Skip to main content Accessibility help
×
Home
Hostname: page-component-cf9d5c678-vbn2q Total loading time: 0.263 Render date: 2021-08-03T05:52:52.042Z Has data issue: true Feature Flags: { "shouldUseShareProductTool": true, "shouldUseHypothesis": true, "isUnsiloEnabled": true, "metricsAbstractViews": false, "figures": true, "newCiteModal": false, "newCitedByModal": true, "newEcommerce": true, "newUsageEvents": true }

The ‘Personal’ in Personal Data: Who is Responsible for Our Data and How Do We Get it Back?

Winner of Best in Category, Justis International Law and Technology Writing Competition 2020 for the Category of Social Media, Data and Privacy, by Janis Wong of the University of St Andrews

Published online by Cambridge University Press:  16 September 2020

Extract

In our data-driven society, every piece of technology that connects us to the internet collects our personal data (any information relating to an identified or identifiable natural person), building elaborate profiles on what we are doing, where we are, and even who we are. As data subjects (those about whom personal data are collected), we can no longer hide from data controllers (those who collect and determine what these data are used for). With every data breach and data sharing revelation from Cambridge Analytica to Google’s Project Nightingale, our personal data is becoming less personal, where data attached to our identity are no longer in our control and becomes harder for us to identify who is responsible.

Type
Shorter Articles
Copyright
Copyright © The Author(s) 2020. Published by British and Irish Association of Law Librarians

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

1 Surya Mattu and Kashmir Hill, ‘The House that Spied on Me’ Wired (2 February 2018) <https://gizmodo.com/the-house-that-spied-on-me-1822429852> accessed 30 November 2019.

2 Carole Cadwalladr and Emma Graham-Harrison, ‘Revealed: 50 million Facebook Profiles Harvested for Cambridge Analytica in Major Data Breach’ The Guardian (17 March 2018) <https://www.theguardian.com/news/2018/mar/17/cambridge-analytica-facebook-influence-us-election> accessed 30 November 2019.

3 Anonymous, ‘I'm the Google whistleblower. The Medical Data of Millions of Americans is at Risk’ The Guardian (14 November 2019) <https://www.theguardian.com/commentisfree/2019/nov/14/im-the-google-whistleblower-the-medical-data-of-millions-of-americans-is-at-risk> accessed 30 November 2019.

4 Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) [2016] OJ L119/1.

5 ibid art 15.

ibid

6 ibid art 17.

ibid

7 ibid art 22.

ibid

8 ibid rec 108.

ibid

9 Rachel Coldicutt, ‘Better than ethics’ (doteveryone, 28 November 2019) <https://www.doteveryone.org.uk/2019/11/better-than-ethics/> accessed 30 November 2019.

10 Custers, Bart, Sears, Alan M., Dechesne, Francien, Georgieva, Ilina, Tani, Tommaso, and van der Hof, Simone, ‘Conclusions’ in Custers, Bart, Sears, Alan M., Dechesne, Francien, Georgieva, Ilina, Tani, Tommaso, and van der Hof, Simone (eds), EU Personal Data Protection in Policy and Practice (T.M.C. Asser Press 2019)Google Scholar.

11 General Data Protection Regulation, art 6.

12 Christine Utz, Martin Degeling, Sascha Fahl, Florian Schaub, and Thorsten Holz. ‘(Un)informed Consent: Studying GDPR Consent Notices in the Field.’ (2019) ACM SIGSAC Conference on Computer and Communications Security (CCS ’19) < https://doi.org/10.1145/3319535.3354212> accessed 30 November 2019.

13 Case C-210/16 Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein v Wirtschaftsakademie Schleswig-Holstein GmbH ECLI:EU:C:2018:388.

14 Case C-40/17 Fashion ID GmbH & Co. KG v Verbraucherzentrale NRW eV ECLI:EU:C:2019:629.

15 Case C-25/17 Tietosuojavaltuutettu v Jehovan todistajat—uskonnollinen yhdyskunta ECLI:EU:C:2018:551.

16 Decode European Commission, ‘Reclaiming the Smart City: Personal Data, Trust, and the New Commons’ (July 2018) <https://media.nesta.org.uk/documents/DECODE-2018_report-smart-cities.pdf> accessed 30 November 2019.

17 VICE News, ‘China's “Social Credit System” Has Caused More Than Just Public Shaming (HBO)’ (12 December 2018) <https://www.youtube.com/watch?v=Dkw15LkZ_Kw&> accessed 30 November 2019.

18 Julia Angwin, Jeff Larson, Surya Mattu, and Lauren Kirchner, ‘Machine Bias’ Propublica (23 May 2016) <https://www.propublica.org/article/machine-bias-risk-assessments-in-criminal-sentencing> accessed 30 November 2019.

19 Sam Biddle, ‘Amazon's Ring Planned Neighborhood “Watch Lists” Built on Facial Recognition’ (The Intercept, 27 November 2019) <https://theintercept.com/2019/11/26/amazon-ring-home-security-facial-recognition/> accessed 30 November 2019.

20 Shoshana Zuboff, ‘Big Other: Surveillance Capitalism and the Prospects of an Information Civilization’ (2015) Journal of Information Technology 30, 75–89 < https://doi.org/10.1057/jit.2015.5.> accessed 30 November 2019.

21 Frank Pasquale, The Black Box Society: The Secret Algorithms That Control Money and Information (Harvard University Press 2015).

22 European Data Protection Board, ‘Guidelines’ (25 May 2018) <https://edpb.europa.eu/our-work-tools/our-documents/publication-type/guidelines_en> accessed 30 November 2019.

23 Jef Ausloos, René Mahieu, and Michael Veale, ‘Getting Data Subject Rights Right’ (25 November 2019) <osf.io/preprints/lawarxiv/e2thg> accessed 30 November 2019.

24 James Vincent, ‘The Problem with AI Ethics’ The Verge (3 April 2019) <https://www.theverge.com/2019/4/3/18293410/ai-artificial-intelligence-ethics-boards-charters-problem-big-tech> accessed 30 November 2019.

25 Adam Satariano and Matina Stevis-Gridneff, ‘Big Tech's Toughest Opponent Says She's Just Getting Started’ New York Times (19 November 2019) <https://www.nytimes.com/2019/11/19/technology/tech-regulator-europe.html> accessed 30 November 2019.

26 Sylvie Delacroix and Neil D Lawrence, ‘Bottom-up Data Trusts: Disturbing the ‘one size fits all’ Approach to Data Governance’ (2019) International Data Privacy Law <https://doi.org/10.1093/idpl/ipz014> accessed 30 November 2019.

27 Databox <https://www.databoxproject.uk/> accessed 30 November 2019.

28 Jumbo Privacy <https://www.jumboprivacy.com/> accessed 30 November 2019.

29 DoNotPay <https://donotpay.com/> accessed 30 November 2019.

30 Floridi, Luciano, ‘Group Privacy: A Defence and an Interpretation’ in Taylor, Linnet, Floridi, Luciano, and van der Sloot, Bart (eds), Group Privacy: New Challenges of Data Technologies (Springer International Publishing 2016)Google Scholar.

31 Raz, Joseph, The Morality of Freedom (Oxford University Press 1986)Google Scholar.

1
Cited by

Send article to Kindle

To send this article to your Kindle, first ensure no-reply@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about sending to your Kindle. Find out more about sending to your Kindle.

Note you can select to send to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be sent to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

Find out more about the Kindle Personal Document Service.

The ‘Personal’ in Personal Data: Who is Responsible for Our Data and How Do We Get it Back?
Available formats
×

Send article to Dropbox

To send this article to your Dropbox account, please select one or more formats and confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your <service> account. Find out more about sending content to Dropbox.

The ‘Personal’ in Personal Data: Who is Responsible for Our Data and How Do We Get it Back?
Available formats
×

Send article to Google Drive

To send this article to your Google Drive account, please select one or more formats and confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your <service> account. Find out more about sending content to Google Drive.

The ‘Personal’ in Personal Data: Who is Responsible for Our Data and How Do We Get it Back?
Available formats
×
×

Reply to: Submit a response

Please enter your response.

Your details

Please enter a valid email address.

Conflicting interests

Do you have any conflicting interests? *