A proteção de dados pessoais do empregado no direito brasileiro: um estudo sobre os limites na obtenção e no uso pelo empregador da informação relativa ao empregado / The protection of employees personal data in the Brazilian law: a study on the limits of employers collecting and using employees personal information

Sanden, Ana Francisca Moreira de Souza

15 October 2012

O estudo explora a questão de como o Direito do Trabalho brasileiro protege a informação pessoal do empregado perante o empregador e se essa proteção considera deliberadamente os riscos subjacentes ao uso da informação em ambiente de crescente processamento automático. No Capítulo I, apresenta-se no contexto internacional o problema da obtenção e do uso pelo empregador da informação relativa ao empregado em um ambiente de crescente automatização e justifica-se a necessidade de sua abordagem no Direito brasileiro. No Capítulo II é examinado o arcabouço da proteção de dados pessoais do empregado nas normas internacionais. No Capítulo III, buscam-se os fundamentos do conceito de dados pessoais no ordenamento jurídico brasileiro, principalmente na órbita constitucional, sob a fórmula do direito à autodeterminação informativa. O Capítulo IV traça um quadro geral da proteção da informação relativa ao empregado no Direito do Trabalho brasileiro, considerando os limites à obtenção e ao uso da informação pessoal, os deveres do empregador como responsável pelo acervo de informações pessoais que mantém e os direitos diretamente relacionados à autodeterminação informativa. O Capítulo V investiga as potencialidades do quadro normativo brasileiro atual para oferecer uma proteção ao empregado que se aproxime das finalidades almejadas nas normas internacionais setoriais. / The study is concerned with the question of how the Brazilian Labor Law protects the employees personal information from collection and use by the employer and whether it considers the threats to the employee that arise from increasing automatic processing. Chapter I presents, in the international context, the problem of the employers collecting and using the employees personal information in a world of increasing automation and justifies the need for its approach in the Brazilian Law. Chapter II presents the employees data protection framework proposed in international agreements. Chapter III discusses the fundaments of the concept of personal data and its formulation as informational self-determination in the Brazilian Law and in the Brazilian Constitution. Chapter IV offers a general picture of the protection of the employees information in the Brazilian Labor Law, considering the limits to its collection and use, the obligations of the employer as responsible for the retrieval of the stored data, and the employee`s rights regarding informational self- determination. Chapter V investigates the possibilities of the present Brazilian Legal framework in offering protection to the employee on the same basis as proposed in sectorial international agreements.

Autodeterminação

Dados pessoais

Direito do trabalho

Direitos da personalidade

Employees privacy

Informational self-determination

Personal data

Privacidade

Privacidade do empregado

Right to privacy

Anonymization of directory-structured sensitive data / Anonymisering av katalogstrukturerad känslig data

Folkesson, Carl

January 2019

Data anonymization is a relevant and important field within data privacy, which tries to find a good balance between utility and privacy in data. The field is especially relevant since the GDPR came into force, because the GDPR does not regulate anonymous data. This thesis focuses on anonymization of directory-structured data, which means data structured into a tree of directories. In the thesis, four of the most common models for anonymization of tabular data, k-anonymity, ℓ-diversity, t-closeness and differential privacy, are adapted for anonymization of directory-structured data. This adaptation is done by creating three different approaches for anonymizing directory-structured data: SingleTable, DirectoryWise and RecursiveDirectoryWise. These models and approaches are compared and evaluated using five metrics and three attack scenarios. The results show that there is always a trade-off between utility and privacy when anonymizing data. Especially it was concluded that the differential privacy model when using the RecursiveDirectoryWise approach gives the highest privacy, but also the highest information loss. On the contrary, the k-anonymity model when using the SingleTable approach or the t-closeness model when using the DirectoryWise approach gives the lowest information loss, but also the lowest privacy. The differential privacy model and the RecursiveDirectoryWise approach were also shown to give best protection against the chosen attacks. Finally, it was concluded that the differential privacy model when using the RecursiveDirectoryWise approach, was the most suitable combination to use when trying to follow the GDPR when anonymizing directory-structured data.

data anonymization

data privacy

directory-structured data

k-anonymity

l-diversity

t-closeness

differential privacy

GDPR

Computer Engineering

Datorteknik

Data Surveillance: Theory, Practice & Policy

Clarke, Roger Anthony, Roger.Clarke@xamax.com.au

January 1997

Data surveillance is the systematic use of personal data systems in the investigation or monitoring of the actions or communications of one or more persons. This collection of papers was the basis for a supplication under Rule 28 of the ANU's Degree of Doctor of Philosophy Rules. The papers develop a body of theory that explains the nature, applications and impacts of the data processing technologies that support the investigation or monitoring of individuals and populations. Literature review and analysis is supplemented by reports of field work undertaken in both the United States and Australia, which tested the body of theory, and enabled it to be articulated. The research programme established a firm theoretical foundation for further work. It provided insights into appropriate research methods, and delivered not only empirically-based descriptive and explanatory data, but also evaluative information relevant to policy-decisions. The body of work as a whole provides a basis on which more mature research work is able to build.

data surveillance

human identification

identifiers

data privacy

information privacy

computer matching

profiling

Australia Card

Tax File Number

Personlig integritet och kreditupplysning / Privacy and Credit Report

Forsell, Lisa

January 2003

<p>Most people would agree that privacy is a civil right, and that we should not be deprived of this civil right for other than legitimate reasons. The difficulty lies instead in how to decide where the legislative boundary should be drawn for the right to privacy, in order to protect the individual from an undue intrusion of his privacy. There are a number of areas where the right to privacy comes in conflict with opposite interests. One of these areas is credit report. In this master thesis the author discusses questions as, what is the meaning of the word privacy, and whether the protection of privacy is sufficient in the legislation concerning credit report? Also a comparative study of the Swedish and the English regulation is performed. The object of this thesis is to analyze to what extent the legislator takes the right to privacy into consideration in the legislation concerning credit report. The author also investigates the possibilities to change the legislation in effort to enhance the protection of privacy. The thesis shows, that today there is a protection of privacy in connection to the processing of personal data, but also points out the need to review this protection and also to extend it to other areas, which are not connected with processing of personal data.</p>

Law

Personlig integritet

integritet

kreditupplysning

privacy

right to privacy

credit report

RÄTTSVETENSKAP/JURIDIK

LAW/JURISPRUDENCE

RÄTTSVETENSKAP/JURIDIK

Personlig integritet och kreditupplysning / Privacy and Credit Report

Forsell, Lisa

January 2003

Most people would agree that privacy is a civil right, and that we should not be deprived of this civil right for other than legitimate reasons. The difficulty lies instead in how to decide where the legislative boundary should be drawn for the right to privacy, in order to protect the individual from an undue intrusion of his privacy. There are a number of areas where the right to privacy comes in conflict with opposite interests. One of these areas is credit report. In this master thesis the author discusses questions as, what is the meaning of the word privacy, and whether the protection of privacy is sufficient in the legislation concerning credit report? Also a comparative study of the Swedish and the English regulation is performed. The object of this thesis is to analyze to what extent the legislator takes the right to privacy into consideration in the legislation concerning credit report. The author also investigates the possibilities to change the legislation in effort to enhance the protection of privacy. The thesis shows, that today there is a protection of privacy in connection to the processing of personal data, but also points out the need to review this protection and also to extend it to other areas, which are not connected with processing of personal data.

Law

Personlig integritet

integritet

kreditupplysning

privacy

right to privacy

credit report

RÄTTSVETENSKAP/JURIDIK

LAW/JURISPRUDENCE

RÄTTSVETENSKAP/JURIDIK

Extended Abstracts of the Fourth Privacy Enhancing Technologies Convention (PET-CON 2009.1)

21 February 2012

PET-CON, the Privacy Enhancing Technologies Convention, is a forum for researchers, students, developers, and other interested people to discuss novel research, current development and techniques in the area of Privacy Enhancing Technologies. PET-CON was first conceived in June 2007 at the 7th International PET Symposium in Ottawa, Canada. The idea was to set up a bi-annual convention in or nearby Germany to be able to meet more often than only once a year at some major conference.

Abstracts

PET-CON

Abstracts

PET-CON

ddc:004

rvk:SS 5514

Proactive Privacy Practices in the Trend of Ubiquitous Services: An Empirical Study

Wang, Shu-Ching

02 July 2011

Privacy is a strategic issue so that much attention has been constantly devoted to information privacy in response to competitive pressure in dynamic marketplace, particularly in the trend of e-business settings. Ubiquitous services (u-services) are recognized as the logical extension of e-/m-services because they can be initiated by e- and further propagated by m-services (Junglas & Watson 2006). In u-services context, customers are always connected seamlessly in context-awareness networks so the higher degree of customized and personalized services can be timely served. Likewise, customers may also well be aware of privacy threats behind that. Consequently, privacy issues are identified as a key hindrance for booming u-services. While a large body of studies focusing on privacy issues have examined relevant factors influence customer decision making such as customer beliefs (i.e. trust and risk), privacy concerns, the representations of privacy statement, and even the privacy calculus, this study aims to explore a theoretical proactive privacy practice model (PPPM) as a guideline for an e-services provider (ESP) initiating its privacy practices to its customers to enhance voluntary information disclosure. Drawing upon integrative social contracts theory, the proposed PPPM embraced technical and non-technical elements such as human, legal, and economic relevant perspectives, that is, e-services providers¡¦ proactive privacy governance, and customer perceived value and competitive strategies for u-services. An empirical survey was conducted in a B2C e-services context to examine the relationships among these constructs. The results indicate that there are significant relationships between those three antecedents and disclosure willingness respectively. Meanwhile, the moderating effect of competitive strategies significantly and positively associates with proactive privacy governance and disclosure willingness. These findings not only broaden current knowledge of the disclosure behavior but also allow ESPs to strategically manage privacy and leverage privacy protection for a competitive advantage and identify the strengths and weaknesses of their current privacy mechanisms, guiding them to develop more proactive and prominent privacy practices for extending their businesses to future u-services or u-businesses.

Proactive privacy practice

Proactive privacy governance

Electronic services

Mobile services

Ubiquitous services

Disclosure willingness

Integrative social contracts theory

Survey on healthcare IT systems : standards, regulations and security

Neuhaus, Christian, Polze, Andreas, Chowdhuryy, Mohammad M. R.

January 2011

IT systems for healthcare are a complex and exciting field. One the one hand, there is a vast number of improvements and work alleviations that computers can bring to everyday healthcare. Some ways of treatment, diagnoses and organisational tasks were even made possible by computer usage in the first place. On the other hand, there are many factors that encumber computer usage and make development of IT systems for healthcare a challenging, sometimes even frustrating task. These factors are not solely technology-related, but just as well social or economical conditions. This report describes some of the idiosyncrasies of IT systems in the healthcare domain, with a special focus on legal regulations, standards and security. / IT Systeme für Medizin und Gesundheitswesen sind ein komplexes und spannendes Feld. Auf der einen Seite stehen eine Vielzahl an Verbesserungen und Arbeitserleichterungen, die Computer zum medizinischen Alltag beitragen können. Einige Behandlungen, Diagnoseverfahren und organisatorische Aufgaben wurden durch Computer überhaupt erst möglich. Auf der anderen Seite gibt es eine Vielzahl an Fakturen, die Computerbenutzung im Gesundheitswesen erschweren und ihre Entwicklung zu einer herausfordernden, sogar frustrierenden Aufgabe machen können. Diese Faktoren sind nicht ausschließlich technischer Natur, sondern auch auf soziale und ökonomische Gegebenheiten zurückzuführen. Dieser Report beschreibt einige Besondenderheiten von IT Systemen im Gesundheitswesen, mit speziellem Fokus auf gesetzliche Rahmenbedingungen, Standards und Sicherheit.

EPA

Elektronische Patientenakte

Sicherheit

Privacy

Standards

Gesetze

EHR

electronic health record

security

privacy

standards

law

Data processing Computer science

A review of the implementation of the personal data (privacy) ordinance in the Hong Kong Correctional Services Department

Kan, Chi-keung., 簡志強.

January 1998

published_or_final_version / Public Administration / Master / Master of Public Administration

Privacy, Right of - China - Hong Kong.

Privacy, Right of.

Data protection - Law and legislation.

Public access to information : reaching the right balance between public and private

Larsen, Irene

January 2002

This thesis examines the change towards a property-based view of information in the fields of copyright, database protection and data privacy. Focus will be placed on the United States and the European Union, as those territories together are responsible for more than half of the world's Internet population. The thesis will attempt to show that a view of information as personal property is not actually benefiting society in general and is dangerous for future progress: economic, scientific and social. The thesis suggests balancing the restrictions on access to information as a whole, meaning viewing the restrictions in copyright, database protection and privacy laws to see how they together affect access to information. It argues that these fields of law should supplement each other in maximizing social welfare through a baseline of public access as opposed to a baseline of monopoly.

Freedom of information

Privacy, Right of -- United States

Privacy, Right of -- Europe

Copyright -- United States

Copyright -- Europe