"What makes Enforcing Privacy: Regulatory, Legal and Technological Approaches such an interesting and welcome book is that the editors are acutely aware of this silo problem and have sought to put together a book that overcomes it, or at the very least, acknowledges its existence. ... Academics, practitioners, regulators, policymakers and students will all find material of use in this book. ... The editors and contributors should be congratulated for producing this fine book." (Patrick O'Callaghan, International Journal of Law and Information Technology, Vol. 25 (4), 2017)
About the authors.- 1 Introduction to Enforcing Privacy; David Wright and Paul De Hert.- 2 Enforcing privacy; David Wright.- Countries.- 3 Failures of privacy self-regulation in the United States; Robert Gellman and Pam Dixon.- 4 From a model pupil to a problematic grown-up: Enforcing privacy and data protection in Hungary; Iván Székely.- 5 A tale of two privacies: Enforcing privacy with hard power and soft power in Japan; Hiroshi Miyashita.- 6 The Spanish experience of enforcing privacy norms: two decades of evolution from sticks to carrots; Artemio Rallo Lombarte.- 7 Data protection and enforcement in Latin America and in Uruguay; Ana Brian Nougrères.- International mechanisms.-8 The International Working Group on Data Protection in Telecommunications – contributions to transnational privacy enforcement;Alexander Dix.- 9 Enforcing privacy across different jurisdictions; Dan Svantesson.- 10 Cross-border breach notification; Blair Stewart.- 11 Responsive regulation of data privacy: theory and Asian examples; Graham Greenleaf.- 12 Enforcement and reform of the EU-US Safe Harbor Agreement Instruments; Chris Connolly and Peter van Dijk.- 13 How effective are fines in enforcing privacy?; Hazel Grant and Hannah Crowther.- 14 Enforcing privacy rights: Class action litigation and the challenge of cy pres; Marc Rotenberg and
David Jacobs.- 15 Data protection certification: Decorative or effective instrument? Audit and seals as a way to enforce privacy; Kirsten Bock.- 16 The co-existence of administrative and criminal law approaches to data protection wrongs; Paul De Hert and Gertjan Boulet.- 17 Whom to trust? Using technology to enforce privacy Challenges for the future; Daniel Le Métayer.-18 The Irish DPA and its approach to data protection; Billy Hawkes.- 19 Getting our act together: European Data Protection Authorities face up to Silicon Valley; Jacob Kohnstamm.- 20 Regaining control and sovereignty in the digital age; Jan Philipp Albrecht.- 21 Privacy enforcement in search of its base; James B. Rule.- Index.
David Wright is Director of Trilateral Research, a London-based research company, which he founded in 2004. He has been a partner in numerous projects funded by the European Commission involving privacy, surveillance, risk, security and ethics. He has published many articles in peer-reviewed journals. In addition to Enforcing Privacy, he co-edited and co-authored Privacy Impact Assessment (Springer 2012) with Paul De Hert. He was also principal editor of Surveillance in Europe (Routledge 2015).
Paul De Hert is an international fundamental rights expert, with work on human rights and criminal and surveillance law, constitutionalism and the impact of technology on law. He is interested both in legal practice and more fundamental reflections about law.
He is full professor at the Vrije Universiteit Brussel (VUB) being co-director of the Research Group Law Science Technology & Society (LSTS) and of the Brussels Privacyhub. He also teaches “Privacy and Data Protection” at the Tilburg Institute of Law, Technology, and Society (TILT).
This book demonstrates different approaches – regulatory, legal and technological – to enforcing privacy and data protection.
If regulators do not enforce laws or regulations or codes or do not have the resources, political support or wherewithal to enforce them, they effectively eviscerate and make meaningless such laws or regulations or codes, no matter how laudable or well-intentioned. In some cases, however, the mere existence of such laws or regulations, combined with a credible threat to invoke them, is sufficient for regulatory purposes. But the threat has to be credible. As some of the authors in this book make clear – it is a theme that runs throughout this book – “carrots” and “soft law” need to be backed up by “sticks” and “hard law”.
The authors of this book view privacy enforcement as an activity that goes beyond regulatory enforcement, however. In some sense, enforcing privacy is a task that befalls to all of us. Privacy advocates and members of the public can play an important role in combatting the continuing intrusions upon privacy by governments, intelligence agencies and big companies.
Contributors to this book – including regulators, privacy advocates, academics, SMEs, a Member of the European Parliament, lawyers and a technology researcher – share their views in the one and only book on Enforcing Privacy.