A comparative study of technological protection measures in copyright law

Conroy, Marlize

30 November 2006

Digitisation had a profound impact on the creation, reproduction, and dissemination of works protected by copyright. Works in digital format are vulnerable to infringement, and technological protection measures are accordingly applied as protection. Technological protection measures can, however, easily be circumvented, and additional legal protection against circumvention was needed. Article 11 of the WIPO Copyright Treaty (the WCT) obliges Member States to provide adequate legal protection against the circumvention of technological measures applied to works protected by copyright. Contracting parties must refine the provisions of Article 11 and provide for exceptions on the prohibition. Article 11 does not specify whether it pertains to only certain types of technological measures, nor does it prohibit the trafficking in circumvention devices. The United States implemented the provisions of Article 11 of the WCT through the Digital Millennium Copyright Act of 1998 (the DMCA). Section 1201 of the DMCA prohibits the circumvention of technological measures. It is detailed and relates to two categories of technological measures - access control and copy control. It prohibits not only the act of circumvention, but also the trafficking in circumvention devices. Article 6 of the EC Directive on the Harmonisation of Certain Aspects of Copyright and Related Rights in the Information Society of 2001 implements Article 11 of the WCT. Article 6 seeks to protect Aeffective technological measures@. It prohibits both the act of circumvention and circumvention devices. Although Article 11 of the WCT is silent on the issue of access control, it seems as if the international trend is to provide legal protection to access controls, thus indirectly creating a right to control access. South Africa has not yet implemented Article 11 of the WCT. The South African Copyright Act of 1979 does not protect technological protection measures. The Electronic Communications and Transactions Act of 2002 (the ECT Act) provides protection against the circumvention of technological protection measures applied to digital data. The definition of Adata@ is such that it could include protected works. If applied to protected works, the anti-circumvention provisions of the ECT Act would be detrimental to user privileges. As developing country, it seems to be in South Africa's best interest to the implement the provisions of Article 11 in such a manner that it still allows users access to and legitimate use of works protected by copyright. / Jurisprudence / LL.D.

346.482

Copyright, International

Fair use (Copyright) -- South Africa

Fair use (Copyright) -- United States

Privacidade, liberdade de expressão e proteção dos dados pessoais: uma perspectiva brasileira com base na jurisprudência do Supremo Tribunal Federal

Pupo, Alvaro de Carvalho Pinto

31 October 2017

Submitted by Filipe dos Santos (fsantos@pucsp.br) on 2017-11-14T11:28:30Z No. of bitstreams: 1 Alvaro de Carvalho Pinto Pupo.pdf: 993019 bytes, checksum: 3e483a91d657e2658eb8b6b67b0a96f2 (MD5) / Made available in DSpace on 2017-11-14T11:28:30Z (GMT). No. of bitstreams: 1 Alvaro de Carvalho Pinto Pupo.pdf: 993019 bytes, checksum: 3e483a91d657e2658eb8b6b67b0a96f2 (MD5) Previous issue date: 2017-10-31 / This study analyzes the concept of intimacy, privacy, free speech and personal data under a brazilian perspective, as well as the protection for each of the itens mentioned. The study makes references to authorities, legislation and case law pertaining to each of the subjects. The study pursues the clarification of what each of these understands as privacy protection and personal data protection, and how these correlates. It also pursues to understand if these understandings are aligned and propose, in the end, some way of uniformization considering the legislative bill proposals being discussed in the Brazilian Congress / O presente trabalho analisa o conceito da intimidade, privacidade, liberdade de expressão e de dados pessoais sob uma perspectiva brasileira, bem como a proteção outorgada a cada um dos itens tratados acima. São analisados os pontos doutrinários, legais e jurisprudenciais associados com cada um deles. A análisa busca averiguar o que cada um desses campos entende como proteção da privacidade e dos dados pessoais e como a privacidade e dados pessoais se relacionam, além verificar se esses entendimentos estão alinhados e propor, ao final, uma forma de uniformização, considerando inclusive propostas legislativas que se encontram em debate no Congresso Nacional

Direito à privacidade

Liberdade de expressão - Brasil

Privacy, Right of

Freedom of expression - Brazil

Le couplage de données et la protection de la vie privée informationnelle sous l'article 8 de la Charte canadienne /

Arès, Sébastien

January 2005

No description available.

Statistical matching

Privacy, Right of -- Canada

互聯網上泄露公民個人信息行為的犯罪化探析 : 以 人肉搜索 為視角 / 以 人肉搜索 為視角;"Analysis of criminalization on the disclosure of citizens' personal information on the Internet : from the human flesh search ";"Analysis of criminalization on the disclosure of citizens' personal information on the Internet : from the human

劉曉敏

January 2009

University of Macau / Faculty of Law

澳門大學 -- 論文

University of Macau -- Dissertations

Privacy, Right of

隱私權

Data protection -- Law and legislation

數據防護 -- 法規

Le couplage de données et la protection de la vie privée informationnelle sous l'article 8 de la Charte canadienne /

Arès, Sébastien

January 2005

Data matching is the automated process permitting the comparison of significant amounts of personal data from two or more different databanks in order to produce new information. Its use by governments implicates many rights and freedoms, including the protection against unreasonable search and seizure under section 8 of the Canadian Charter. / In the author's opinion, a governmental data matching program will probably constitute a search or seizure under section 8 when a positive answer is given to two questions. First, is there a use or transfer of information which implicates constitutionally protected information? Generally, section 8 will only protect biographical personal information, as described in the Plant case. Second, one must determine if a reasonable expectation of privacy exists as to the purpose for which the information will be used. In other words, one must determine if the two governmental databanks are separate on the constitutional level. / However, a positive answer to both of theses questions does not mean that the matching program necessarily infringes section 8. It will not be considered unreasonable if it is authorised by law, if the law itself is reasonable, and if the execution of the program is reasonable. Presuming that the program is authorised by law, it is probable that a matching program aimed to detect individuals collecting illegally social benefits will not be considered unreasonable.

Statistical matching

Privacy, Right of -- Canada

Legal principles regulating the processing of personal information in the workplace

Nxokweni, Unathi Pearl

10 1900

This study focuses on the right to privacy in the workplace, specifically employees' expectations of electronic privacy where personal information is processed. The main aim of this dissertation is to establish whether, given advantages in technology, South African laws offers adequate protection for employees when their electronic information is being processed. The study analyses South African law as it relates to the privacy of employees during the processing of their personal information in the workplace.This is examined within the parameters of the constitutional and legislative framework with due regard to the common-law right to privacy. The legal issues are examined from a South African context and is compared with data protection laws and regulations of the United Kingdom. It also offers recommendations based on experience gained in the United Kingdom. / Private Law / LL. M.

Personal information

Right to privacy

Workplace

Processing

Monitoring

Data

Employer

Employee

342.858068

Privacy, Right of – South Africa

Employee rights – South Africa

Competition and Data Protection Law in Conflict : Data Protection as a Justification for Anti-Competitive Conduct and a Consideration in Designing Competition Law Remedies

Bornudd, David

January 2022

Competition and data protection law are two powerful regimes simultaneously shaping the use of digital information, which has given rise to new interactions between these areas of law. While most views on this intersection emphasize that competition and data protection law must work together, nascent developments indicate that these legal regimes may sometimes conflict.  In the first place, firms faced with antitrust allegations are to an increasing extent invoking the need to protect the privacy of their users to justify their impugned conduct. Here, the conduct could either be prohibited by competition law despite of data protection or justified under competition law because of data protection. In the EU, no such justification attempt has reached court-stage, and it remains unclear how an enforcer ought to deal with such a claim. In the second place, competition law can mandate a firm to provide access to commercially valuable personal data to its rivals under a competition law remedy. Where that is the case, the question arising in this connection is whether an enforcer can and should design the remedy in a way that aligns with data protection law. If so, the issue remains of how that ought to be done. The task of the thesis has been to explore these issues, legally, economically, and coherently.  The thesis has rendered four main conclusions. First, data protection has a justified role in EU competition law in two ways. On the one hand, enhanced data protection can increase the quality of a service and may thus be factored in the competitive analysis as a dimension of quality. On the other, data protection as a human right must be guaranteed in the application of competition law. Second, these perspectives can be squared with the criteria for justifying competition breaches, in that data protection can be invoked to exculpate a firm from antitrust allegations. Third, in that context, the human rights dimension of data protection may entail that the enforcer must consider data protection even if it is not invoked. However, allowing data protection interests to override competition law in this manner is relatively inefficient as it may lead to less innovation, higher costs, and lower revenues. Fourth, the profound importance of data protection in the EU necessarily means that enforcers should accommodate data protection interests in designing competition law remedies which mandate access to personal data. This may be done in several ways, including requirements to anonymize data before providing access, or to oblige the firm to be compliant with data protection law in the process of providing access. The analysis largely confirms that anonymization is the preferable option.

competition law

antitrust

data protection law

GDPR

the charter of fundamental rights

big tech

abuse of a dominant position

objective justifications

efficiencies

article 102 TFEU

consumer welfare

competition remedies

anonymization

big data

personal data

German Facebook Case

Google/Fitbit

konkurrensrätt

konkurrensbegränsning

dataskydd

dataskyddsförordningen

missbruk av dominerande ställning

objektivt rättfärdigande

artikel 102 FEUF

anonymisering

Law

Juridik

Datenschutz und Technikgestaltung

Pohle, Jörg

03 May 2018

Ziel der vorliegenden Arbeit ist es, die historische Konstruktion des Datenschutzproblems, des Datenschutzes als seiner (abstrakten) Lösung sowie die Architektur seiner rechtlichen Implementation aufzudecken und einer kritischen Revision aus informatischer Sicht zu unterziehen, um daraus Folgerungen für die Technikgestaltung zu ziehen. Die Arbeit legt offen, welches Verständnis vom Menschen und von der Gesellschaft, von Organisationen, von der Informationstechnik und von der Informationsverarbeitung, welche informatischen, informationswissenschaftlichen, soziologischen und rechtswissenschaftlichen Konzepte, Denkschulen und Theoriegebäude und welche wissenschaftlichen und vorwissenschaftlichen Annahmen und Prämissen der Analyse des Datenschutzproblems zugrunde liegen und wie sie darüber hinaus die spezifische Lösung des Datenschutzproblems – den Datenschutz – gespeist haben. Auf der Basis einer informatisch fundierten Kritik zieht die Arbeit den Schluss, dass der Datenschutz als Lösung des durch die Industrialisierung der gesellschaftlichen Informationsverarbeitung erzeugten Datenmachtproblems neu abgeleitet werden muss, und legt dafür ein dem Stand der wissenschaftlichen Debatte entsprechendes, abstraktes – und damit jeweils noch anwendungsbereichsspezifisch zu konkretisierendes – Datenschutz-Angreifermodell, ein analytisches Raster für eine darauf aufbauende Bedrohungsanalyse sowie einen prozeduralen Operationalisierungsansatz, der die Vorgehensweise und die jeweils zu analysierenden oder zu prüfenden inhaltlichen Fragen deutlich werden lässt, vor. Abschließend zieht die Arbeit Folgerungen für die Gestaltung datenschutzfreundlicher – und dabei nicht notwendig nur datenschutzrechtskonformer – informationstechnischer Systeme. / The aim of this thesis is to uncover the historical construction of the data protection problem, of data protection as its (abstract) solution, as well as the architecture of its legal implementation, in order to critically assess this construction and to draw conclusions for the design of ICT systems. The thesis reveals which concepts of humankind and society, organizations, information technology and information processing, which informatics, information science, sociological and jurisprudential concepts, schools of thought and theories, and which scientific and pre-scientific assumptions and premises underlie the analysis of the data protection problem, and how they have influenced the specific solution of this problem. Based on a critical assessment of this construction the thesis concludes that data protection must be re-derived as a solution for the information power problem, which is generated by the industrialization of social information processing, and presents an abstract, state-of-the-art data protection attacker model, an analytical framework for a data protection impact assessment as well as a procedural operationalization approach illustrating the sequence as well as the substantive issues to be examined and addressed in this process. The thesis then draws conclusions for the design of data protection friendly—and not necessarily just legally compliant—ICT systems.

Datenschutz

Datenschutztheorie

Datenschutzgeschichte

Datenschutzrecht

Privacy

Surveillance

Angreifermodell

Bedrohungsmodell

Technikgestaltung

data protection

data protection theory

data protection history

data protection law

privacy

surveillance

attacker model

threat model

system design

PZ 4600

ddc:000

[pt] A PROTEÇÃO DOS DADOS PESSOAIS COMO UM DIREITO FUNDAMENTAL AUTÔNOMO: BOAS PRÁTICAS DE COMPLIANCE FRENTE AO CAPITALISMO DE VIGILÂNCIA / [en] PERSONAL DATA PROTECTION AS A FUNDAMENTAL RIGHT ITSELF: COMPLIANCE GUIDELINES AGAINST THE SURVEILLANCE CAPITALISM

RAFAELA SARTORE FURQUIM

04 July 2023

[pt] Em razão do desenvolvimento tecnológico das últimas décadas, a sociedade contemporânea passou por profundas mudanças que deram origem, segundo Shoshana Zuboff, ao Capitalismo de vigilância. Diante deste cenário, o presente estudo tem por objetivo analisar os reflexos desse fenômeno no ordenamento jurídico brasileiro que justificaram a promulgação da Emenda Constitucional 115/22 e da Lei Geral de Proteção de Dados, constituindo um modelo regulatório híbrido, fortemente baseado em princípios, no qual, além de estabelecer obrigações para os agentes de tratamento, cria um ambiente de incentivo à adoção de boas práticas e de governança. Para tanto, será analisado como o compliance de dados pode ser um eficiente instrumento para promover, na prática, a adoção dos princípios da LGPD e da regulação já existente da ANPD em prol uma cultura de proteção de dados no Brasil. / [en] The technological development of recent decades, contemporary society has faced profound changes that have given rise, according to Shoshana Zuboff, to Surveillance Capitalism. Therefore, this study aims to analyze the impacts of surveillance capitalism in the brazilian legal system that justified the promulgation of Constitutional Amendment 115/22 and the Brazilian General Data Protection Law (LGPD), based on the strong principled on a hybrid regulatory model in which, in addition to establishing obligations for treatment agents, creates an environment that encourages the adoption of good practices and governance. This way, it will be analyzed how data compliance can be an efficient instrument to promote, in practice, the adoption of the LGPD principles and the ANPD regulation in a data protection culture in Brazil.

[pt] COMPLIANCE

[pt] ANPD

[pt] CAPITALISMO DE VIGILANCIA

[pt] PROTECAO DE DADOS PESSOAIS

[en] COMPLIANCE

[en] ANPD

[en] SURVEILLANCE CAPITALISM

[en] PROTECTION OF PERSONAL DATA

The law of data (privacy) protection: a comparative and theoretical study

Roos, Anneliese

31 October 2003

In present-day society more and more personal information is being collected. The nature of the collection has also changed: more sensitive and potentially prejudicial information is collected. The advent of computers and the development of new telecommunications technology, linking computers in networks (principally the Internet) and enabling the transfer of information between computer systems, have made information increasingly important, and boosted the collection and use of personal information. The risks inherent in the processing of personal information are that the data may be inaccurate, incomplete or irrelevant, accessed or disclosed without authorisation, used for a purpose other than that for which they were collected, or destroyed. The processing of personal information poses a threat to a person's right to privacy. The right to identity is also infringed when incorrect or misleading information relating to a person is processed. In response to the problem of the invasion of the right to privacy by the processing of personal information, many countries have adopted "data protection" laws. Since the common law in South Africa does not provide adequate protection for personal data, data protection legislation is also required. This study is undertaken from a private law perspective. However, since privacy is also protected as a fundamental right, the influence of constitutional law on data protection is also considered. After analysing different foreign data protection laws and legal instruments, a set of core data protection principles is identified. In addition, certain general legal principles that should form the basis of any statutory data protection legislation in South Africa are proposed. Following an analysis of the theoretical basis for data protection in South African private law, the current position as regards data protection in South-Africa is analysed and measured against the principles identified. The conclusion arrived at is that the current South African acts can all be considered to be steps in the right direction, but not complete solutions. Further legislation incorporating internationally accepted data protection principles is therefore necessary. The elements that should be incorporated in a data protection regime are discussed. / Jurisprudence / LL. D. (Jurisprudence)

South African private law

OECD Guidelines on data protection

Right to identity

Computers and privacy

Right to privacy

Data protection

342.858068

Privacy, Right of -- South Africa

Internet -- Security measures