Hasil Pencarian  ::  Simpan CSV :: Kembali

"EU data protection law imposes a series of requirements designed to protect individuals against the risks that result from the processing of their data. It also distinguishes among different types of actors involved in the processing, setting out different obligations for each actor. The most important distinction in this regard is the distinction between "controllers" and "processors". Together, these concepts provide the very basis upon which responsibility for compliance with EU data protection law is allocated. As a result, both concepts play a decisive role in determining the potential liability of an organisation under EU data protection law, including the General Data Protection Regulation (GDPR). Technological and societal developments have made it increasingly difficult to apply the controller-processor model in practice. The main factors are the growing complexity of processing operations, the diversification of processing, services and the sheer number of actors that can be involved. Against this background, this book seeks to determine whether EU data protection law should continue to maintain the controller-processor model as the main basis for allocating responsibility and liability. This book provides its readers with the analytical framework to help them navigate the intricate relationship of roles, responsibility and liability under EU data protection law. The book begins with an in-depth analysis of the nature and role of the controller and processor concepts. The key elements of each are examined in detail, as is the associated allocation of responsibility and liability. The next part contains a historical-comparative analysis, which traces the origin and development of the controller-processor model over time. To identify the main problems that occur when applying the controller-processor model in practice, a number of real-life use cases are examined (cloud computing, social media, identity management and search engines). In the final part, a critical evaluation is made of the choices made by the European legislature in the context of the GDPR. It is clear that the GDPR has introduced considerable improvements in comparison to EU Directive 95/46. In the long run, however, further changes may well be necessary. By way of conclusion, a number of avenues for possible improvements are presented. Dr Brendan Van Alsenoy is a Legal Advisor at the Belgian Data Protection Authority and a senior affiliated researcher at the KU Leuven Centre for IT & IP Law, and co-editor of Privacy & Persoonsgegevens. He has previously worked as a legal researcher at the KU Leuven Centre for IT & IP Law, with a focus on data protection and privacy, intermediary liability and trust services. In 2012, he worked at the Organisation for Economic Co-operation and Development (OECD) to assist in the revision of the 1980 OECD Privacy Guidelines."

"Tesis ini membahas mengenai pembentukan peraturan keamanan data European Union General Data Protection Regulation (EU GDPR). Uni Eropa berhasil menetapkan EU GDPR pada tahun 2016, disaat negara-negara masih kesulitan menghasilkan kebijakan keamanan yang dapat menjangkau ranah siber secara efektif. Peraturan tersebut berbentuk regulasi sehingga tidak membutuhkan ratifikasi tingkat nasional, sedangkan belum semua negara anggota Uni Eropa memiliki aturan dasar mengenai keamanan siber. Sehingga menjadi pertanyaan mengapa Uni Eropa berhasil membentuk EU GDPR tanpa mendapatkan penolakan dari badan-badan Uni Eropa. Penelitian dilakukan menggunakan metode kualitatif dan teori neofungsionalisme sebagai kerangka analisis. Neofungsionalisme melihat adanya fenomena spillover dalam terjadinya integrasi di Eropa. Tiga variabel spillover yaitu functional spillover, political spillover dan cultivated spillover menjadi faktor-faktor yang mempengaruhi pembentukan kebijakan. Berdasarkan faktor-faktor tersebut disimpulkan bahwa peran badan supranasional merupakan kunci penting pada proses integrasi penyebab berhasilnya pembentukan EU GDPR.......This thesis examines the establishment of EU's new data protection regulation, European Union General Data Protection Regulation (EU GDPR). EU officially signed EU GDPR in 2016, at the moment when states are still in the hassle of procuring a security policy which able to reach the cyberspace effectively. With the form of an EU regulation the EU GDPR do not have to go through ratification on national level, whereas many of EU countries still haven't set their own basic law on cyber security yet. Thus, it brings up the question on why EU's managed to establish EU GDPR without any objections from the EU bodies. This study uses quantitative methodology and neofunctionalism theory as the analytical framework. Neofunctionalism recognize the spillover phenomenon in the occurrence of European Integration. Three variables of spillover: functional spillover, political spillover and cultivated spillover are the main factors which decides the result of the policy agreement. Based on those factors it can be concluded that supranational bodies within EU act as the important key regarding the process of integration which lead to the successful establishment of EU GDPR."

"Dalam era teknologi yang berkembang pesat, risiko pelanggaran privasi meningkat secara signifikan. Penggunaan luas teknologi informasi dan pengumpulan data pribadi menghadirkan ancaman terhadap individu dan organisasi. Perkembangan teknologi, terutama Artificial Intelligence (AI), memberikan tantangan baru dalam menjaga privasi karena banyaknya data pribadi yang terkumpul dan berpotensi disalahgunakan. Perangkat smart home berbasis Internet of Things (IoT) semakin populer, dengan perkiraan pemilik ekosistem smart home di Indonesia mencapai 14.4 juta pada 2026. Namun, peningkatan penggunaan perangkat ini juga berhubungan dengan lonjakan kasus pelanggaran data sebesar 200% dalam lima tahun terakhir. Setiap individu memiliki hak atas perlindungan privasi, tetapi terdapat kebingungan mengenai pertanggungjawaban atas pelanggaran data. Hal ini terkait dengan prinsip household exemption dalam regulasi, yang mengesampingkan pemrosesan data pribadi untuk aktivitas rumah tangga. Skripsi ini akan mengkaji pertanggungjawaban pengendali data pribadi, terutama oleh produsen dan pemilik rumah sebagai joint controller, terkait kebocoran data dari perangkat smart home berbasis IoT dengan mempertimbangkan prinsip household exemption. Penelitian ini akan membandingkan regulasi perlindungan data pribadi di Indonesia dan Uni Eropa serta menggunakan pendekatan yuridis normatif dan studi komparatif. Melalui pembelajaran dari Uni Eropa, regulator, pengendali data pribadi, dan lembaga otoritas perlindungan data di Indonesia dapat mengambil langkah untuk memperkuat perlindungan data pribadi, termasuk klarifikasi tentang pertanggungjawaban pengendali data bersama di masa depan.......In a tech-driven era, rising risks primarily include privacy breaches for individuals and organizations due to extensive technology use and personal data collection. Swift technological advancements pose new challenges in safeguarding privacy, with vast amounts of personal data susceptible to misuse by unauthorized entities. Artificial Intelligence (AI) stands as a swiftly evolving technology impacting various aspects of human life, notably in home settings. The market already features diverse Internet of Things (IoT)-based smart home devices, expected to reach 14.4 million owners in Indonesia by 2026, encompassing popular gadgets like smart lighting, security, and thermostats. However, these advancements correlate with a 200% surge in data breach incidents over the past five years. Every individual deserves personal protection, yet confusion persists regarding liability for data breaches. Regulations like the Personal Data Protection Act and the General Data Protection Regulation exclude household data processing from their scope, termed the household exemption principle. This thesis will explore the responsibility of data controllers, particularly producers and homeowners as joint controllers, when personal data leaks from IoT-based smart home devices while considering the household exemption principle. It will compare Indonesian data protection regulations with the European Union's standards and employ normative juridical approaches and comparative studies. Learning from the EU's practices, future steps by regulators, data controllers, and protection authorities can enhance Indonesia's data protection landscape, particularly in clarifying joint data controller responsibilities."