockchains are viewed as a promising solution to increase effectiveness and overcome some of the main challenges in these supply chains-especially lack of trust. The European Union (EU) set strict rules in the domain of pharmaceutical supply chains in order to protect patient safety and public health. In addition, blockchains bring legal ...
Better Data Protection by Design through multicriteria decision making: On false tradeoffs between privacy and utility KU Leuven
© 2017, Springer International Publishing AG. Data Protection by Design (DPbD, also known as Privacy by Design) has received much attention in recent years as a method for building data protection into IT systems from the start. In the EU, DPbD will become mandatory from 2018 onwards under the GDPR. In earlier work, we emphasized the multidisciplinary nature of DPbD. The present paper builds on this to argue that DPbD also needs a multicriteria ...
An Architectural View for Data Protection by Design KU Leuven
© 2019 IEEE. Data Protection by Design (DPbD) is a truly interdisciplinary effort that involves many stakeholders such as legal experts, requirements engineers, software architects, developers, and system operators. Building software-intensive systems that respect the fundamental rights to privacy and data protection is the result of intensive dialogue and careful trade-off decisions. In practice however, there is a dichotomy between the legal ...
A Comparison of System Description Models for Data Protection by Design KU Leuven
Since the General Data Protection Regulation (GDPR) entered into force, every actor involved in the processing of personal data must comply with Data Protection by Design (DPbD). Doing so requires assessing the risks to data subjects’ rights and freedoms and implementing appropriate countermeasures. While legal experts traditionally apply Data Protection Impact Assessments (DPIA), software engineers rely on threat modeling for their assessment. ...
A Brief History of Data Protection by Design - From multilateral security to Article 25(1) GDPR KU Leuven
Article 25(1) of the General Data Protection Regulation (“GDPR”) is the first provision that comes to mind when discussing data protection by design. Yet, the origins of that concept can be traced back to an idea that was already solidly established in the software engineering community before its adoption. Besides, the GDPR is not the first binding piece of legislation that incorporates such an obligation. This paper unravels the history of ...
Data Protection by Design for Cybersecurity Systems in a Smart Home Environment Vrije Universiteit Brussel
The present paper deals with the elucidation and implementation of the Data Protection by Design (DPbD) principle as recently introduced in the European Union data protection law, specifically with regards to cybersecurity systems in a Smart Home environment, both from a legal and a technical perspective. Starting point constitutes the research conducted in the Cyber-Trust project, which endeavours the development of an innovative and ...