Hostname: page-component-cd9895bd7-8ctnn Total loading time: 0 Render date: 2024-12-25T13:18:52.506Z Has data issue: false hasContentIssue false

An Analysis of the GDPR Compliance Issues Posed by New Emerging Technologies

Published online by Cambridge University Press:  28 November 2022

Abstract

New emergent technologies, like cloud computing, blockchain, the ‘internet of things’, and artificial intelligence (AI), have received significant attention from research and industry. Public and private organisations benefit from these technologies, but the privacy of individuals is threatened. This research paper, by Varda Mone and CLV Sivakumar, analyses the existing data protection laws with respect to new emerging technologies like AI, big data, and algorithms. The purpose is first, to discuss and analyse the impact and emergence of modern concepts like big data, algorithms and artificial intelligence (AI), Cloud computing, and the ‘internet of things’, etc mainly in light of GDPR (General Data Protection Regulation) provisions. The article examines the challenges of GDPR compliance posed by the features of these technologies, both individually and collectively. Due to the unique features of these technologies, we are able to identify areas of compliance that needed attention. With regard to the compliance issues identified, we discuss possible solutions as well as raise new questions for further investigation. It is not an exhaustive assessment of these fields but an attempt is made to shed light on a few of them from a data protection perspective.

Type
Current Interests
Copyright
Copyright © The Author(s), 2022. Published by British and Irish Association of Law Librarians

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

McDonald, Aleecia M and Lowenthal, Tom, ‘Nano-Notice: Privacy Disclosure at a Mobile Scale’ (2013) 3 Journal of Information Policy 331354. https://www.jstor.org/stable/10.5325/jinfopoli.3.2013.0331 accessed on 28-10-2019.CrossRefGoogle Scholar
Kak, Amba Uttara, ‘Cambridge Analytica and the Political Economy of Persuasion’ (Engage Economic Political Weekly, 18 May 2018). Available at: Cambridge Analytica and the Political Economy of Persuasion | Economic and Political Weekly (epw.in)Google Scholar
Masoud Barati, Ioan Petri, and Omer F Rana, ‘Developing GDPR Compliant User Data Policies for Internet of Things’ in Proceedings of the 12th IEEE/ACM International Conference on Utility and Cloud Computing, Auckland, NZ (IEEE, 2019).CrossRefGoogle Scholar
Ly, Branden, ‘Never Home Alone: Data Privacy Regulations for the Internet of Things’ (2017) U. Ill. J.L. Tech. & Poly 539. Available on Hein online.Google Scholar
Burri, Mira, and Schär, Rahel, ‘The Reform of the EU Data Protection Framework: Outlining Key Changes and Assessing Their Fitness for a Data-Driven Economy’ (2016) 6 Journal of Information Policy 6, no. 2016, 479511.CrossRefGoogle Scholar
Council of Europe, Consultative Committee of Convention 108, Guidelines on the protection of individuals with regard to the processing of personal data in a world of Big Data, 23 January 2017, p. 2, available at https://rm.coe.int/16806ebe7a.Google Scholar
Draft E-Commerce Policy, Department for the Promotion of Industry and Internal Trade, 23 February 2019. Available at: https://dipp.gov.in/sites/default/files/DraftNational_e-commerce_Policy_23February2019.pdfGoogle Scholar
European Commission, Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions towards a thriving data economy (July 2014) https://ec.europa.eu/transparency/regdoc/rep/1/2014/EN/1-2014-442-EN-F1-1.Pdf.Google Scholar
‘European Parliament resolution of 14 March 2017 on fundamental rights implications of Big Data: privacy, data protection, non-discrimination, security and law-enforcement’ https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52017IP0076.Google Scholar
European Parliament, European Civil Law Rules in Robotics, (Directorate-General for Internal Policies, 2016), no. 14Google Scholar
Gobeo, A, Fowler, C. and Buchanan, W. J., GDPR and Cyber Security for Business Information Systems (Gistrup Denmark: River Publishers, 2018). https://obamawhitehouse.archives.gov/sites/default/files/microsites/ostp/2016_0504_data_discrimination.pdf.Google Scholar
Kaplan, Andreas and Haenlein, Michael, ‘Siri, Siri, in My Hand: Who's the Fairest in the Land? On the Interpretations, Illustrations, and Implications of Artificial Intelligence’ (2019) 62(1) Business Horizons (Elsevier Ltd) 1525.Google Scholar
Lindqvist, J, ‘New Challenges to Personal Data Processing Agreements: Is the GDPR Fit to Deal with Contract, Accountability and Liability in a World of the Internet of Things?’ (2018) 26(1) International Journal of Law and Information Technology 4563.CrossRefGoogle Scholar
Schwartz, Paul M, ‘Information Privacy in the Cloud’ (2013) 161 University of Pennsylvania Law Review 16231662 https://www.jstor.org/stable/23527814 accessed: 28-10-2019.Google Scholar
Arora, Payal, ‘Politics of Algorithms, Indian Citizenship, and the Colonial Legacy’ in Punathambekar, Aswin and Mohan, Sriram, Global Digital Cultures Book Subtitle: Perspectives from South Asia (University of Michigan Press 2019). https://www.jstor.org/stable/j.ctvndv9rb.5Google Scholar
Matthan, Rahul, Privacy 3.0: Unlocking Our Data-Driven Future (Harper Collins Publishers India 2018).Google Scholar
Schroeder, Ralph, Big data: shaping knowledge, shaping everyday life (UCL Press 2018). https://www.jstor.org/stable/j.ctt20krxdr.9Google Scholar
Solove, Daniel, ‘Privacy Self-management and Consent Dilemma’ (2013) Harvard Law Review 18801903. https://harvardlawreview.org/wp-content/uploads/pdfs/vol126_solove.pdf.Google Scholar
Russel, Stuart and Norvig, Peter, Artificial Intelligence: a Modern Approach (3rd ed, Alan Apt, 2009, Upper Saddle River, New Jersey: Prentice Hall) p 2. https://www.cin.ufpe.br/~tfl2/artificial-intelligence-modern-approach.9780131038059.25368.pdf.Google Scholar
Kshetri, Nir, ‘Privacy and Security Issues in Cloud Computing: The Role of Institutions and Institutional Evolution’ (2013) 37(4-5) Telecommunications Policy 372–86CrossRefGoogle Scholar
Lenard, Thomas M. and Rubin, Paul H., ‘Big Data, Privacy and the Familiar Solutions’ (2015) 11 J.L. Econ. & Poly 1. Available on Hein online.Google Scholar
Mayer-Schonberger, Viktor and Cukier, Kenneth, Big Data: A Revolution that Will Transform How We Live, Work and Think (John Murray, 2013) 153.Google Scholar
‘Transcript of Mark Zuckerberg's Senate Hearing’ Washington Post, (10 April 2018).https://www.washingtonpost.com/news/the-switch/wp/2018/04/10/transcript-of-mark-zuckerbergs-senate-hearing/Google Scholar
‘Big Data: A Report on Algorithmic Systems, Opportunity, and Civil Rights’ (White House Report May 2016)Google Scholar
Weir, William, ‘Fitbit Founder and Upcoming Tech Summit Speaker Eric Friedman is an ‘Eternally Optimistic’ Entrepreneur’ Yale News (25 Oct 2016). https://news.yale.edu/2016/10/25/fitbit-founder-and-upcoming-tech-summit-speaker-eric-friedman-eternally-optimistic-entrepGoogle Scholar
Avital, Michel et al, ‘Jumping on the Blockchain Bandwagon: Lessons of the Past and Outlook to the Future’ in Proceedings of the 37th International Conference on Information Systems, Dublin, Ireland (Association for Information Systems, 2016).Google Scholar
Venters, Will and Whitley, Edgar A, ‘A Critical Review of Cloud Computing: Researching Desires and Realities’ (2012) 27(3) Journal of Information Technology 179–97.CrossRefGoogle Scholar