The Thesis focuses on the legal perspective of Transnational Data Protection. Here, the scope of the thesis is limited to the provisions and interdependencies of the European Union (EU). Matters of national legislation of EU Member States are implicitly mentioned or characterized but not within the scope of the thesis.
Within the current business as well as administrative environment the topic of data protection is a crucial factor for business, public reception and security. The Snowden incident, the Safe Harbor Ruling of the European Court of Justice and ultimately the introduction of the new European General Data Protection Regulation in May 2018 poses potential threat scenarios for businesses and require responsive actions on the respective management level. While the importance of data protections is now an omnipresent and a commonly known issue, it is still a rather neglected topic. It often bears the stigma of nuisance and implies costly implementation of measures and processes.
Nonetheless, corporations, companies, businesses and governmental agencies have to adhere to data protection regulations, the demands of the digitalization and social pressure. Therefore, the abidance by Data Protection Law has incrementally gained a more essential role within company’s and administration’s structures during the last years. This is especially true for transnational contexts. Here, Data Protection Management encompasses privacy compliance and organizational privacy management as part of the information security risk management. Essentially the objective and responsibility of Data Protection Management in the context of transnational data flows in the EU are based in its the legal framework.
Within the current business environment the topic of data protection is a crucial factor for business, public reception and security. Businesses and governmental agencies have to adhere to data protection regulations. Therefore, the abidance by Data Protection Law has gained a more essential role within company’s and administration’s structures. This is especially true for transnational contexts. Data Protection encompasses privacy compliance and management as part of the information security risk management.
Inhaltsverzeichnis (Table of Contents)
- Introduction
- The economic relevance of data protection
- Economic Analysis
- Digitalization and hyper-connectivity
- Big Data and Data Analytics
- Economics of Cyber Crime and the Counter-Market of Security
- Future Scenarios of the Management Project
- Scenario: Medical Data
- Scenario: Financial Data
- Implication for Businesses: Compliance with legal standards can be a unique selling point
- Data Protection Traditions - protecting and securing data
- Origin of Data Protection
- Approaches to Data Protection
- Comprehensive Laws
- Sectoral Laws
- Self-Regulation
- Regulation through technology
- Implication for Businesses: Clash of legislations and need for harmonization
- Legal Grounds for processing and transfer – Data Protection in the European Union
- Overview of the legal system in regard to Data Protection
- The European Convention on Human Rights
- Council of Europe Convention 108
- Interim Conclusion: Direct impact of ECHR and Convention 108 on international data flow regulation
- European Union data protection law
- Implication for Businesses: Data protection framework influences the construction and development of the European Data Protection legislation
- European Data Protection Directive
- General Data Protection Regulation
- Implication for Businesses: Transnational applicability and comprehensive framework of requirements
- Overview of the legal system in regard to Data Protection
- Applicable law and Conflict-of-law for data protection issues
- Rome I
- Territorial Scope
- Conflict-of-Law
- Rome II
- Territorial Scope
- Conflict-of-Law
- Data Protection Directive and Rome I and II Regulations
- Differentiation by nature and scope
- Lex Specialis
- General Data Protection Regulation and Rome I and II Regulations
- Brussels I Regulation
- Territorial Scope
- Conflict-of-law
- General Data Protection Regulation and Brussels I
- Implication for Businesses: The Market Place Principle opens the world-wide applicability of European Data Protection
- Rome I
- International transfer of personal identifiable data
- Adequacy Decision and accepted treaty
- Excursus: Transfer of personal identifiable data between the EU and the US
- Safe Harbor
- EU-U.S. Privacy Shield
- Intermediary Results of the Analysis
- Contractual Clauses
- Binding Corporate Rules
- Implication for Businesses: International transfer of customer data and employee data
- Further practical implication of Transnational Data Protection
- Transnational Negotiations – Always implied Data Protection issues?
- Competencies necessary for Transnational Data Protection
Zielsetzung und Themenschwerpunkte (Objectives and Key Themes)
This master thesis examines the implications of the European General Data Protection Regulation (GDPR) for transnational business models and data transfer. It analyzes the economic relevance of data protection and explores the historical development and different approaches to data protection. The thesis further delves into the legal framework for processing and transferring data within the European Union, including the interplay of different regulations.
- The economic impact of data protection
- The legal framework for data protection in the EU
- The implications of the GDPR for transnational businesses
- The challenges of data transfer in a globalized world
- The need for harmonization and cooperation on data protection issues
Zusammenfassung der Kapitel (Chapter Summaries)
- The introduction provides an overview of the topic and outlines the scope of the thesis.
- Chapter 2 explores the economic relevance of data protection, discussing concepts like digitalization, hyper-connectivity, big data, and cybercrime.
- Chapter 3 traces the historical development of data protection and examines different approaches to data protection, including comprehensive laws, sectoral laws, self-regulation, and regulation through technology.
- Chapter 4 examines the legal framework for data protection in the European Union, focusing on the European Convention on Human Rights, Council of Europe Convention 108, the Data Protection Directive, and the GDPR. It also discusses the implications of this framework for businesses.
- Chapter 5 addresses the issue of applicable law and conflict-of-law in data protection issues, analyzing the interplay between the GDPR and other regulations like Rome I, Rome II, and Brussels I.
- Chapter 6 explores the challenges of international data transfer, focusing on adequacy decisions, contractual clauses, and binding corporate rules.
- Chapter 7 delves into further practical implications of transnational data protection, including the implications for transnational negotiations and the necessary competencies.
Schlüsselwörter (Keywords)
This master thesis examines the key aspects of transnational data protection, focusing on the European General Data Protection Regulation (GDPR) and its implications for business models and data transfer. It covers topics such as the economic relevance of data protection, legal frameworks for data protection, conflict-of-law, international data transfer, and the need for harmonization and cooperation on data protection issues. Key terms and concepts include digitalization, hyper-connectivity, big data, cybercrime, data protection traditions, comprehensive laws, sectoral laws, self-regulation, regulation through technology, adequacy decision, contractual clauses, binding corporate rules, and competencies for transnational data protection.
- Quote paper
- Jan Alexander Linxweiler (Author), 2017, Transnational Data Protection, Munich, GRIN Verlag, https://www.grin.com/document/988690
