Global ETD Search

1	A framework and model of operation for electronic personal information to achieve and maintain compliance with Condition 7 of the Protection of Personal Information (POPI) Act Dala, Prittish January 2017 (has links) Privacy entails controlling the use and access to place, location and personal information. In South Africa, the first privacy legislation in the form of the Protection of Personal Information (POPI) Act (Act 4 of 2013) was signed into law on 26 November 2013. The POPI Act promotes the protection of personal information by South African institutions and specifies the minimum requirements in 12 Chapters, which includes 8 Conditions for lawful processing of personal information. Condition 7 of the POPI Act makes specific provision for security safeguards to ensure the confidentiality and integrity of personal information. While the legislative requirements of Condition 7 of the POPI Act are spelt out in Sections 19, 20, 21 and 22, the requirements are not supported by specific guidance in terms of how these should be satisfied. There is also no specific guidance on the security safeguards, as required in Section 19, to ensure the confidentiality and integrity of personal information. Hence, this thesis - which focuses on electronic personal information - proposes a framework that includes a selection of security safeguards that may serve as a frame of reference and be used by South African institutions that store, process and transmit electronic personal information, to achieve and maintain compliance with Condition 7 of the POPI Act. As part of this study, a POPI research survey is used to assess the current state of security safeguards in South African institutions and to validate the selection of security safeguards of the proposed framework. In addition, a model of operation of security safeguards is proposed to guide one on how the selection of security safeguards should be implemented to achieve and maintain confidentiality and integrity of electronic personal information as required by Condition 7 of the POPI Act. Furthermore, this thesis explores the concept and principles of privacy as well as the importance of privacy and provides an overview of the global privacy legislative landscape, including South African privacy legislation. An analysis is also conducted to assess the extent to which the privacy legislation of the European Union (EU) and South Africa addresses the international 2013 Organisation for Economic Co-operation and Development (OECD) guidelines. The POPI research survey is also used to assess the level of compliance with the POPI Act and specifically Condition 7 of the Act. In addition, the POPI research survey is used to assess the financial value associated with electronic personal information and the potential impact of a data breach of electronic personal information. / Thesis (PhD)--University of Pretoria, 2017. / Computer Science / PhD / Unrestricted POPI Act Protection of Personal Information Information Security Security Safeguards Compliance UCTD
2	L’avènement mondial du principe de la libre circulation des données personnelles et ses dérives : de la nécessité de repenser la protection des données personnelles comme une fin en soi Longhais, Sylvain 07 1900 (has links) Since the 1970s and the first data protection laws, the flow of personal data across borders has always been a crucial issue. In this thesis, we study how we have moved from regulations advocating the protection of personal data outside borders to regulations establishing a principle of free data circulation on a global scale. This study is based firstly on a retrospective of personal data law with regard to transborder data flows, and secondly on the fact that these legal questions are now merged with issues of international trade law. Finally, we consider the drifts of such a free flow of data at the global level, and we reflect on certain avenues of reflection in order to place data protection as an end in itself, at the center of the issues. / Depuis les années 1970 et les premières législations relatives à la protection des données personnelles, la circulation des données personnelles hors des frontières a toujours été un enjeu crucial. Dans ce mémoire nous étudions comment l’on est passé de réglementations prônant la protection des données personnelles hors des frontières à des réglementations instaurant un principe de libre circulation des données à l’échelle mondiale. Cette étude se fonde dans un premier temps sur une rétrospective du droit des données personnelles en ce qui concerne les flux transfrontières de données avant de constater dans un second temps que ces questions de droit sont désormais fondues dans des enjeux de droit du commerce international. Posant enfin les dérives d’une telle libre circulation des données au niveau mondial, nous réfléchissons à certaines pistes de réflexion afin de replacer la protection des données comme une fin en soi, au centre des enjeux. protection des renseignements personnels libre circulation des données privacy droit du commerce international protection of personal information free flow of data international trade law Law / Droit (UMI : 0398)
3	L'efficacité du régime de responsabilité civile comme mesure de contrainte au respect de l'obligation de sécurité des renseignements personnels Lafont, Isabelle 11 1900 (has links) No description available. Responsabilité civile Sécurité informationnelle Mesures de sécurité Protection des renseignements personnels Dommages-intérêts Dommages-intérêts punitifs Obligation de notification Civil liability Information security Security safeguards Protection of personal information Damages Punitive damages Breach notification
4	Publicité comportementale en ligne : analyse de la complexité et de l’encadrement juridique applicable au secteur privé au Québec et au Canada Poirier, Isabel 04 1900 (has links) Le présent mémoire traite de la publicité comportementale en ligne (ci-après « PCL ») suite à la récente et importante vague de resserrements législatifs, des décisions judiciaires et enquêtes du CPVP, ainsi qu’aux récentes modifications technologiques impactant les pratiques de PCL. À la manière d’un guide, il y est recensé, décrit et analysées les obligations des entreprises participants à la PCL sous l’angle du droit à la vie privée et à la protection des renseignements personnels. Les enjeux et les principales zones d’ombre problématiques y sont identifiés et analysés, tel le critère de nécessité, l’exigence d’anonymisation et l’obligation de consentement, en incluant les enseignements des récentes décisions et enquêtes du CPVP. Une comparaison avec le cadre règlementaire de l’Union européenne est proposée sur certains points jugés plus pertinents. Le présent mémoire inclut une réflexion non seulement sur les obligations clés et leur évolution récente et rapide au Québec et au Canada dans un contexte de resserrement à l’international, mais également sur la PCL en soi en émettant des questionnements et des pistes de réflexion pour l’amélioration des pratiques. Ainsi, ce mémoire contient un volet pratique prononcé et un volet théorique qui se nourrissent l’un de l’autre. La partie I est un état des lieux où sont mises en lumière la complexité factuelle et juridique entourant la PCL, incluant une observation et une réflexion sur les interactions entre les différents acteurs (organisations, organismes d’autoréglementation, autorités de contrôle) et leur rôle dans la création et l’évolution des normes formelles et informelles. La partie II est consacrée à l’analyse des principales obligations incombant aux entreprises du secteur privé participant à la PCL en vertu de la LPRPDE et du Projet de loi C-27 au fédéral ainsi que des récentes modifications apportées par la Loi 25 au Québec en matière de protection des renseignements personnels. Finalement, la partie III propose une analyse de l’exercice de contrôle de l’utilisateur et des limites du consentement. / This master’s thesis is about online behavioral advertising (hereafter “OBA”). Like a guide, it lists, describes and analyzes the obligations of companies participating in the OBA from the perspective of the right to privacy and the protection of personal information. The issues and the main problematic gray areas are identified and analyzed, such as the criterion of necessity, the requirement of anonymization and the obligation of consent, including the lessons of recent decisions and investigations by the OPC. A comparison with the regulatory framework of the European Union is proposed on certain points deemed more relevant. This thesis includes a reflection not only on the key obligations and their recent and rapid evolution in Quebec and Canada in a context of international tightening, but also on the OBA itself by raising questions and lines of thought for improving practices. Thus, this dissertation contains a pronounced practical component and a theoretical component which feed off each other. Part I is an inventory highlighting the factual and legal complexity surrounding the OBA, including an observation and reflection on the interactions between the different actors (organizations, self-regulatory bodies, supervisory authorities) and their role in the creation and evolution of formal and informal norms. Part II is devoted to the analysis of the main obligations incumbent on private sector companies participating in the OBA under PIPEDA and draft law C-27 at the federal level and Bill 25 in Quebec with regards to the protection of personal information. Finally, Part III analyzes the exercise of user control and the limits of consent. Publicité comportementale en ligne Ciblage publicitaire Droit à la vie privée Protection des renseignements personnels Online behavioral advertising Interest-based advertising Targeted advertising Privacy Protection of personal information Information technology law Law / Droit (UMI : 0398)
5	The challenge of industry challenges : the uneasy encounter between privacy protection and commercial expression Miller, Danielle 09 1900 (has links) En s’inspirant de l’exemple des défis corporatifs, c’est-à-dire, des initiatives déployées par les sociétés pour rendre le marché de l’emploi plus accessible aux membres de groupes perçus comme marginalisés, ce mémoire cherche à analyser le conflit qui pourrait surgir au Québec entre le droit à la vie privé, protégé notamment par la Loi sur la protection des renseignements personnels dans le secteur privé et la Loi sur la protection des renseignements personnels et des documents électroniques et le besoin croissant de l’entreprise d’utiliser les données privées de leurs employés pour vendre leurs biens et services. Dans un premier temps, ce mémoire effectue un survol des régimes de protection de la vie privée des pays qui ont le plus influencé le droit québécois et canadien soit l’Europe, les États-Unis et le Royaume Uni en soulignant leur influence sur le régime en vigueur au Québec. Dans un second temps, il soulève les entraves que posent la LPRPS et la LPRPDE à la participation de l’entreprise aux défis corporatifs. Dans un troisième temps, il explore des pistes possibles à la fois interprétatives, législatives et contentieuses afin de rendre ces lois plus accommodantes aux besoins de l’entreprise. / This essay uses the example of Industry Challenges - a technique deployed by companies to promote the hiring and advancement of certain members of society - to explore a conflict that could arise in Quebec between the individual’s right to privacy as protected by An Act Respecting the Protection of Personal Information In the Private Sector and the Personal Information Protection and Electronic Documents Act , and that of an organisation to use personal information relating to its workforce to market itself. It briefly reviews privacy protection in jurisdictions with the greatest legal influence on Quebec and Canada: the European Union, the United States and the United Kingdom (Chapter 2). It demonstrates how a blend of these influences is reflected in the Quebec and Canadian approaches to privacy and how existing privacy legislation might prevent a company from effectively and efficiently responding to Industry Challenges (Chapter 3). Finally, the last two chapters respectively explore the interpretive and legislative amendments that could be made to PPIPS and PIPEDA to enable companies to respond to Industry Challenges (Chapter 4) as well as the possible legal action a company could take on the ground that Quebec’s privacy legislation violates its right to express itself commercially under s. 2(b) of the Canadian Charter of Rights and Freedoms (Chapter 5). Militantisme du consommateur; Défis corporatifs Expression commerciale Quebec Vie privée Canadian Charter of Rights and Freedoms Commercial Expression Consumer Activism Industry Challenge(s) Privacy Quebec
6	論偵查機關調閱銀行私人帳戶資料之合法性─與美國作比較 / The Legality on Our Law Enforcement's Access to Private Banking Account–In Comparison with the United States 張君寧, Chang, Chun Ning Unknown Date (has links) 長久以來，我國在偵辦民刑事案件時，調閱相關人等之銀行帳戶資料通常是必要作法之一，表面上看來行之有年、理所當然，但深究後卻發現未臻完善、有待改進，其中尤以正當合法性及與個人隱私權之衝突最具爭議。調閱銀行帳戶資料固然是快速有效偵查案情的方式之一，但若無合理的法律依據、明確的施行方針、完善的配套措施及必要的懲處規定，將易流於擴權濫用，不僅違背法理，亦侵害當事人之隱私權，影響甚鉅，而當今我國文獻中卻較缺乏關於此方面之探討，殊為可惜。因此，目前我國偵查機關調閱銀行帳戶資料之法律依據為何？與其他法律是否有矛盾衝突之處？實務上如何施行？有哪些配套措施？未來有何改進之道？若公務機關違法濫權有何懲罰機制？如何適當修改現有法令規範以使其更臻完善？凡此皆與社會大眾息息相關，並使筆者產生高度興趣及強烈研究動機，期盼透過深入研究，得以充分瞭解相關理論與實務，並對問題提出解決或改善之建議。無論自人性尊嚴、隱私權或資訊自決權之觀點來看，個人資料保護皆為基本且重要之議題，不容忽視，而銀行帳戶實為個人資料當中非常重要之一環。美國為隱私權概念發源地，理論與實務發展久遠，深具探討價值，故本文擇其作為比較分析對象。為求深入探討調閱銀行帳戶資料在台灣及美國司法實務面運作之情形，本文整理解析兩國近年來相關法規及民事刑事裁判，2010年4月我國立法通過之「電腦處理個人資料保護法修正案」(後更名為「個人資料保護法」，2012年10月付諸實行，以下亦簡稱「新個資法」)亦在本文討論範圍內。本文將介紹各相關法規內容，分析新舊法規之差異，探究實務面作法及未來可能走向，以提供各位讀者先進參考。國家為履行公共任務或打擊金融犯罪，通常需要調閱相關人等之銀行帳戶資料，此為偵查機關職責所在，但若稍有不慎即可能使個人資訊隱私權遭受重大侵害，而目前理論與實務面皆尚有未盡完善之處。筆者盼以本身面臨之法令疑義，對我國新個資法及台美兩國相關法規之檢視，對本文蒐集資料之研讀心得，及在金融業服務十年之工作經驗作為本文研究之核心。本篇論文之主要目的，盼藉由各面向之探討及對法律制度之論述，檢視當今我國與美國調閱銀行私人帳戶資料之正當性與合法性；本文不僅描述兩國偵查機關調閱銀行帳戶資料之現況，亦針對問題分析研究，提出建議策略，盼能為我國目前存在之問題困境貢獻一己之力，以供法律界、金融界及相關公務部門參考。透過本文研究，可觀察目前我國與美國調閱銀行私人帳戶資料相關法規與實務之發展方向，探討主管機關在提升偵查效率及保障個人財務資訊隱私權之間如何取得平衡，希冀政府機關不僅能快速有效完成偵查任務，亦能在合情合理合法範圍內作好個人資料保護，兩全其美。 / In Taiwan, law enforcement’s access to private banking account is a common way of investigating civil or criminal crimes. Although it seems very normal, it still has some problems need to be solved, especially its legality and controversy over privacy. It’s efficient to investigate a crime by retrieving data from private banking account, but it’s easy to invade personal privacy if there’s no reasonable law, clear direction, supplementary measures or necessary punishments. As a result, it’s very worthwhile and important to discuss this thesis’ title. However, there are not many relevant essays or writings in our country nowadays. About this issue, there are many relevant topics which are worthy to be discussed. For example, what is the legal basis of this kind of investigation? Is there any inconsistency between its legal basis and other laws? What are the implementations or supporting measures in practice and improvements in the future? Is there any supervision mechanism if the Government abuses its power? How to amend existing legal regulations appropriately to make them more perfect? Topics above are closely related to all society so the author has a high degree of interest and motivation. Hope this thesis will make readers fully understand relevant theory and practice then they may know how to solve problems and make improvements by this article’s suggestion. Whether from the point of view of privacy, human dignity or self-determination of revealing personal information, protection of personal data is always a basic and important issue which shouldn’t be ignored. The private banking account is actually one kind of the most important personal data. The United States (hereinafter also “America”) is the birthplace of the concept of privacy which has developed there for a long time. It is worth researching so the author selects America for comparative analysis task. In order to discuss the judicial practice about private banking account being investigated by the authorities in Taiwan and America, the author sorts out and analyzes relevant regulations and criminal judges of these two countries in recent years. “Computer Processed Personal Information Protection Act Amendments” (later renamed “Personal Information Protection Act”, implemented in October 2012, hereinafter also “New Personal Information Act”) passed by the Legislative Yuan of Taiwan in April 2010 is also within the scope of this article. This article will describe the contents of relevant laws, analyze the differences between old and new regulations and discuss practical approaches and possible directions in the future so this thesis will provide reference for all readers. The Government often needs to retrieve banking account information to fulfill public tasks or fight against financial crimes. Although this is the duty of the authorities, it will result in serious violation of personal information privacy if the authorities make any mistake. In fact, both of relevant theory and practice in our country have some drawbacks and deficiencies at this time. The author looks forward to discussing the doubts of law, examining “New Personal Information Act” and relevant regulations of Taiwan and America and sharing study experience on this issue and a decade of work experience in the financial industry in order to constitute the core of this research. The main purpose of this thesis is to examine the necessity and legality of retrieving banking account information in Taiwan and America by discussing all relevant aspects and legal systems. This article not only describes the authorities’ access to banking account information in the current situation but also analyzes problems, makes suggestions and offers strategies. The author hopes to do his best to make some contribution to the law, financial industry and related public authorities. Through this thesis, readers could observe Taiwan and America’s investigation of private banking account currently and developing directions of relevant regulations and actual situations in the future. Readers could also learn and discuss how the authorities weigh improvement of investigation efficiency and protection of personal financial information privacy. Hope our Government will not only complete investigation quickly and efficiently but also protect personal information privacy legally and reasonably. 調閱美國偵查機關銀行帳戶財務資訊隱私權個人資料保護個人資料保護法正當性合法性 Retrieval the United States Investigation Banking Account Financial Information Privacy Protection of Personal Information Personal Information Protection Act Legitimacy Legality
7	The right to privacy and identity on social network sites : a comparative legal perspective Skosana, Milton Themba 12 April 2018 (has links) This study focuses on the use of Social Network Sites (SNSs) and certain personality rights (specifically the right to privacy and the right to identity) that may be infringed by this use. The study also discusses data protection law as the protection of the rights to privacy and identity are interlinked with data protection in that data protection assumes importance when there is processing of personal information on SNSs. The study seeks to determine whether South African law provides adequate protection for the interests that form the object of these personality rights, and highlights certain shortcomings, particularly in the context of SNSs. It also suggests solutions where there are shortcomings by learning from other jurisdictions. Related issues investigated are: who should be held responsible for the user-generated content uploaded on SNSs; the role of the Internet Service Provider (ISP); and how to deal with anonymous defendants. / Private Law / LL. M. Anonymous user Discovery Data law Protection of personal information Social network sites Social media Right to privacy Right to identity Internet service provider liability 342.858068 Privacy, Right of -- South Africa Liability (Law) -- South Africa

1

Page generated in 0.1938 seconds