The EU General Data Protection Regulation (GDPR)
Szerkesztők:
Christopher Kuner; Laura Drechsler; Lee A. Bygrave; Christopher DockseyCím: The EU General Data Protection Regulation (GDPR)
Alcím: A commentary
Megjelenési adatok: Oxford University Press, Oxford - New York, 2020. | ISBN: 978-0-19-882649-1

Kategóriák: Jogtudomány
Tárgyszavak: Európai Unió, Kommentár, Adatvédelem, GDPR, Jog és jogalkotás, Adatvédelem szabályozás, Európai Unió országai
Formátum: OCR szöveg
Típus: könyv
Tárgyszavak: Európai Unió, Kommentár, Adatvédelem, GDPR, Jog és jogalkotás, Adatvédelem szabályozás, Európai Unió országai
Formátum: OCR szöveg
Típus: könyv
Share
Tweet
Tartalomjegyzék
Cover
Titlepage
Impressum
Foreword
[V]-VI
Editors' Preface
[VII]-IX
Contents
[XI]-XVI
Table of Cases
[XVII]-XXVIII
Table of Instruments
[XXXIX]-LXXXV
List of Abbreviations
[LXXXVII]-LXXXVIII
List of Contributors
[LXXXIX]-XCI
Background and Evolution of the EU General Data Protection Regulation (GDPR) (Christopher Kuner, Lee A. Bygrave and Christopher Docksey)
[1]-2
I. Introduction
2-3
II. The legislative history
3-10
III. The evolution of the text
10-47
Chapter I: General Provisions (Articles 1–4)
48-308
Article 1 Subject-matter and objectives (Hielke Hijmans)
48-59
Article 2 Material scope (Herke Kranenborg)
60-73
Article 3 Territorial scope (Dan Jerker B. Svantesson)
74-99
Article 4 Definitions (Luca Tosoni and Lee A. Bygrave)
100-308
Article 4(1) Personal data (Lee A. Bygrave and Luca Tosoni)
103-115
Article 4(2) Processing (Luca Tosoni and Lee A. Bygrave)
116-122
Article 4(3) Restriction of processing (Luca Tosoni)
123-126
Article 4(4) Profiling (Lee A. Bygrave)
127-131
Article 4(5) Pseudonymisation (Luca Tosoni)
132-137
Article 4(6) Filing system (Luca Tosoni)
138-144
Article 4(7) Controller (Lee A. Bygrave and Luca Tosoni)
145-156
Article 4(8) Processor (Lee A. Bygrave and Luca Tosoni)
157-162
Article 4(9) Recipient (Luca Tosoni)
163-169
Article 4(10) Third party (Luca Tosoni)
170-173
Article 4(11) Consent (Lee A. Bygrave and Luca Tosoni)
174-187
Article 4(12) Personal data breach (Luca Tosoni)
188-195
Article 4(13) Genetic data (Lee A. Bygrave and Luca Tosoni)
196-206
Article 4(14) Biometric data (Lee A. Bygrave and Luca Tosoni)
207-216
Article 4(15) Data concerning health (Lee A. Bygrave and Luca Tosoni)
217-224
Article 4(16) Main establishment (Luca Tosoni)
225-237
Article 4(17) Representative (Luca Tosoni)
238-245
Article 4(18) Enterprise (Lee A. Bygrave and Luca Tosoni)
246-252
Article 4(19) Group of undertakings (Luca Tosoni)
253-256
Article 4(20) Binding corporate rules (Luca Tosoni)
257-264
Article 4(21) Supervisory authority (Lee A. Bygrave)
265-271
Article 4(22) Supervisory authority concerned (Luca Tosoni)
272-278
Article 4(23) Cross-border processing (Luca Tosoni)
279-287
Article 4(24) Relevant and reasoned objection (Luca Tosoni)
288-291
Article 4(25) Information society service (Luca Tosoni)
292-302
Article 4(26) International organisation (Lee A. Bygrave and Luca Tosoni)
303-308
Chapter II: Principles (Articles 5–11)
309-397
Article 5 Principles relating to processing of personal data (Cécile de Terwangne)
309-320
Article 6 Lawfulness of processing (Waltraut Kotschy)
321-344
Article 7 Conditions for consent (Eleni Kosta)
345-354
Article 8 Conditions applicable to child’s consent in relation to information society services (Eleni Kosta)
355-364
Article 9 Processing of special categories of personal data (Ludmila Georgieva and Christopher Kuner)
365-384
Article 10 Processing of personal data relating to criminal convictions and offences (Ludmila Georgieva)
385-390
Article 11 Processing which does not require identification (Ludmila Georgieva)
391-397
Chapter III: Rights of the Data Subject (Articles 12–23)
398-554
Section 1 Transparency and modalities
398-412
Article 12 Transparent information, communication and modalities for the exercise of the rights of the data subject (Radim Polčák)
398-412
Section 2 Information and access to personal data
413-468
Article 13 Information to be provided where personal data are collected from the data subject (Gabriela Zanfir-Fortuna)
413-433
Article 14 Information to be provided where personal data have not been obtained from the data subject (Gabriela Zanfir-Fortuna)
434-448
Article 15 Right of access by the data subject (Gabriela Zanfir-Fortuna)
449-468
Section 3 Rectification and erasure
469-507
Article 16 Right to rectification (Cécile de Terwangne)
469-474
Article 17 Right to erasure (‘right to be forgotten’) (Herke Kranenborg)
475-484
Article 18 Right to restriction of processing (Gloria González Fuster)
485-491
Article 19 Notification obligation regarding rectification or erasure of personal data or restriction of processing (Gloria González Fuster)
492-496
Article 20 Right to data portability (Orla Lynskey)
497-507
Section 4 Right to object and automated individual decision-making
508-
Article 21 Right to object (Gabriela Zanfir-Fortuna)
508-521
Article 22 Automated individual decision-making, including profiling (Lee A. Bygrave)
522-542
Section 5 Restrictions
543-554
Article 23 Restrictions (Dominique Moore)
543-554
Chapter IV: Controller and Processor (Articles 24–43)
555-754
Section 1 General obligations
555-629
Article 24 Responsibility of the controller (Christopher Docksey)
555-570
Article 25 Data protection by design and by default (Lee A. Bygrave)
571-581
Article 26 Joint controllers (Christopher Millard and Dimitra Kamarinou)
582-588
Article 27 Representatives of controllers or processors not established in the Union (Christopher Millard and Dimitra Kamarinou)
589-598
Article 28 Processor (Christopher Millard and Dimitra Kamarinou)
599-611
Article 29 Processing under the authority of the controller or processor (Christopher Millard and Dimitra Kamarinou)
612-615
Article 30 Records of processing activities (Waltraut Kotschy)
616-624
Article 31 Cooperation with the supervisory authority (Waltraut Kotschy)
625-629
Section 2 Security of personal data
630-664
Article 32 Security of processing (Cédric Burton)
630-639
Article 33 Notification of a personal data breach to the supervisory authority (Cédric Burton)
640-653
Article 34 Communication of a personal data breach to the data subject (Cédric Burton)
654-664
Section 3 Data protection impact assessment and prior consultation
665-687
Article 35 Data protection impact assessment (Eleni Kosta)
665-679
Article 36 Prior consultation (Cecilia Alvarez Rigaudias and Alessandro Spina)
680-687
Section 4 Data protection officer
688-715
Article 37 Designation of the data protection officer (Cecilia Alvarez Rigaudias and Alessandro Spina)
688-699
Article 38 Position of the data protection officer (Cecilia Alvarez Rigaudias and Alessandro Spina)
700-708
Article 39 Tasks of the data protection officer (Cecilia Alvarez Rigaudias and Alessandro Spina)
709-715
Section 5 Codes of conduct and certification
716-754
Article 40 Codes of conduct (Irene Kamara)
716-724
Article 41 Monitoring of approved codes of conduct (Irene Kamara)
725-731
Article 42 Certification (Ronald Leenes)
732-743
Article 43 Certification bodies (Ronald Leenes)
744-754
Chapter V: Transfers of Personal Data to Third Countries or International Organisations (Articles 44–50)
755-862
Article 44 General principle for transfers (Christopher Kuner)
755-770
Article 45 Transfers on the basis of an adequacy decision (Christopher Kuner)
771-796
Article 46 Transfers subject to appropriate safeguards (Christopher Kuner)
797-812
Article 47 Binding corporate rules (Christopher Kuner)
813-824
Article 48 Transfers or disclosures not authorised by Union law (Christopher Kuner)
825-840
Article 49 Derogations for specific situations (Christopher Kuner)
841-856
Article 50 International cooperation for the protection of personal data (Christopher Kuner)
857-862
Chapter VI: Independent Supervisory Authorities (Articles 51–59)
863-952
Section 1 Independent status
863-901
Article 51 Supervisory authority (Hielke Hijmans)
863-872
Article 52 Independence (Thomas Zerdick)
873-883
Article 53 General conditions for the members of the supervisory authority (Hielke Hijmans)
884-892
Article 54 Rules on the establishment of the supervisory authority (Hielke Hijmans)
893-901
Section 2 Competence, tasks and powers
902-952
Article 55 Competence (Hielke Hijmans)
902-912
Article 56 Competence of the lead supervisory authority (Hielke Hijmans)
913-926
Article 57 Tasks (Hielke Hijmans)
927-938
Article 58 Powers (Ludmila Georgieva and Matthias Schmidl)
939-948
Article 59 Activity reports (Hielke Hijmans)
949-952
Chapter VII: Cooperation and Consistency (Articles 60–76)
953-1116
Section 1 Cooperation
953-994
Article 60 Cooperation between the lead supervisory authority and the other supervisory authorities concerned (Luca Tosoni)
953-972
Article 61 Mutual assistance (Peter Blume)
973-985
Article 62 Joint operations of supervisory authorities (Peter Blume)
986-994
Section 2 Consistency
995-1040
Article 63 Consistency mechanism (Patrick Van Eecke and Anrijs Šimkus)
995-1004
Article 64 Opinion of the Board (Patrick Van Eecke and Anrijs Šimkus)
1005-1013
Article 65 Dispute resolution by the Board (Hielke Hijmans)
1014-1026
Article 66 Urgency procedure (Ludmila Georgieva)
1027-1031
Article 67 Exchange of information (Patrick Van Eecke and Anrijs Šimkus)
1032-1040
Section 3 European Data Protection Board
1041-1116
Article 68 European Data Protection Board (Christopher Docksey)
1041-1054
Article 69 Independence (Christopher Docksey)
1055-1068
Article 70 Tasks of the Board (Christopher Docksey)
1069-1084
Article 71 Reports (Christopher Docksey)
1085-1089
Article 72 Procedure (Christopher Docksey)
1090-1094
Article 73 Chair (Christopher Docksey)
1095-1097
Article 74 Tasks of the Chair (Christopher Docksey)
1098-1101
Article 75 Secretariat (Christopher Docksey)
1102-1110
Article 76 Confidentiality (Christopher Docksey)
1111-116
Chapter VIII: Remedies, Liability and Penalties (Articles 77–84)
1117-1201
Article 77 Right to lodge a complaint with a supervisory authority (Waltraut Kotschy)
1117-1124
Article 78 Right to an effective judicial remedy against a supervisory authority (Waltraut Kotschy)
1125-1132
Article 79 Right to an effective judicial remedy against a controller or processor (Waltraut Kotschy)
1133-1141
Article 80 Representation of data subjects (Gloria González Fuster)
1142-1152
Article 81 Suspension of proceedings (Waltraut Kotschy)
1153-1159
Article 82 Right to compensation and liability (Gabriela Zanfir-Fortuna)
1160-1179
Article 83 General conditions for imposing administrative fines (Waltraut Kotschy)
1180-1193
Article 84 Penalties (Orla Lynskey)
1194-1201
Chapter IX: Provisions Relating to Specific Processing
1202-1267
Situations (Articles 85–91)
1202-1267
Article 85 Processing and freedom of expression and information (Herke Kranenborg)
1202-1212
Article 86 Processing and public access to official documents (Herke Kranenborg)
1213-1222
Article 87 Processing of the national identification number (Patrick Van Eecke and Anrijs Šimkus)
1223-1228
Article 88 Processing in the context of employment (Patrick Van Eecke and Anrijs Šimkus)
1229-1239
Article 89 Safeguards and derogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes (Christian Wiese Svanberg)
1240-1251
Article 90 Obligations of secrecy (Christian Wiese Svanberg)
1252-1256
Article 91 Existing data protection rules of churches and religious associations (Luca Tosoni)
1257-1267
Chapter X: Delegated Acts and Implementing Acts (Articles 92–93)
1268-1290
Article 92 Exercise of the delegation (Luca Tosoni)
1268-1277
Article 93 Committee procedure (Luca Tosoni)
1278-1290
Chapter XI: Final Provisions (Articles 94–99)
1291-1321
Article 94 Repeal of Directive 95/46/EC (Dominique Moore)
1291-1293
Article 95 Relationship with Directive 2002/58/EC (Piedade Costa de Oliveira)
1294-1301
Article 96 Relationship with previously concluded Agreements (Dominique Moore)
1302-1307
Article 97 Commission reports (Thomas Zerdick)
1308-1311
Article 98 Review of other Union legal acts on data protection (Luca Tosoni)
1312-1319
Article 99 Entry into force and application (Dominique Moore)
1320-1321
Index
1323-1393