Realising the right to data portability for the domestic Internet of Things

There is an increasing role for the IT design community to play in regulation of emerging IT. Article 25 of the EU General Data Protection Regulation (GDPR) 2016 puts this on a strict legal basis by establishing the need for information privacy by design and default (PbD) for personal data-driven technologies. Against this backdrop, we examine legal, commercial and technical perspectives around the newly created legal right to data portability (RTDP) in GDPR. We are motivated by a pressing need to address regulatory challenges stemming from the Internet of Things (IoT). We need to find channels to support the protection of these new legal rights for users in practice. In Part I we introduce the internet of things and information PbD in more detail. We briefly consider regulatory challenges posed by the IoT and the nature and practical challenges surrounding the regulatory response of information privacy by design. In Part II, we look in depth at the legal nature of the RTDP, determining what it requires from IT designers in practice but also limitations on the right and how it relates to IoT. In Part III we focus on technical approaches that can support the realisation of the right. We consider the state of the art in data management architectures, tools and platforms that can provide portability, increased transparency and user control over the data flows. In Part IV, we bring our perspectives together to reflect on the technical, legal and business barriers and opportunities that will shape the implementation of the RTDP in practice, and how the relationships may shape emerging IoT innovation and business models. We finish with brief conclusions about the future for the RTDP and PbD in the IoT

Copyright in the Palestinian territories : Setting the scene

Setting the scene of copyright in Palestine is the aim of this chapter. Section 2 highlights the main players and obstacles that effect and interact with upholding a copyright system in Palestine. In particular, it discusses the effect of the political and legislative status of Palestine on the ability to legislate copyright law. This discussion depends on the Oslo Accords—as the legal framework, the Palestinian Authority (PA)—as the self-governmental body in charge, and the Palestinian Legislative Council (PLC) which has ceased to function since 2007. Section 3 argues for the necessity of legislating copyright law in Palestine under the current legislative mechanism that is the Presidential Decrees, it supports its argument through showing the urgent need of the locals to have an effective copyright system in place, and highlights the link between copyright regulations and access to knowledge, especially in the current financial crises of the higher education in Palestine. Section 4 presents an overview of the current copyright law in Palestine and briefly assesses the law against the developments in the international copyright system. Section 5 argues for reform and advocates for switching to fair use as a flexible tool to exceptions and limitations on copyright

Data Privacy and Protection: The Role of Regulation and Implications for Data Controllers in Developing Countries

Part 5: Business Innovation and Data PrivacyInternational audienceAdvances in new technologies present challenges to general expectations relating to collection, usage and cross-border control and transfer of personal data in recent times. Data has become the critical component of the fourth industrial revolution in global economies involving governments, businesses, and individuals. This paper considers the recent introduction of Data Protection Regulation in Nigeria (NDPR), which can be adjudged to have novel compliance structures globally. Using a qualitative approach, and further enabled by the institutional theory as a framework the paper examines the implications of the NDPR requirements for Data Controllers and Processors in key sectors of the economy. Findings from the study shows that there are five key components of the NDPR that can compel, motivate or support organizations to make significant structural changes such as standardization of processes, practices and IT assets to show conformity and/or gain legitimacy. The study equally identified the factors that facilitate or inhibit the adoption and implementation of the conditions of the NDPR categorised in line with the three pillars of the institutional theory framework. These findings projects policy direction in enhancing the institutionalisation of NDPR measures across key sectors. It will also inform businesses on necessary cause of action and changes to ensure privacy and protection of personal data collected from data subjects