Post-Reform Personal Data Protection in the European Union. General Data Protection Regulation (EU) 2016/679

Post-Reform Personal Data Protection in the European Union, the first in English and in the market on this area, offers a comprehensive discussion of all principles of personal data processing, obligations of data controllers, and rights of data subjects in the context of General Data Protection Regulation (GDPR, i.e., Regulation (EU) 2016/679). Personal data protection has become one of the central issues in the understanding of the current world system. In this connection, the European Union (EU) has created the most sophisticated regime currently in force with the GDPR of 2016. GDPR will become applicable directly in all the Member States, providing for a unification of data protection rules within the EU. It, however, also poses a problem of enabling international trade and data transfers outside the EU between economies which have different data protection models in place. This book forms the core of the personal data protection regime. What’s in this book: Among the broad spectrum of aspects of the subject covered are the following: summary of the changes introduced by the GDPR; new territorial scope, key principles of personal data processing; legal bases for the processing of personal data; marketing, cookies, and profiling; new information clauses; new Subject Access Requests (SARs), including the ‘right to be forgotten’ on the Internet, the right to data portability, and the right to object to profiling; new data protection by design and by default; benefits from implementing a certificate; data transfers outside the EU, including Binding Corporate Rules (BCRs), Standard Contractual Clauses (SCCs), and special features of EU-US arrangements. This book references many rulings of European courts, as well as interpretations and guidelines formulated by European data protection authorities, examples and best practices, making it of great practical value to lawyers and business leaders. How this will help you: Because of the increase in legal certainty in this area guaranteed by the GDPR, multinational corporations and their customers and contractors will benefit enormously from consulting and using this book. For practitioners and academics, researching or advising clients on this area, and government policy advisors, this book provides an indispensable source of guidance and information for many years to come.

Introduction Chapter 1 Subject Matter and Objectives of the General Data Protection Regulation and Summary of Changes Introduced By It; The Context of Personal Data Protection in the European Union Chapter 2 Definitions of the Right to Privacy; Protection of Personal Data as One Aspect of This Right; Legal Foundations of the Right to Privacy in European Union Law; Scope of the Right to Privacy in European Union Case Law Chapter 3 Scope of Protection of Personal Data and Key Definitions Chapter 4 Key Principles of Personal Data Processing Chapter 5 Legal Bases for the Processing of Personal Data Chapter 6 Sensitive Data Chapter 7 The Obligation to Provide Information on Data Processing Chapter 8 The Rights of Access, Rectification and Objection (SAR – Subject Access Requests) Chapter 9 Data Controller and Data Processor: Their Respective Obligations and Relations; Data Protection by Design and by Default; Data Security; Notification of a Personal Data Breach; Data Protection Officer; Codes of Conduct and Certification Chapter 10 Transferring Personal Data to Non-EU/EEA Countries Chapter 11 Privacy in the Internet Age; Technology and Threats to Privacy Bibliography Index