How can the handling of personal data that emerges due to an increasing online communication be regulated legally in an adequate manner?
There are big expectations in regards to the increasing amount of data, so-called big data that emerges due to the increasing usage of online communication, concerning their social and economic value. On the other hand, there are also legal questions that will be answered within this project: What effects on the (constitutional) rights of users emerge in connection with the usage of “big data”? What legal norms in the European data protection law emerge in this context? What understanding of “privacy” underlies these norms? And how can a governance model be developed in order to handle personal data appropriately? In a legal comparison, the situation in Germany/Europe will be compared to the situation in China and Hong Kong.
The way personal data is being handled, especially of user profiles, is controversially debated in Germany and Europe, as can be seen in the debate on the content of the new data protection regulation. It was also the subject of some current court rulings. Especially courts in Germany, whose data protection standards are considered to be particularly high in international comparison and, thus, have a big influence on the development of the European data protection law, addressed issues concerning data protection and the protection of personal rights. Examples are, for instance, rulings in connection with the introduction of the street view feature of the online map service Google Maps in 2010, rulings since 2011 on data protection standards when processing user data or the current decision of the ECJ on the “right to be forgotten”, which was preceded by further rulings – such as on online archives of newspapers and entries in online encyclopaedias.
In contrast, there are only a very few comparable regulations in the Asia-Pacific region. Unlike China, there is only one data protection law in Hong Kong, which has been updated last in 2013. This data protection law does not (yet) reflect the challenges described above.
The focus of the proposed project is the analysis of the emerging effects linked to “big data” on the (constitutional) rights of users and, in this context, the emerging legal norms in the European data protection law. We will further analyse the understanding of “privacy” and, lastly, the development of a governance model for an appropriate handling of personal data.
Research programme: RP2 - Regulatory Structures and the Emergence of Rules in Digital Communication