Abstract
The continuous processing of personal data has surely decreased user awareness over the usage of information relating to them. It is worth the lack of technical means aimed at helping who personify datafication targets to interface with data flow, as well as to practically exercise the rights which have been recognised to data subjects by the GDPR. Transparency Enhancing Tools (TET), as subtypes of Privacy Enhancing Technologies (PET), pave the way for a renovated approach of data sovereignty against the deviation of informational capitalism while making users have better insight into data processing. On the other hand, the respect of the obligations set out in the GDPR could be better achieved by information society services, as well as the company’s reputation may benefit from adopting technical measures in line with the principle of transparency. In this respect, Privacy Information Management Systems (PIMS) and Personal Data Stores (PDS) could be seen as technological solutions for balancing the opposite interests of the actors of the digital economy (i.e., professionals and consumers) and, more broadly, put law and technology together not only in relation to data protection by design and by default but also for the development of technology in a human-centred manner.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Article 29 Working Party (2018) Guidelines on Transparency under Regulation 2016/679. https://ec.europa.eu/newsroom/article29/document.cfm?action=display&doc_id=51025
Bravo F (2019) L’«architettura» del trattamento e la sicurezza dei dati e dei sistemi. In: Cuffaro V, D’Orazio R, Ricciuto V (eds) I dati personali nel diritto europeo. Giappichelli, Torino, pp 775–854
Bygrave LA (2017) Data protection by design and by default: deciphering the EU’s legislative requirements. Oslo Law Rev 4(2):105–120
Crabtree A, Lodge T et al (2018) building accountability into the Internet of Things: the IoT Databox model. J Reliable Intell Environ 4:39–55
European Commission (2020) Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions. A European Strategy for Data, 19 February 2020, COM/2020/66 final. https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:52020DC0066&from=EN
European Commission (2015) An emerging offer of “personal information management services”. Current state of service offers and challenges. https://ec.europa.eu/newsroom/dae/document.cfm?doc_id=40118
European Data protection Board (2020) Guidelines 4/2019 on Article 25 Data Protection by Design and by Default. Version 2.0. Adopted on 20 October 2020. https://edpb.europa.eu/sites/edpb/files/files/file1/edpb_guidelines_201904_dataprotection_by_design_and_by_default_v2.0_en.pdf
European Data Protection Supervisor (2020) Opinion 3/2020 on the European strategy for data. https://edps.europa.eu/sites/default/files/publication/20-06-16_opinion_data_strategy_en.pdf
European Data Protection Supervisor (2016) Opinion 9/2016 on personal information management systems. Towards more user empowerment in managing and processing personal data. https://edps.europa.eu/sites/edp/files/publication/16-10-20_pims_opinion_en.pdf
ENISA (2017) Privacy and security in personal data clouds. https://www.enisa.europa.eu/publications/privacy-and-security-in-personal-data-clouds/at_download/fullReport
ENISA (2015) Privacy by design in big data. An overview of privacy enhancing technologies in the era of big data analytics. https://www.enisa.europa.eu/publications/big-data-protection/at_download/fullReport
Finocchiaro G (2012) Riflessioni su diritto e tecnica. Diritto Dell’informazione e Dell’informatica 4–5:831–840
Floridi L (2015) The Onlife Manifesto. Being Human in a Hyperconnected Era, Springer, Cham
Hildebrandt M (2017) Saved by design? The case of legal protection by design. NanoEthics 11:307–311
Janseen H, Cobbe J, Singh J (2020) Personal information management systems: a user-centric privacy utopia? Internet Policy Rev 9(4):1–25
Janseen H, Cobbe J, Norval C, Singh J (2020) Decentralised data processing: personal data stores and the GDPR. Int Data Privacy Law 10(4):356–384
Koops B-J, Leenes R (2014) Privacy regulation cannot be hardcoded. A critical comment on the ‘privacy by design’ provision in data-protection law. Int Rev Law, Comput Technol 28(2):159–171
Larsen R, Brochot G, Lewis D, Eisma FL, Brunini J (2015) Personal data stores. European Commission—DG Connect. Report commissioned by the European Commission to the Cambridge University on personal data tools to evaluate feasibility and potential areas of policy assistance
Lehtiniemi T (2017) Personal data spaces: an intervention in surveillance capitalism? Surv Appl Math 15(5):626–639
Lu Y, Li S, Ioannou A, Tussyadiah I (2019) From data disclosure to privacy nudges: a privacy-aware and user-centric personal data management framework. In: Wang G, Bhuiyan MZA, De Capitani di Vimercati S, Ren Y (eds) Dependability in sensor, cloud, and big data systems and applications. Springer, Cham, pp 262–276
Mantelero A (2014) Social control, transparency, and participation in the big data world. J Internet Law 17(10):23–29
Poikola A, Kuikkaniemi K, Honko H (2014) MyData—a Nordic model for human-centered personal data management and processing
Solove DJ (2013) Introduction: privacy self-management and the consent dilemma. Harv Law Rev 126:1880–1903
Spagnuelo D, Ferreira A, Lenzini G (2020) Transparency enhancing tools and the GDPR: do they match? In: Mori P, Furnell S, Camp O (eds) Information systems security and privacy. Springer, Cham, pp 162–185
The Royal Society (2019) Protecting privacy in practice—the current use, development and limits of privacy enhancing technologies in data analysis
Zuboff S (2019) The age of surveillance capitalism: the fight for a human future at the new frontier of power. Public Affairs, New York
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this chapter
Cite this chapter
Bernes, A. (2022). Enhancing Transparency of Data Processing and Data Subject’s Rights Through Technical Tools: The PIMS and PDS Solution. In: Senigaglia, R., Irti, C., Bernes, A. (eds) Privacy and Data Protection in Software Services. Services and Business Process Reengineering. Springer, Singapore. https://doi.org/10.1007/978-981-16-3049-1_17
Download citation
DOI: https://doi.org/10.1007/978-981-16-3049-1_17
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-3048-4
Online ISBN: 978-981-16-3049-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)