目的定义是根据 GDPR 确定法律依据的关键步骤:对科学研究的影响。

IF 4.6 Q2 MATERIALS SCIENCE, BIOMATERIALS
ACS Applied Bio Materials Pub Date : 2024-02-01 eCollection Date: 2024-01-01 DOI:10.1093/jlb/lsae001
Regina Becker, Davit Chokoshvili, Adrian Thorogood, Edward S Dove, Fruzsina Molnár-Gábor, Alexandra Ziaka, Olga Tzortzatou-Nanopoulou, Giovanni Comandè
{"title":"目的定义是根据 GDPR 确定法律依据的关键步骤:对科学研究的影响。","authors":"Regina Becker, Davit Chokoshvili, Adrian Thorogood, Edward S Dove, Fruzsina Molnár-Gábor, Alexandra Ziaka, Olga Tzortzatou-Nanopoulou, Giovanni Comandè","doi":"10.1093/jlb/lsae001","DOIUrl":null,"url":null,"abstract":"<p><p>The General Data Protection Regulation (GDPR) of the European Union, which became applicable in 2018, contains a new accountability principle. Under this principle, controllers (ie parties determining the purposes and the means of the processing of personal data) are responsible for ensuring and demonstrating the overall compliance with the GDPR. However, interpretive uncertainties of the GDPR mean that controllers must exercise considerable judgement in designing and implementing an appropriate compliance strategy, making GDPR compliance both complex and resource-intensive. In this article, we provide conceptual clarity around GDPR compliance with respect to one core aspect of the law: the determination and relevance of the purpose of personal data processing. We derive from the GDPR's text concrete requirements for purpose specification, which we subsequently apply to the area of secondary use of personal data for scientific research. We offer guidance for correctly specifying purposes of data processing under different research scenarios. To illustrate the practical necessity of purpose specification for GDPR compliance, we then show how our proposed approach can enable controllers to meet their compliance obligations, using the example of the overarching GDPR principle of lawfulness to highlight the relevance of purpose specification for the identification of a suitable legal basis.</p>","PeriodicalId":2,"journal":{"name":"ACS Applied Bio Materials","volume":"11 1","pages":"lsae001"},"PeriodicalIF":4.6000,"publicationDate":"2024-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10834358/pdf/","citationCount":"0","resultStr":"{\"title\":\"Purpose definition as a crucial step for determining the legal basis under the GDPR: implications for scientific research.\",\"authors\":\"Regina Becker, Davit Chokoshvili, Adrian Thorogood, Edward S Dove, Fruzsina Molnár-Gábor, Alexandra Ziaka, Olga Tzortzatou-Nanopoulou, Giovanni Comandè\",\"doi\":\"10.1093/jlb/lsae001\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p><p>The General Data Protection Regulation (GDPR) of the European Union, which became applicable in 2018, contains a new accountability principle. Under this principle, controllers (ie parties determining the purposes and the means of the processing of personal data) are responsible for ensuring and demonstrating the overall compliance with the GDPR. However, interpretive uncertainties of the GDPR mean that controllers must exercise considerable judgement in designing and implementing an appropriate compliance strategy, making GDPR compliance both complex and resource-intensive. In this article, we provide conceptual clarity around GDPR compliance with respect to one core aspect of the law: the determination and relevance of the purpose of personal data processing. We derive from the GDPR's text concrete requirements for purpose specification, which we subsequently apply to the area of secondary use of personal data for scientific research. We offer guidance for correctly specifying purposes of data processing under different research scenarios. To illustrate the practical necessity of purpose specification for GDPR compliance, we then show how our proposed approach can enable controllers to meet their compliance obligations, using the example of the overarching GDPR principle of lawfulness to highlight the relevance of purpose specification for the identification of a suitable legal basis.</p>\",\"PeriodicalId\":2,\"journal\":{\"name\":\"ACS Applied Bio Materials\",\"volume\":\"11 1\",\"pages\":\"lsae001\"},\"PeriodicalIF\":4.6000,\"publicationDate\":\"2024-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10834358/pdf/\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACS Applied Bio Materials\",\"FirstCategoryId\":\"3\",\"ListUrlMain\":\"https://doi.org/10.1093/jlb/lsae001\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"2024/1/1 0:00:00\",\"PubModel\":\"eCollection\",\"JCR\":\"Q2\",\"JCRName\":\"MATERIALS SCIENCE, BIOMATERIALS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACS Applied Bio Materials","FirstCategoryId":"3","ListUrlMain":"https://doi.org/10.1093/jlb/lsae001","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2024/1/1 0:00:00","PubModel":"eCollection","JCR":"Q2","JCRName":"MATERIALS SCIENCE, BIOMATERIALS","Score":null,"Total":0}
引用次数: 0

摘要

2018 年开始适用的欧盟《一般数据保护条例》(GDPR)包含一项新的问责原则。根据该原则,控制方(即确定个人数据处理目的和方式的各方)有责任确保并证明整体符合 GDPR。然而,GDPR 在解释上的不确定性意味着控制者在设计和实施适当的合规策略时必须做出大量判断,这使得 GDPR 合规变得既复杂又耗费资源。在本文中,我们将从概念上阐明 GDPR 合规性的一个核心方面:个人数据处理目的的确定和相关性。我们从 GDPR 的文本中得出了目的说明的具体要求,随后将其应用于个人数据在科学研究中的二次使用领域。我们为在不同研究情景下正确说明数据处理目的提供指导。为了说明目的说明对遵守 GDPR 的实际必要性,我们随后以 GDPR 的首要原则 "合法性 "为例,展示了我们建议的方法如何使控制者履行其合规义务,从而强调了目的说明对确定合适的法律依据的相关性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Purpose definition as a crucial step for determining the legal basis under the GDPR: implications for scientific research.

The General Data Protection Regulation (GDPR) of the European Union, which became applicable in 2018, contains a new accountability principle. Under this principle, controllers (ie parties determining the purposes and the means of the processing of personal data) are responsible for ensuring and demonstrating the overall compliance with the GDPR. However, interpretive uncertainties of the GDPR mean that controllers must exercise considerable judgement in designing and implementing an appropriate compliance strategy, making GDPR compliance both complex and resource-intensive. In this article, we provide conceptual clarity around GDPR compliance with respect to one core aspect of the law: the determination and relevance of the purpose of personal data processing. We derive from the GDPR's text concrete requirements for purpose specification, which we subsequently apply to the area of secondary use of personal data for scientific research. We offer guidance for correctly specifying purposes of data processing under different research scenarios. To illustrate the practical necessity of purpose specification for GDPR compliance, we then show how our proposed approach can enable controllers to meet their compliance obligations, using the example of the overarching GDPR principle of lawfulness to highlight the relevance of purpose specification for the identification of a suitable legal basis.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
ACS Applied Bio Materials
ACS Applied Bio Materials Chemistry-Chemistry (all)
CiteScore
9.40
自引率
2.10%
发文量
464
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信