Below you'll find a list of all posts that have been categorized as “Lawful Conduct”
As new digital technologies such as AI, the Internet of Things, big data, advanced robotics emerge bringing forth new products, platforms and services (smart environments, autonomous cars, robots and drones, face recognition cameras, etc.), the allocation of liability when things go wrong can prove complex. In the case of collaborative information management systems, there are several cross-cutting legal instruments that …
The recently adopted General Data Protection Regulation (GDPR) stipulates that an assessment of the relevant privacy consequences should be carried out by the data controller before putting a new technology in place (art. 35 GDPR). This evaluation is compulsory if the data processing poses a high risk to the rights of natural persons. This assessment is not a one-time event …
The persons whose data is being processed — so-called data subjects such as victims, first responders, volunteers — have a number of specific rights. The architecture of any collaborative information management system should foresee the exercise of these distinctive rights and accommodate the increased control of data subjects. The EU’s General Data Protection Regulation significantly increased the rights of data …
In any collaborative information management system, data controllers must be assigned who will be liable in case something goes wrong. This responsibility could be spread over or divided between multiple different parties. Within the context of the GDPR, a distinction is made between data controllers and data processors in order to allocate the responsibilities that flow from its provisions. A …
In the case of a cross-border disaster, different national responder agencies might exchange personal information. For example, in EPISECC, establishing interoperability between the information tools of different national agencies is one of the explicit goals of the project. The question might arise whether a national agency is allowed to communicate the information it gathers to the agency of a different …
The EU’s data protection regime includes a number of exceptions to the application of its framework of rights and responsibilities. These provide the basis for the processing of information in light of certain contexts. They are strongly related to the operation of a collaborative information management system as they can provide ways of legitimately processing data in an emergency situation. …
In designing collaborative information management processes or systems it is critical to know whether or not personal information will be exchanged between the different agencies. If so, those who host, and those who use such systems will need to comply with the regulatory frameworks that protects the usage of personal data. Within the EU, the processing of personal data is …
