134

toradh/torthaí

Focal/focail
Saghas foilseacháin
Réimse beartas
Údar
Eochairfhocal
Dáta

Directive on security of network and information systems (NIS Directive)

10-11-2020

Directive on security of network and information systems across the Union (Directive (EU) 2016/1148, NIS Directive) is the first horizontal EU cybersecurity legal act, which will be reviewed in 2020 with the aim to increase cybersecurity in the EU. The NIS Directive entered into force in August 2016 and Members States transposed it into national laws by 9 May 2018. The NIS Directive was designed to improve Member States' cybersecurity capabilities; the cooperation between Member States; and Member ...

Directive on security of network and information systems across the Union (Directive (EU) 2016/1148, NIS Directive) is the first horizontal EU cybersecurity legal act, which will be reviewed in 2020 with the aim to increase cybersecurity in the EU. The NIS Directive entered into force in August 2016 and Members States transposed it into national laws by 9 May 2018. The NIS Directive was designed to improve Member States' cybersecurity capabilities; the cooperation between Member States; and Member States' supervision of critical sectors. The Directive established a culture of risk management and incident reporting among key economic actors - operators providing essential services (OES) and Digital Service Providers (DSPs). The Directive also set out cooperation mechanisms, such as the NIS Cooperation Group and the network of national computer security incident response teams (CSIRTs).

The CJEU judgment in the Schrems II case

15-09-2020

In its July 2020 Schrems II judgment, the Court of Justice of the European Union (CJEU) declared the European Commission’s Privacy Shield Decision invalid on account of invasive US surveillance programmes, thereby making transfers of personal data on the basis of the Privacy Shield Decision illegal. Furthermore, the Court stipulated stricter requirements for the transfer of personal data based on standard contract clauses (SCCs). Data controllers or processors that intend to transfer data based on ...

In its July 2020 Schrems II judgment, the Court of Justice of the European Union (CJEU) declared the European Commission’s Privacy Shield Decision invalid on account of invasive US surveillance programmes, thereby making transfers of personal data on the basis of the Privacy Shield Decision illegal. Furthermore, the Court stipulated stricter requirements for the transfer of personal data based on standard contract clauses (SCCs). Data controllers or processors that intend to transfer data based on SCCs must ensure that the data subject is granted a level of protection essentially equivalent to that guaranteed by the General Data Protection Regulation (GDPR) and the EU Charter of Fundamental Rights (CFR) – if necessary with additional measures to compensate for lacunae in protection of third-country legal systems. Failing that, operators must suspend the transfer of personal data outside the EU.

Police Information Exchange - The future developments regarding Prüm and the API Directive

15-09-2020

This study, commissioned by the European Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs at the request of the LIBE Committee, aims to provide background information and policy recommendations concerning police information exchange and in particular the future developments regarding Prüm and the API Directive (Directive 2004/82/EC).

This study, commissioned by the European Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs at the request of the LIBE Committee, aims to provide background information and policy recommendations concerning police information exchange and in particular the future developments regarding Prüm and the API Directive (Directive 2004/82/EC).

Údar seachtarach

Dr Niovi VAVOULA, Queen Mary University of London

Lifting coronavirus restrictions: The role of therapeutics, testing, and contact-tracing apps

16-07-2020

In the absence of vaccines and treatments for Covid-19, any easing of restrictions to freedom of movement and social life needs to be accompanied by enhanced monitoring measures, such as expanded testing capacity and improved contact tracing, including use of appropriate digital technologies. There are very few certainties about the coronavirus pandemic, but perhaps one is that no isolated measure or silver-bullet solution is likely to solve all aspects of the crisis. A flexible and integrated strategy ...

In the absence of vaccines and treatments for Covid-19, any easing of restrictions to freedom of movement and social life needs to be accompanied by enhanced monitoring measures, such as expanded testing capacity and improved contact tracing, including use of appropriate digital technologies. There are very few certainties about the coronavirus pandemic, but perhaps one is that no isolated measure or silver-bullet solution is likely to solve all aspects of the crisis. A flexible and integrated strategy, based on complementary tools and measures (therapeutics, testing and contact tracing) and a coordinated approach across the EU are key to gradually lifting restrictions and to going back to the (new) normal.

Digital sovereignty for Europe

02-07-2020

There is growing concern that the citizens, businesses and Member States of the European Union (EU) are gradually losing control over their data, over their capacity for innovation, and over their ability to shape and enforce legislation in the digital environment. Against this background, support has been growing for a new policy approach designed to enhance Europe's strategic autonomy in the digital field. This would require the Union to update and adapt a number of its current legal, regulatory ...

There is growing concern that the citizens, businesses and Member States of the European Union (EU) are gradually losing control over their data, over their capacity for innovation, and over their ability to shape and enforce legislation in the digital environment. Against this background, support has been growing for a new policy approach designed to enhance Europe's strategic autonomy in the digital field. This would require the Union to update and adapt a number of its current legal, regulatory and financial instruments, and to promote more actively European values and principles in areas such as data protection, cybersecurity and ethically designed artificial intelligence (AI). This paper explains the context of the emerging quest for 'digital sovereignty', which the coronavirus pandemic now seems to have accelerated, and provides an overview of the measures currently being discussed and/or proposed to enhance European autonomy in the digital field.

The impact of the General Data Protection Regulation (GDPR) on artificial intelligence

25-06-2020

This study addresses the relation between the EU General Data Protection Regulation (GDPR) and artificial intelligence (AI). It considers challenges and opportunities for individuals and society, and the ways in which risks can be countered and opportunities enabled through law and technology. The study discusses the tensions and proximities between AI and data protection principles, such as in particular purpose limitation and data minimisation. It makes a thorough analysis of automated decision-making ...

This study addresses the relation between the EU General Data Protection Regulation (GDPR) and artificial intelligence (AI). It considers challenges and opportunities for individuals and society, and the ways in which risks can be countered and opportunities enabled through law and technology. The study discusses the tensions and proximities between AI and data protection principles, such as in particular purpose limitation and data minimisation. It makes a thorough analysis of automated decision-making, considering the extent to which it is admissible, the safeguard measures to be adopted, and whether data subjects have a right to individual explanations. The study then considers the extent to which the GDPR provides for a preventive risk-based approach, focused on data protection by design and by default.

Údar seachtarach

DG, EPRS_The study was led by Professor Giovanni Sartor, European University Institute of Florence, at the request of the Panel for the Future of Science and Technology (STOA) and managed by the Scientific Foresight Unit, within the Directorate-General for Parliamentary Research Services (EPRS) of the Secretariat of the European Parliament. It was co-authored by Professor Sartor and Dr Francesca Lagioia, European University Institute of Florence, working under his supervision.

Understanding EU data protection policy

20-05-2020

The near-ubiquity of data in the lives of ordinary people, along with its exponential growth in generation rate and potential misuse, has made the protection of personal information an increasingly important social, legal and political matter for the EU. In recent years, both awareness of data rights and expectations for EU action in this area have grown considerably. The right to privacy and the right to protection of personal data are both enshrined in the Charter of Fundamental Rights of the EU ...

The near-ubiquity of data in the lives of ordinary people, along with its exponential growth in generation rate and potential misuse, has made the protection of personal information an increasingly important social, legal and political matter for the EU. In recent years, both awareness of data rights and expectations for EU action in this area have grown considerably. The right to privacy and the right to protection of personal data are both enshrined in the Charter of Fundamental Rights of the EU and the EU Treaties. The entry into force of the Lisbon Treaty in 2009 gave the Charter the same legal value as the Treaties and abolished the pillar structure, providing a stronger basis for a more effective and comprehensive data protection regime in the EU. In 2012, the European Commission launched an ambitious reform to modernise the EU data protection framework. It resulted in the adoption in 2016 of the main EU data protection legislative instrument – the General Data Protection Regulation (GDPR) – and the Law Enforcement Directive. The framework overhaul also included adopting an updated Regulation on Data Processing in the EU Institutions and reforming the ePrivacy Directive, pending in the Council since September 2017. The European Parliament has played a major role in passing these reforms, both as co-legislator and author of own-initiative reports and resolutions seeking to guarantee a high level of data protection to EU citizens. Last but not least, the European Court of Justice has also played an important part in building the EU data protection framework, with several landmark judgments delivered in recent years. In the coming years, potential challenges to the data protection framework include the question of how to adapt the GDPR to emerging technologies such as artificial intelligence, facial recognition technology and the Internet of Things. Potential fragmentation issues include differing Member State interpretations of consent for data processing, while compliance burdens for SMEs and insufficient resources for data protection authorities may present challenges for enforcement. The European Commission is expected to address these issues in its upcoming evaluation of the GDPR.

National COVID-19 contact tracing apps

15-05-2020

While the coordination of cross-border interoperable COVID-19 contact tracing apps is a competence of the European Commission, their development is a national competence. This short briefing summarises the current efforts towards, functionalities of and technical decisions on the development of national COVID-19 apps, with a focus on the ongoing centralised vs. decentralised approach and the interoperability of different apps across Europe. All Member States and the Commission consider the interoperability ...

While the coordination of cross-border interoperable COVID-19 contact tracing apps is a competence of the European Commission, their development is a national competence. This short briefing summarises the current efforts towards, functionalities of and technical decisions on the development of national COVID-19 apps, with a focus on the ongoing centralised vs. decentralised approach and the interoperability of different apps across Europe. All Member States and the Commission consider the interoperability of the apps and backend servers to be essential for the effective tracing of cross-border infection chains, especially for cross-border workers and neighbouring countries. Ultimately, this effort will support the gradual lifting of border controls within the EU and the restoration of the single market’s integrity.

Tracking mobile devices to fight coronavirus

20-04-2020

Governments around the world have turned to digital technologies to tackle the coronavirus crisis. One of the key measures has been to use mobile devices to monitor populations and track individuals who are infected or at risk. About half of the EU’s Member States have taken location-tracking measures in response to the spread of the coronavirus disease, mainly by working with telecommunications companies to map population movements using anonymised and aggregate location data and by developing applications ...

Governments around the world have turned to digital technologies to tackle the coronavirus crisis. One of the key measures has been to use mobile devices to monitor populations and track individuals who are infected or at risk. About half of the EU’s Member States have taken location-tracking measures in response to the spread of the coronavirus disease, mainly by working with telecommunications companies to map population movements using anonymised and aggregate location data and by developing applications (apps) for tracking people who are at risk. The European Commission has called for a common EU approach to the use of mobile apps and mobile data to assess social distancing measures, support contact-tracing efforts, and contribute to limiting the spread of the virus. While governments may be justified in limiting certain fundamental rights and freedoms in order to take effective steps to fight the epidemic, such exceptional and temporary measures need to comply with applicable fundamental rights standards and EU rules on data protection and privacy. This briefing discusses location-tracking measures using mobile devices in the context of the Covid 19 crisis. It describes initiatives in EU Member States and provides a brief analysis of fundamental rights standards and the EU policy framework, including applicable EU rules on data protection and privacy.

New aspects and challenges in consumer protection - Digital services and artificial intelligence

15-04-2020

The study addresses the new challenges and opportunities for digital services that are provided by artificial intelligence, in particular which regard to consumer protection, data protection, and providers’ liability. The discussion addresses the way in which digital services rely on AI for processing consumer data and for targeting consumers with ads and other messages, with a focus on risks to consumer privacy and autonomy, as well as on the possibility of developing consumer-friendly AI applications ...

The study addresses the new challenges and opportunities for digital services that are provided by artificial intelligence, in particular which regard to consumer protection, data protection, and providers’ liability. The discussion addresses the way in which digital services rely on AI for processing consumer data and for targeting consumers with ads and other messages, with a focus on risks to consumer privacy and autonomy, as well as on the possibility of developing consumer-friendly AI applications. Also addressed is the relevance of AI for the liability of service providers in connection with the use of AI systems for detecting and responding to unlawful and harmful content. This document was provided/prepared by Policy Department A at the request of the Committee on the Internal Market and Consumer Protection.

Údar seachtarach

Prof. Giovanni SARTOR

Imeachtaí atá ar na bacáin

15-03-2021
EPRS online Book Talk with Vivien Schmidt: Legitimacy and power in the EU
Imeacht eile -
EPRS
16-03-2021
EPRS online policy roundtable: New European Bauhaus
Imeacht eile -
EPRS
17-03-2021
Hearing on Responsibilities of transport operators and other private stakeholders
Éisteacht -
ANIT

Pairtnéirí