Applying the Purpose Limitation Principle in Smart-City Data-Processing Practices: A European Data Protection Law Perspective

IF 0.2 Q4 LAW
Kamrul Faisal
{"title":"Applying the Purpose Limitation Principle in Smart-City Data-Processing Practices: A European Data Protection Law Perspective","authors":"Kamrul Faisal","doi":"10.1080/10811680.2023.2180266","DOIUrl":null,"url":null,"abstract":"Abstract Protection of privacy rights in the context of smart cities is novel, currently underdeveloped, and a hot topic worldwide. This article examines the purpose limitation of European data protection law in the context of smart cities. The “purpose limitation” principle of the General Data Protection Regulation (GDPR) outlines the ways and means of processing personal data to protect individuals’ fundamental right to personal data protection and related risks. The principle, which empowers controller(s) to process data in a controlled manner, requires that controller(s) process personal data only after meeting two fundamental requirements: they must act on the requirements of purpose specification, and they must perform an “incompatibility test” while processing personal data for further purposes. This article aims to outline the permissible limits of the purpose limitation principle to pursue different purposes in the context of smart cities. Indeed, the principle only applies when controllers process personal data in smart cities. With the authority provided by the principle, data controllers may process personal data for primary and secondary purposes. However, processing purposes cannot go beyond defined restrictions. The study, which is conducted within the European legal framework, deploys a multimethod approach to address different parts of the research question.","PeriodicalId":42622,"journal":{"name":"Communication Law and Policy","volume":"28 1","pages":"67 - 97"},"PeriodicalIF":0.2000,"publicationDate":"2023-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Communication Law and Policy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/10811680.2023.2180266","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"LAW","Score":null,"Total":0}
引用次数: 1

Abstract

Abstract Protection of privacy rights in the context of smart cities is novel, currently underdeveloped, and a hot topic worldwide. This article examines the purpose limitation of European data protection law in the context of smart cities. The “purpose limitation” principle of the General Data Protection Regulation (GDPR) outlines the ways and means of processing personal data to protect individuals’ fundamental right to personal data protection and related risks. The principle, which empowers controller(s) to process data in a controlled manner, requires that controller(s) process personal data only after meeting two fundamental requirements: they must act on the requirements of purpose specification, and they must perform an “incompatibility test” while processing personal data for further purposes. This article aims to outline the permissible limits of the purpose limitation principle to pursue different purposes in the context of smart cities. Indeed, the principle only applies when controllers process personal data in smart cities. With the authority provided by the principle, data controllers may process personal data for primary and secondary purposes. However, processing purposes cannot go beyond defined restrictions. The study, which is conducted within the European legal framework, deploys a multimethod approach to address different parts of the research question.
目的限制原则在智能城市数据处理实践中的应用:欧洲数据保护法视角
摘要智能城市背景下的隐私权保护是一个新颖的、目前还不发达的、世界范围内的热门话题。本文考察了欧洲数据保护法在智能城市背景下的目的限制。《通用数据保护条例》(GDPR)的“目的限制”原则概述了处理个人数据的方式和方法,以保护个人数据保护的基本权利和相关风险。该原则授权控制者以可控的方式处理数据,要求控制者只有在满足两个基本要求后才能处理个人数据:他们必须按照目的规范的要求行事,并且在为进一步目的处理个人数据时必须进行“不兼容测试”。本文旨在概述目的限制原则在智能城市背景下追求不同目的的允许限度。事实上,这一原则只适用于智能城市中的控制者处理个人数据的情况。根据该原则提供的权限,数据控制者可以出于主要和次要目的处理个人数据。但是,处理目的不能超出定义的限制。这项研究是在欧洲法律框架内进行的,采用了多种方法来解决研究问题的不同部分。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
0.60
自引率
33.30%
发文量
7
期刊介绍: The societal, cultural, economic and political dimensions of communication, including the freedoms of speech and press, are undergoing dramatic global changes. The convergence of the mass media, telecommunications, and computers has raised important questions reflected in analyses of modern communication law, policy, and regulation. Serving as a forum for discussions of these continuing and emerging questions, Communication Law and Policy considers traditional and contemporary problems of freedom of expression and dissemination, including theoretical, conceptual and methodological issues inherent in the special conditions presented by new media and information technologies.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信