Advanced search
Publication Cover
International Review of Law, Computers & Technology Volume 28, 2014 - Issue 2: The future of data protection: collapse or revival?
Submit an article Journal homepage
3,763
Views
75
CrossRef citations to date
0
Altmetric
Original Articles

Privacy regulation cannot be hardcoded. A critical comment on the ‘privacy by design’ provision in data-protection law

Bert-Jaap KoopsTilburg University, 5000LETilburg, The NetherlandsCorrespondence[email protected]
&
Ronald LeenesTilburg University, 5000LETilburg, The Netherlands
Pages 159-171 | Received 18 Mar 2013, Published online: 01 Jul 2013

References

  • Albrecht, Jan Philipp. (2012). Draft Report on the (…) General Data Protection Regulation, 2/0011(COD), Committee on Civil Liberties, Justice and Home Affairs, European Parliament, 17 December 2012.
  • Article 29 Working Party. (2009). The Future of Privacy. Brussels: Article 29 Data Protection Working Party, 1 December 2009.
  • Article 29 Working Party. (2012). Opinion 08/2012 providing further input on the data protection reform discussions, 5 December 2012.
  • Brownsword, R. (2005). “Code, control, and choice: Why east is east and west is west.” Legal Studies 21: 1–21. doi: 10.1111/j.1748-121X.2005.tb00268.x
  • Camenisch, J. and A. Lysyanskaya. (2001). “An efficient system for non-transferable anonymous credentials with optional anonymity revocation.” In EUROCRYPT 2001, edited by, B. Pfitzmann., Vol. 2045, 93–118. Lecture Notes in Computer Science Berlin: Springer.
  • Cavoukian, A. (2010). “Privacy by design: The definitive workshop. A foreword.” Identity in the Information Society 3: 247–51. doi: 10.1007/s12394-010-0062-y
  • Chaum, D. (1981). “Untraceable electronic mail, return addresses, and digital pseudonyms.” Communications of the ACM 24 (no. 2): 84–8. doi: 10.1145/358549.358563
  • EDPS (European Data Protection Supervisor). (2009). The EDPS and EU Research and Technological Development. Policy Paper. Brussels: EDPS, 28 April 2008.
  • EDPS (European Data Protection Supervisor). (2011). Opinion of the European Data Protection Supervisor on the Communication (…) ‘A comprehensive approach on personal data protection in the European Union’. Brussels: EDPS, 14 January 2011.
  • European Commission, Communication on Promoting Data Protection by Privacy Enhancing Technologies, COM(2007) 228 final, 2 May 2007.
  • Gürses, S., C. Troncoso and C. Diaz. (2011). “Engineering privacy by design.” Computers, Privacy & Data Protection. Brussels, 25–27 January 2011, available at http://www.cosic.esat.kuleuven.be/publications/article-1542.pdf.
  • Hoepman, J. H. (2012). “Privacy design strategies. Working paper, 25 October 2012, available at http://arxiv.org/pdf/1210.6621.pdf.
  • Hornung, Gerrit (2012). “A general data protection regulation for Europe? Light and shade in the Commission's Draft of 25 January 2012.” SCRIPT-ed 9 (no. 1): 64–81. doi: 10.2966/scrip.090112.64
  • Information Commissioner's Office. (2012). Initial analysis of the European Commission's proposals for a revised data protection legislative framework, v1.0. 27 February 2012.
  • Konarski, X., D. Karwala, H. Schulte-Nölke, and S. Charlton. (2012). Reforming the data protection package. Brussels: European Parliament, IP/A/IMCO/ST/2012-02, September 2012.
  • Koops, Bert-Jaap (2006). “Should ICT regulation be technology-neutral?.” In Starting points for ICT regulation. Deconstructing prevalent policy one-liners, edited by B. J. Koops et al., 77–108. The Hague: T.M.C. Asser Press.
  • Koops, Bert-Jaap (2011). “The (in)flexibility of techno-regulation and the case of purpose-binding.” Legisprudence 5, no. 2: 171–94. doi: 10.5235/175214611797885701
  • Kuner, Christopher (2012). “The European Commission's proposed data protection regulation: A Copernican revolution in European data protection law.” Privacy and Security Law Report, February: 1–15.
  • Leenes, R., P. Bueso, S. Olislaegers, and B. Van den Berg. (2011). D2.5 Legal requirements. ENDORSE project deliverable.
  • Lessig, L. (1999). Code and other laws of cyberspace. New York: Basic Books.
  • Morgan, B., and K. Yeung. (2007). An introduction to law and regulation. Cambridge: Cambridge University Press.
  • Oberle, D., F. Drefs, R. Wacker, C. Baumann, and O. Raabe. (2012). “Engineering compliant software: Advising developers by automated legal reasoning.” SCRIPT-ed 9, no. 3, December 2012. doi: 10.2966/scrip.090312.280
  • OECD. (2001). Report on the OECD Forum Session on Privacy-Enhancing Technologies (PETs). Paris: OECD, 8 October 2001 http://www.oecd.org/officialdocuments/publicdisplaydocumentpdf/?cote=DSTI/ICCP/REG(2001)6/FINAL&docLanguage=En.
  • Olislaegers, S. (2012). “Early lessons learned in the ENDORSE project: Legal challenges and possibilities in developing data protection compliance software.” In Privacy and Identity 2011, edited by J. Camenisch et al., 73–87. IFIP AICT 375.
  • Pagallo, U. (2012). “On the principle of privacy by design and its limits: Technology, ethics and the rule of law.” In European data protection: In good health?, edited by S. Gutwirth et al., 331–46. Dordrecht: Springer.
  • Pocs, M. (2012). “Will the European Commission be able to standardise legal technology design without a legal method?.” Computer Law & Security Review 28: 641–50. doi: 10.1016/j.clsr.2012.09.008
  • Registratiekamer Information Privacy Commissioner and TNO. (1995). Privacy-enhancing technologies: The path to anonymity. Rijswijk, Toronto: Registratiekamer and Information and Privacy Commissioner.
  • Robinson, N., K. Wuyts, T. Heyman, R. Scandariato, Ch. Huygens, and W. Joosen. (2009). Review of the European Data Protection Directive. Cambridge: RAND Europe. Available at http://www.ico.gov.uk/upload/documents/library/data_protection/detailed_specialist_guides/review_of_eu_dp_directive.pdf.
  • Yeung, K. (2008). “Towards an understanding of regulation by design.” In Regulating technologies: Legal futures, regulatory frames and technological fixes, edited by R. Brownsword and K. Yeung, 79–107 Oxford: Hart Publishing.
  • Wuyts, K., et al. (2010). “Towards a reference framework for legal compliance: A detailed overview.” Computer CW Reports CW598. Available at http://www.cs.kuleuven.be/publicaties/rapporten/cw/CW598.abs.html.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.