欧盟《通用数据保护条例》下的数据保护影响评估：女性主义反思

IF 3.3 3区社会学 Q1 LAW

Computer Law & Security Review Pub Date : 2024-03-23 DOI:10.1016/j.clsr.2024.105950

Alessandra Calvi

{"title":"欧盟《通用数据保护条例》下的数据保护影响评估：女性主义反思","authors":"Alessandra Calvi","doi":"10.1016/j.clsr.2024.105950","DOIUrl":null,"url":null,"abstract":"<div><p>Can the Data Protection Impact Assessment (DPIA) under Article 35 General Data Protection Regulation (GDPR) address the power imbalances between those in control of information and the most vulnerable and marginalised persons to whom this information refers? Put another way, can DPIA be considered a feminist tool?</p><p>Whilst data protection scholars and regulators consider DPIA a promising instrument for the protection of the fundamental rights threatened by personal data processing, particularly when performed by automated systems, a feminist critique thereof, essential to comprehensively evaluate whether such optimism is justified, is still missing. This contribution addresses this knowledge gap using a combination of doctrinal and non-doctrinal analysis, feminist legal methods and intersectionality.</p><p>Building on the state of the art about DPIA, I revisit its advantages and drawbacks through feminist lenses, concluding that DPIA cannot be considered a feminist tool as such. Yet, it could still serve feminist goals and become an empowering instrument for data subjects. For that, my proposals are to incorporate feminist legal methods and intersectionality principles in the process and to conceptualise a “right to DPIA”.</p></div>","PeriodicalId":51516,"journal":{"name":"Computer Law & Security Review","volume":null,"pages":null},"PeriodicalIF":3.3000,"publicationDate":"2024-03-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Data Protection Impact Assessment under the EU General Data Protection Regulation: A feminist reflection\",\"authors\":\"Alessandra Calvi\",\"doi\":\"10.1016/j.clsr.2024.105950\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Can the Data Protection Impact Assessment (DPIA) under Article 35 General Data Protection Regulation (GDPR) address the power imbalances between those in control of information and the most vulnerable and marginalised persons to whom this information refers? Put another way, can DPIA be considered a feminist tool?</p><p>Whilst data protection scholars and regulators consider DPIA a promising instrument for the protection of the fundamental rights threatened by personal data processing, particularly when performed by automated systems, a feminist critique thereof, essential to comprehensively evaluate whether such optimism is justified, is still missing. This contribution addresses this knowledge gap using a combination of doctrinal and non-doctrinal analysis, feminist legal methods and intersectionality.</p><p>Building on the state of the art about DPIA, I revisit its advantages and drawbacks through feminist lenses, concluding that DPIA cannot be considered a feminist tool as such. Yet, it could still serve feminist goals and become an empowering instrument for data subjects. For that, my proposals are to incorporate feminist legal methods and intersectionality principles in the process and to conceptualise a “right to DPIA”.</p></div>\",\"PeriodicalId\":51516,\"journal\":{\"name\":\"Computer Law & Security Review\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":3.3000,\"publicationDate\":\"2024-03-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computer Law & Security Review\",\"FirstCategoryId\":\"90\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0267364924000177\",\"RegionNum\":3,\"RegionCategory\":\"社会学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"LAW\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Law & Security Review","FirstCategoryId":"90","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0267364924000177","RegionNum":3,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"LAW","Score":null,"Total":0}

引用次数: 0

摘要

通用数据保护条例》（GDPR）第 35 条规定的数据保护影响评估（DPIA）能否解决信息控制者与信息所涉及的最弱势和边缘化人群之间的权力不平衡问题？换句话说，DPIA 可否被视为一种女权主义工具？虽然数据保护学者和监管者认为 DPIA 是一种保护受到个人数据处理威胁的基本权利的有前途的工具，尤其是在由自动化系统执行的情况下，但对其进行女权主义批判对于全面评估这种乐观是否合理至关重要，而这种批判仍然缺失。我在 DPIA 研究现状的基础上，通过女权主义视角重新审视了它的优点和缺点，得出的结论是，DPIA 本身不能被视为一种女权主义工具。然而，它仍然可以服务于女权主义目标，成为数据主体的赋权工具。为此，我的建议是在这一过程中纳入女权主义法律方法和交叉性原则，并将 "DPIA 权利 "概念化。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Data Protection Impact Assessment under the EU General Data Protection Regulation: A feminist reflection

Can the Data Protection Impact Assessment (DPIA) under Article 35 General Data Protection Regulation (GDPR) address the power imbalances between those in control of information and the most vulnerable and marginalised persons to whom this information refers? Put another way, can DPIA be considered a feminist tool?

Whilst data protection scholars and regulators consider DPIA a promising instrument for the protection of the fundamental rights threatened by personal data processing, particularly when performed by automated systems, a feminist critique thereof, essential to comprehensively evaluate whether such optimism is justified, is still missing. This contribution addresses this knowledge gap using a combination of doctrinal and non-doctrinal analysis, feminist legal methods and intersectionality.

Building on the state of the art about DPIA, I revisit its advantages and drawbacks through feminist lenses, concluding that DPIA cannot be considered a feminist tool as such. Yet, it could still serve feminist goals and become an empowering instrument for data subjects. For that, my proposals are to incorporate feminist legal methods and intersectionality principles in the process and to conceptualise a “right to DPIA”.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Computer Law & Security Review LAW-

CiteScore

5.60

自引率

10.30%

发文量

审稿时长

67 days

期刊介绍： CLSR publishes refereed academic and practitioner papers on topics such as Web 2.0, IT security, Identity management, ID cards, RFID, interference with privacy, Internet law, telecoms regulation, online broadcasting, intellectual property, software law, e-commerce, outsourcing, data protection, EU policy, freedom of information, computer security and many other topics. In addition it provides a regular update on European Union developments, national news from more than 20 jurisdictions in both Europe and the Pacific Rim. It is looking for papers within the subject area that display good quality legal analysis and new lines of legal thought or policy development that go beyond mere description of the subject area, however accurate that may be.