TY - JOUR
T1 - Big Data and the Reform of the European Data Protection Framework:
T2 - An Overview of Potential Concerns Associated with Proposals for Risk Management-based Approaches to the Concept of Personal Data.
AU - Pearce, Henry
N1 - This is an Accepted Manuscript of an article published by Taylor & Francis in Information & Communications Technology Law on September 2017, available online: http://www.tandfonline.com/doi/abs/10.1080/13600834.2017.1375237.
Under embargo. Embargo end date: 2 March 2019.
PY - 2017/9/10
Y1 - 2017/9/10
N2 - This article considers the emergence of big data and how it poses considerable difficulties for the European Data Protection framework’s key enabling concept: the notion of personal data. The article starts by outlining the fact that there is an emerging body of opinion which suggests some of these problems might best be addressed by adopting a risk management-based model of personal data. This, it is argued, is suggestive of the emergence of a possible fusion between the disciplines of data protection law and risk management. The article contends, however, that there are several complications associated with the adoption of risk management-based regulatory strategies which have to date not been meaningfully explored in the legal and regulatory literature pertaining to data protection. Consequently, these are issues in need of address. Whilst not intending to counsel against the adoption of risk management-based regulatory strategies the aim of this article is to begin bridging the metaphorical “gap” between legal, regulatory, and risk research and management discourses, to stoke much-needed debate in this topical area. To this end, the article highlights several areas which are in need of further consideration, and where there will likely be possibilities for future inter-disciplinary research.
AB - This article considers the emergence of big data and how it poses considerable difficulties for the European Data Protection framework’s key enabling concept: the notion of personal data. The article starts by outlining the fact that there is an emerging body of opinion which suggests some of these problems might best be addressed by adopting a risk management-based model of personal data. This, it is argued, is suggestive of the emergence of a possible fusion between the disciplines of data protection law and risk management. The article contends, however, that there are several complications associated with the adoption of risk management-based regulatory strategies which have to date not been meaningfully explored in the legal and regulatory literature pertaining to data protection. Consequently, these are issues in need of address. Whilst not intending to counsel against the adoption of risk management-based regulatory strategies the aim of this article is to begin bridging the metaphorical “gap” between legal, regulatory, and risk research and management discourses, to stoke much-needed debate in this topical area. To this end, the article highlights several areas which are in need of further consideration, and where there will likely be possibilities for future inter-disciplinary research.
KW - big data
KW - data protection
KW - personal data
KW - risk management
KW - regulation
U2 - 10.1080/13600834.2017.1375237
DO - 10.1080/13600834.2017.1375237
M3 - Article
SN - 1360-0834
VL - 26
SP - 312
EP - 335
JO - Information and Communications Technology Law
JF - Information and Communications Technology Law
IS - 3
ER -