- About
-
The Global ETD Search service is a free service for researchers
to find electronic theses and dissertations. This service is
provided by the
Networked Digital Library of Theses and Dissertations.
Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
Search results
Showing 491 to 500 of 587 (0.12 seconds)| 491 |
Proteção de dados pessoais: um direito relevante no mundo digital / Protection of personal data: a relevant law in the digital WordHenrique, Lygia Maria Moreno Molina 22 February 2016 (has links)
Made available in DSpace on 2016-04-26T20:24:13Z (GMT). No. of bitstreams: 1
Lygia Maria Moreno Molina Henrique.pdf: 615418 bytes, checksum: c987b4fdb53a154420790f23c0ef6d1f (MD5)
Previous issue date: 2016-02-22 / This work has as its central point the study of the right to protection of personal
data and how this right is related to the flow of personal data, driven by dynamic
new Internet economy. Reflectively, we will analyze issues relevant to the topic
and to the current moment, starting with a social approach, broader and more
comprehensive, which unfolded form will culminate in the development of the
protection of personal data, both in international law, as in Brazil. Also, it will be
object of study the use of data as a raw material for the provision of the services
offered by companys.com, in order to create innovation and increase competition
between them. As well as, we will demonstrate which options of control and
protection of personal data the consumer / user has to protect their privacy.
Conclusively, by evaluation of brazilian legislative propositions about personal
data protection, we will issue a critical-reflective judgment about the failures and
successes of each one front to the topics relevant to the protection of personal
data / Essa dissertação tem como ponto central o estudo do direito à proteção de dados
pessoais e de que modo este direito se relaciona com a circulação de dados
pessoais, impulsionada pela nova e dinâmica economia da Internet. De forma
reflexiva, analisaremos questões pertinentes ao tema e ao momento atual,
iniciando com uma abordagem social, mais ampla e abrangente, a qual de forma
desdobrada culminará na evolução da tutela de dados pessoais, tanto na
legislação internacional, como na brasileira. Será ainda, objeto de estudo a
utilização dos dados como matéria-prima para prestação dos serviços das
empresas.com, de modo a criar inovações e acirrar a concorrência entre estas.
Assim como, vamos demonstrar quais as opções de controle e tutela em relação
à circulação de dados pessoais o consumidor/usuário possui a resguardar sua
privacidade. De modo conclusivo, mediante a avaliação das proposituras
legislativas brasileiras acerca da proteção de dados pessoais, emitiremos um
juízo crítico-reflexivo sobre as falhas e êxitos de cada propositura, frente aos
temas relevantes à tutela de dados pessoais
|
| 492 |
Legal principles regulating the processing of personal information in the workplaceNxokweni, Unathi Pearl 10 1900 (has links)
This study focuses on the right to privacy in the workplace, specifically employees' expectations of electronic privacy where personal information is processed. The main aim of this dissertation is to establish whether, given advantages in technology, South African laws offers adequate protection for employees when their electronic information is being processed. The study analyses South African law as it relates to the privacy of employees during the processing of their personal information in the workplace.This is examined within the parameters of the constitutional and legislative framework with due regard to the common-law right to privacy. The legal issues are examined from a South African context and is compared with data protection laws and regulations of the United Kingdom. It also offers recommendations based on experience gained in the United Kingdom. / Private Law / LL. M.
|
| 493 |
Redefining personal information in the context of the InternetGratton, Eloïse 10 1900 (has links)
Réalisée en cotutelle avec l'Université de Panthéon-Assas (Paris II) / Vers la fin des années soixante, face à l’importance grandissante de l’utilisation des ordinateurs par les organisations, une définition englobante de la notion de donnée personnelle a été incorporée dans les lois en matière de protection de données personnelles (« LPDPs »). Avec Internet et la circulation accrue de nouvelles données (adresse IP, données de géolocalisation, etc.), il y a lieu de s’interroger quant à l’adéquation entre cette définition et cette réalité.
Aussi, si la notion de donnée personnelle, définie comme étant « une donnée concernant un individu identifiable » est toujours applicable à un tel contexte révolutionnaire, il n’en demeure pas moins qu’il importe de trouver des principes interprétatifs qui puissent intégrer ces changements factuels. La présente thèse vise à proposer une interprétation tenant compte de l’objectif recherché par les LPDPs, à savoir protéger les individus contre les risques de dommage découlant de la collecte, de l’utilisation ou de la divulgation de leurs données.
Alors que la collecte et la divulgation des données entraîneront surtout un risque de dommage de nature subjective (la collecte, un sentiment d’être sous observation et la divulgation, un sentiment d’embarras et d’humiliation), l’utilisation de ces données causera davantage un dommage objectif (dommage de nature financière, physique ou discriminatoire). La thèse propose plusieurs critères qui devraient être pris en compte pour évaluer ce risque de dommage ; elle servira de guide afin de déterminer quelles données doivent être qualifiées de personnelles, et fera en sorte que les LPDPs soient le plus efficaces possibles dans un contexte de développements technologiques grandissants. / In the late sixties, with the growing use of computers by organizations, a very broad definition of personal information as “information about an identifiable individual” was elaborated and has been incorporated in data protection laws (“DPLs”). In more recent days, with the Internet and the circulation of new types of information (IP addresses, location information, etc), the efficiency of this definition may be challenged.
This thesis aims at proposing a new way of interpreting personal information. Instead of using a literal interpretation, an interpretation which takes into account the purpose behind DPLs will be proposed, in order to ensure that DPLs do what they are supposed to do: address or avoid the risk of harm to individuals triggered by organizations handling their personal information.
While the collection or disclosure of information may trigger a more subjective kind of harm (the collection, a feeling of being observed and the disclosure, embarrassment and humiliation), the use of information will trigger a more objective kind of harm (financial, physical, discrimination, etc.). Various criteria useful in order to evaluate this risk of harm will be proposed. The thesis aims at providing a guide that may be used in order to determine whether certain information should qualify as personal information. It will provide for a useful framework under which DPLs remain efficient in light of modern technologies and the Internet.
|
| 494 |
L'accountability ou le principe de responsabilité en matière de protection des renseignements personnelsMouchard, Emilie 05 1900 (has links)
Entre terme anglophone et concept transversal, l’accountability pose la question du principe
de responsabilité et de sa réalisation dans la protection des renseignements personnels.
Résultat d’un cheminement à la fois social et législatif, l’imputabilité qui ressort du concept
fait de la protection des renseignements personnels un processus à la fois collaboratif et
individuel de régulation au service de la responsabilité et des risques nouveaux générés par les
technologies de l’information et le déploiement des théories de la responsabilité sociale des
entreprises.
À la fois objectif, mécanisme et instrument d’une protection des renseignements personnels
efficace et efficiente, le principe d’accountability est un principe de droit et de gestion,
souvent compris par les entreprises comme une technique de management interne. La mise en
action de l’accountability project, par le biais de la reconnaissance du principe par l’OCDE, a
mis en lumière l’idée d’une accountability comme un standard essentiel, un mécanisme
nécessaire, et un besoin de moralisation à intégrer au regard des risques engendrés par les
évolutions sociales et technologiques sur le droit fondamental à la vie privée et la protection
des renseignements personnels. / Between anglophone word and transversal concept, accountability ask about the responsability
and the enforcement of its principle in privacy laws. Result of a social and legislative path, the
imputabilité, who came throught the concept, shows privacy laws as a collaborative and
individual regulation process, serving the responsability and the risks that cames with the
information technologies and the achievement of the corporate social responsability.
In the same time seeing as a goal, a mechanism and an instrument of an effective and efficient
privacy, the accountability principle is a legal and a management principle, used by companies
as an intern management technic. The realisation of the accountability project take place with
the acknoledgement of the principle by the OECD, who highlight the accountability as an
essential standard, a necessary mecanism and a moralization requirement according the risks
that came throught social and technological evolutions on the right to privacy and its laws.
|
| 495 |
Competition and Data Protection Law in Conflict : Data Protection as a Justification for Anti-Competitive Conduct and a Consideration in Designing Competition Law RemediesBornudd, David January 2022 (has links)
Competition and data protection law are two powerful regimes simultaneously shaping the use of digital information, which has given rise to new interactions between these areas of law. While most views on this intersection emphasize that competition and data protection law must work together, nascent developments indicate that these legal regimes may sometimes conflict. In the first place, firms faced with antitrust allegations are to an increasing extent invoking the need to protect the privacy of their users to justify their impugned conduct. Here, the conduct could either be prohibited by competition law despite of data protection or justified under competition law because of data protection. In the EU, no such justification attempt has reached court-stage, and it remains unclear how an enforcer ought to deal with such a claim. In the second place, competition law can mandate a firm to provide access to commercially valuable personal data to its rivals under a competition law remedy. Where that is the case, the question arising in this connection is whether an enforcer can and should design the remedy in a way that aligns with data protection law. If so, the issue remains of how that ought to be done. The task of the thesis has been to explore these issues, legally, economically, and coherently. The thesis has rendered four main conclusions. First, data protection has a justified role in EU competition law in two ways. On the one hand, enhanced data protection can increase the quality of a service and may thus be factored in the competitive analysis as a dimension of quality. On the other, data protection as a human right must be guaranteed in the application of competition law. Second, these perspectives can be squared with the criteria for justifying competition breaches, in that data protection can be invoked to exculpate a firm from antitrust allegations. Third, in that context, the human rights dimension of data protection may entail that the enforcer must consider data protection even if it is not invoked. However, allowing data protection interests to override competition law in this manner is relatively inefficient as it may lead to less innovation, higher costs, and lower revenues. Fourth, the profound importance of data protection in the EU necessarily means that enforcers should accommodate data protection interests in designing competition law remedies which mandate access to personal data. This may be done in several ways, including requirements to anonymize data before providing access, or to oblige the firm to be compliant with data protection law in the process of providing access. The analysis largely confirms that anonymization is the preferable option.
|
| 496 |
Les données personnelles sensibles : contribution à l'évolution du droit fondamental à la protection des données personnelles : étude comparée : Union Européenne, Allemagne, France, Grèce, Royaume-Uni / No English title availableKoumpli, Christina 18 January 2019 (has links)
La protection des données personnelles sensibles consistait, jusqu'au RGPD, en un contrôle préalable réalisé par une autorité indépendante, malgré l’obstacle posé à la libre circulation. Cette protection renforcée est aujourd'hui remplacée par l’obligation du responsable de traitement d’élaborer une étude d’impact. Une telle mutation implique un risque de pré-légitimation des traitements et peut être favorable au responsable de traitement. Or, est-elle conforme au droit fondamental à la protection des données personnelles ? La thèse interroge le contenu de ce droit et la validité du RGPD. À partir d'une étude comparative allant des années 1970 à nos jours, entre quatre pays et l’Union européenne, les données personnelles sensibles sont choisies comme moyen d'analyse en raison de la protection particulière dont elles font l’objet. Il est démontré qu’en termes juridiques, la conception préventive fait partie de l’histoire de la protection européenne des données et peut donner un sens à la protection et à son seul bénéficiaire, l’individu.Un tel sens serait d’ailleurs conforme aux Constitutions nationales qui garantissent aussi l’individu malgré leurs variations. Cependant, cette conception n’est pas forcement compatible avec l’art. 8 de la Charte des droits fondamentaux de l’UE. La thèse explique que cette disposition contient la garantie d’une conciliation (entre les libertés de l’UE et celles des individus) qui peut impliquer une réduction de la protection de ces dernières. Or, il revient à la CJUE, désormais seule compétente pour son interprétation, de dégager le contenu essentiel de ce droit ; objectif auquel la thèse pourrait contribuer. / Before the GDPR, protection of sensitive personal data consisted of a prior check by an independent authority despite limiting their free movement. This has been replaced by the obligation of the controller to prepare a privacy impact assessment. With this modification, one can assume a risk of pre-legitimization of data processing, putting the controller at an advantage. Is that compatible with the fundamental right to the protectionof personal data ? This thesis questions the content of this right and the validity of the GDPR. It is based on a comparative study from 1970s until present day between four European countries and the European Union, in which sensitive data are chosen as a meanto the analysis due to their particular protection. Research shows that in legal termsthe preventive conception is a part of the history of protection in the European Union. By limiting freedom of processing it gives meaning to protection and its only subject,the individual. Such an interpretation is compatible with National Constitutions despite their variations. However, the preventive conception of data protection is not so easily compatible with article 8 of the European Charter of Fundamental Rights. The thesis puts forward that this article contains the safeguard of a balancing, between EU liberties and individuals’ freedoms, which implicates reduced protection. It is up to the European Court of Justice to identify the essence of this right, an aim to which this thesis could contribute.
|
| 497 |
Försäkringsskydd för skadeståndsansvar vid dataskyddsöverträdelser : En undersökning av försäkringsvillkorens omfattning och eventuella begränsningar i förhållande till art. 82 GDPR och grupptalan / Insurance coverage for liability in case of data protection breaches : An investigation into the extent and potential limitations of insurance terms in relation to art. 82 GDPR and class action lawsuitsNahlbom, Robin January 2024 (has links)
I uppsatsen utreds försäkringsskyddet för skadeståndsansvar vid dataskyddsöverträdelser. GDPR är den centrala regleringen för personuppgiftsbehandling och fastställer ett antal principer som måste upprätthållas för att den ansvarige ska få behandla personuppgifter. Bryter den ansvarige mot förordningens principer har den registrerade rätt att kräva skadestånd enligt art. 82.1 GDPR. Förordningen fastställer tre kumulativa krav som måste vara uppfyllda för att skadeståndsskyldighet ska föreligga. Det innefattar att en överträdelse av GDPR har skett, att materiell eller immateriell skada till följd av denna överträdelse har uppstått och att det föreligger ett orsakssamband mellan skadan och överträdelsen. Förordningen innehåller även en bestämmelse som tar över medlemsstaternas nationella skadeståndsrättsliga bestämmelser, vilket innebär att GDPR ska tillämpas enligt sin ordalydelse och att de kumulativa kraven enligt art. 82.1 GDPR måste följas. Det innebär att nationella skadeståndsrättsliga begrepp inte bör jämställas med begrepp som framgår av art. 82.1 GDPR eftersom begreppen har tillkommit i en helt annan kontext. Exempelvis översätts i vissa fall materiella och immateriella skador till ekonomiska och ideella skador. Begreppen är inte synonyma och bör inte tillställas samma betydelse eftersom terminologin i art. 82.1 GDPR kan misstolkas. Försäkringsvillkoren som reglerar skadeståndsskyldigheten för dataskyddsöverträdelser och som även hänvisar till art. 82.1 GDPR, innehåller i vissa fall nationella skadeståndsrättsliga begrepp och även andra begrepp som inte framgår av förordningen. Det kan leda till att kongruensen mellan villkorens utformning och förordningens ordalydelse medför tolkningsproblematik vid bedömning om skadeståndsskyldighet föreligger. Därför bör försäkringsvillkoren endast innehålla sådan terminologi som framgår av art. 82.1 GDPR. Dataskyddsöverträdelser medför oftast att en stor grupp människor lider skada varför förordningen tillåter registrerade att föra grupptalan med hjälp av en ideell organisation enligt art. 80 GDPR. Teoretiskt sett kan skadeståndsbeloppen bli högre än försäkringsbeloppen varför det i sådana fall saknas ett försäkringsskydd för grupptalan för den personuppgiftsansvarige. Försäkringsvillkoren anger däremot ingenting om att försäkringen inte täcker ett sådant anspråk. Därmed ställs försäkringsbolagen inför utmaningen att hantera sådana anspråk, varför försäkringen bör uppdateras för att möta skadestånd i en grupptalan vid dataskyddsöverträdelser. / The essay investigates insurance coverage for liability for damages in the event of data protection breaches. GDPR is the central regulation for the processing of personal data and establishes a number of principles that must be upheld for the data controller to process personal data. If the data controller breaches the principles of the regulation, the data subject has the right to claim damages under Art. 82.1 GDPR. The regulation sets out three cumulative requirements that must be met for liability for damages to arise. This includes that a breach of the GDPR has occurred, that material or immaterial damage as a result of this breach has arisen, and that there is a causal link between the damage and the breach. The regulation also includes a provision that supersedes the national tort law provisions of Member States, which means that the GDPR shall be applied according to its wording and that the cumulative requirements under Art. 82.1 GDPR must be followed. This means that national tort law concepts should not be equated with concepts as set out in Art. 82.1 GDPR as the concepts have arisen in a completely different context. For example, in some cases, material and immaterial damages are translated into economic and non-economic damages. The concepts are not synonymous and should not be attributed the same meaning as the terminology in Art. 82.1 GDPR can be misinterpreted. The insurance terms and conditions that regulate liability for damages in the event of data protection breaches and also refer to Art. 82.1 GDPR, in some cases contain national tort law concepts and other concepts that are not evident in the regulation. This may lead to a lack of congruence between the wording of the terms and conditions and the wording of the regulation, resulting in interpretation issues when assessing whether liability for damages exists. Therefore, the insurance terms and conditions should only contain terminology as set out in Art. 82.1 GDPR. Data protection breaches usually result in harm to a large group of people, which is why the regulation allows data subjects to bring a collective action with the assistance of a not-for-profit organization under Art. 80 GDPR. Theoretically, damages awarded may exceed insurance coverage, which means there is no insurance coverage for collective actions for the data controller in such cases. However, the insurance terms and conditions do not specify that the insurance does not cover such a claim. Therefore, insurance companies are faced with the challenge of handling such claims, which is why the insurance should be updated to cover damages in a collective action in the event of data protection breaches.
|
| 498 |
Social engineering and the ISO/IEC 17799:2005 security standard: a study on effectivenessFrangopoulos, Evangelos D. 31 March 2007 (has links)
As Information Security (IS) standards do not always effectively cater for
Social Engineering (SE) attacks, the expected results of an Information
Security Management System (ISMS), based on such standards, can be
seriously undermined by uncontrolled SE vulnerabilities.
ISO/IEC 17799:2005 is the subject of the current analysis as it is the type of
standard not restricted to technical controls, while encompassing proposals
from other standards and generally-accepted sets of recommendations in the
field.
Following an analysis of key characteristics of SE and based on the study of
Psychological and Social aspects of SE and IS, a detailed examination of
ISO/IEC 17799:2005 is presented and an assessment of the efficiency of its
controls with respect to SE is provided. Furthermore, enhancements to
existing controls and inclusion of new controls aimed at strengthening the
defense against Social Engineering are suggested.
Measurement and quantification issues of IS with respect to SE are also dealt
with. A novel way of assessing the level of Information Assurance in a system
is proposed and sets the basis for future work on this subject. / Information Systems / M. Sc. (Information Systems)
|
| 499 |
Der Videocampus Sachsen - strategische Potentiale und juristische RahmenbedingungenLauber-Rönsberg, Anne, Bergert, Aline, Hartlaub, Anneliese 26 August 2016 (has links) (PDF)
Der Videocampus Sachsen (VCS) ist eines von fünf strategischen Handlungsfeldern der Landesinitiative Bildungsportal Sachsen (vgl. AKeL 2015, S. 2). Es handelt sich um ein ebenen- und fachbereichsübergreifendes Verbundprojekt von acht sächsischen Hochschulen zum Aufbau/Betrieb einer gemeinsamen Videoplattform. Gefördert durch das SMWK entsteht aktuell eine Machbarkeitsstudie, die u.a. aktuelle Nutzungsbedarfe, technische Möglichkeiten, Geschäftsmodelle wie auch didaktische Potentiale in den Blick nimmt. Im Beitrag werden Idee, Notwendigkeit und Nutzenerwartung des VCS ausgeführt. Ein Schwerpunkt liegt auf der Integration medienrechtlicher Überlegungen. Es werden einerseits exemplarisch die Ergebnisse der juristischen Expertise vorgestellt, andererseits anhand konkreter Einsatzszenarien sogenannte rechtliche Fallstricke identifiziert und diskutiert.
|
| 500 |
Principe de finalité, protection des renseignements personnels et secteur public : étude sur la gouvernance des structures en réseauDuaso Calés, Rosario 09 1900 (has links)
Thèse réalisée en cotutelle avec l'Université de Montréal et l'Université Panthéon-Assas Paris II / La question de la protection des renseignements personnels présente des enjeux majeurs dans le contexte des réseaux. Les premières lois en la matière au Canada et en Europe avaient pour base une série de principes qui sont encore aujourd’hui d’actualité. Toutefois, l’arrivée d’Internet et des structures en réseau permettant l’échange d’un nombre infini d’informations entre organismes et personnes ont changé la donne et induisent de nouveaux risques informationnels. Le principe de finalité, pierre angulaire des systèmes de protection des renseignements personnels, postule le caractère adéquat, pertinent et non excessif des informations collectées par rapport à l’objet du traitement et exige qu’elles soient uniquement utilisées à des fins compatibles avec la finalité initiale.
Nous retracerons l’historique de ce principe et analyserons la manière dont la doctrine, la jurisprudence et les décisions du CPVPC comme de la CNIL ont contribué à délimiter ses contours. Nous étudierons comment ce principe se manifeste dans la structure en réseau de l’administration électronique ou du gouvernement électronique et nous relèverons les nouveautés majeures que présente l’État en réseau par rapport au modèle d’État en silo, ainsi que la nécessité d’une gouvernance adaptée à cette structure. Nous examinerons également la présence de standards juridiques et de notions à contenus variable dans le domaine de la protection des renseignements personnels et nous tenterons de montrer comment la finalité, en tant que principe ou standard, a les capacités de s’adapter aux exigences de proportionnalité, d’ajustement et de mutation continuelle qui sont aujourd’hui au cœur des défis de la gouvernance des réseaux.
Finalement, il sera question de présenter quelques pistes pour l’adoption de mécanismes d’adaptation « réseautique » pour la protection des renseignements personnels et de montrer dans quelle mesure ce droit, capable de créer un cadre de protection adéquat, est également un « droit en réseau » qui possède tous les attributs du « droit post-moderne », attributs qui vont rendre possible une adaptation propre à protéger effectivement les renseignements personnels dans les structures, toujours changeantes, où circulent aujourd’hui les informations. / Personal data protection poses significant challenges in the context of networks. The first laws on this matter both in Canada and in Europe were based on a series of principles that remain valid today. Nevertheless, Internet and the development of network-based structures that enable infinite exchange of information between institutions and individuals are changing the priorities and, at the same time, present new risks related to data protection. The purpose principle, which is the personal data protection systems cornerstone, stresses the relevance and adequate yet not excessive nature of the collected information vis à vis the objective of data collection. The purpose principle also requires that the information shall not further be processed in a way incompatible with the initial purpose. We will describe the origins and evolution of this principle, as well as its present relevance and scope analysing the doctrine, jurisprudence and decisions of the Office of the Privacy Commissioner in Canada and of the Commission nationale de l’informatique et des libertés (CNIL) in France. We will also examine how this principle is reflected in the network structure of the digital administration and of the electronic government. We will also underline the differences between a network-based State and a « silo-based » State, each needing its structure of governance. Within the context of personal data protection, we will explore the presence of legal standards and of concepts with a changing nature. An effort will be made to highlight how purpose, be it as a principle or as a standard, has the capacity to adapt to the requirements of the core principles of the current network governance, such as proportionality, adjustment and continuous mutation. Finally, the objective is to reflect on some personal data protection network adaptation mechanisms, and to demonstrate how personal data protection can work in a network that includes all « post-modern law » elements that allow for true adaptation for effective personal data protection within the ever changing structures where data is being exchanged.
|
Page generated in 0.1306 seconds