GDPR
5 Items
All Items
-
From ‘Terrorising the Other' to Securitising All The Turn towards Coercive Identity Management
The management of individuals and their physical and digital identities has become vital to contemporary security and border governance. In targeting a certain set of ‘unsafe’ individuals deemed to pose a threat to national security, states’ multi-layered counter-terrorism toolkits have enabled a downward recalibration of the rights of these individuals; a recalibration that has since become both palatable and entrenched. With the ever increasing reliance on new and emerging digital solutions to existing and perceived future security risks, individual physical identities have been gradually translated into, arguably narrower, digital identities. As a corollary, the recalibration has not only shifted further downward but now impacts a much larger set of individuals depending on national and international political priorities.
-
Attribute-based signatures and eIDAS 2.0
Digital authentication and electronic signatures are essential for reliable digital verification of identities in the digital environment. With the introduction of European Digital Identity Wallets under eIDAS 2.0, there has been a shift in the use of trust services. In this contribution, I examine whether eIDAS 2.0 facilitate the use of privacy-friendly trust services, in particular attribute-based authentication (ABA) and attribute-based signatures (ABS). ABA and ABS provide benefits such as modular identity and role-based signing, offering greater flexibility compared to traditional trust services. The analysis shows the difference between authentication and signing, revealing that eIDAS 2.0 only facilitates attribute-based authentication through the European wallets, but not yet attribute-based signatures. The article concludes by discussing the remaining legal challenges that may impede the full realization of privacy-friendly trust services.
-
Regulating data space connectors as an essential gateway to data spaces The European Electronic Communications Code as a suitable choice for addressing a lack of interoperability and harmonisation?
Data Spaces are highly interconnected data sharing ecosystems that represent a new array of collaborative data-sharing forms. In this context, data space connectors play a vital role as gateways for integrating existing systems and their respective data into Data Spaces. However, the lack of reusable and interoperable core components for data space connectors has resulted in divergent implementations and a lack of a shared understanding of data space connectors as mere bridging software. Absent harmonised components of connectors and a unified definition of the primary function of data space connectors, there is a concern that these connectors may impede, rather than facilitate, seamless access to Data Spaces. The hypothesis of the paper is that regulation should be considered as a means of addressing the current heterogeneous landscape and achieving the objective of enabling data sharing through Data Spaces. The paper therefore concludes with a hypothesis regarding the regulation of data space connectors as electronic communication services under the European Electronic Communications Code, and a call for further detailed research into the potential for implementing this hypothesis in practice.
-
Pay or Consent Models in Europe: Already Outdated or an Overlooked Crisis in Freely Given Consent?
The transition from free digital services to paid models has sparked significant debate, particularly concerning the Pay or Consent model which allows users to either pay for services or consent to data processing. This study examines the model’s compliance with the requirement of freely given consent under data protection laws, focusing on decisions and guidelines from courts, data protection authorities and the European Data Protection Board (EDPB). It critically evaluates the applicability of a uniform standard across all online service providers, exploring whether a differentiated approach for large platforms versus smaller providers is more appropriate. Additionally, the study discusses the appropriateness of establishing such a standard at this stage, given the novelty and evolving nature of these models and the scarcity of empirical evidence.
-
TILTing 2024 Special Issue introduction
The 8th edition of the TILTing Perspectives Conference took place over three days in July 2024, with the theme “Looking back, moving forward: Re-assessing technology regulation in digitalized worlds”. The conference was organized by a team of academics (TILTies) at the Tilburg Institute for Law, Technology, and Society (TILT) comprising Sunimal Mendis as academic lead, Friso Bostoen as co-academic lead and six Track Leaders. Aviva de Groot led Track A (AI as a Knowledge-making Power in the Majority Worlds) and the Deep-Dive Panel on Teaching about AI and Society. Gijs van Maanen led Track B (Problematizing ‘Data Governance’) and Brenda Espinosa Apráez led Track C (Regulation and Innovation in Digital Markets). Track D (Regulating Sectors in Transition: Energy, Finance & Health) was led by Max Baumgart and Track E (AI and Data Protection) by Marco Bassini. Shweta Degalahal was the leader of Track F (The Evolving Cybersecurity Landscape and Regulatory Approaches in Cybersecurity).
As the conference coincided with the 30th anniversary of TILT, we considered this a fitting moment to take stock of decades of technology regulation and how it impacts our lives and the digitalized worlds around us. We specifically aimed to explore the following questions as part of our mission to “look back, move forward”:
What has been accomplished? By whom? And where? What is missing? Who is missing? What can we say about the relations between technology-focused regulation and other regulatory foci and modes of standard-setting?
