Transnational Data Protection

The implication of the European General Data Protection Regulation for transnational business models and their data transfer

Masterarbeit, 2017
78 Seiten, Note: 1,0

Jura - Europarecht, Völkerrecht, Internationales Privatrecht

Leseprobe

1. Introduction

2. The economic relevance of data protection

2.1 Economic Analysis

2.2 Digitalization and hyper-connectivity

2.3 Big Data and Data Analytics

2.4 Economics of Cyber Crime and the Counter-Market of Security

2.5 Future Scenarios of the Management Project

2.5.1 Scenario: Medical Data

2.5.2 Scenario: Financial Data

2.6 Implication for Businesses: Compliance with legal standards can be a unique selling point

3. Data Protection Traditions - protecting and securing data

3.1 Origin of Data Protection

3.2 Approaches to Data Protection

3.2.1 Comprehensive Laws

3.2.2 Sectoral Laws

3.2.3 Self-Regulation

3.2.4 Regulation through technology

3.3 Implication for Businesses: Clash of legislations and need for harmonization

4. Legal Grounds for processing and transfer – Data Protection in the European Union

4.1 Overview of the legal system in regard to Data Protection

4.1.1 The European Convention on Human Rights

4.1.2 Council of Europe Convention 108

4.1.3 Interim Conclusion: Direct impact of ECHR and Convention 108 on international data flow regulation

4.1.4 European Union data protection law

4.1.5 Implication for Businesses: Data protection framework influences the construction and development of the European Data Protection legislation

4.1.6 European Data Protection Directive

4.1.7 General Data Protection Regulation

4.2 Implication for Businesses: Transnational applicability and comprehensive framework of requirements

5. Applicable law and Conflict-of-law for data protection issues

5.1 Rome I

5.1.1 Territorial Scope

5.1.2 Conflict-of-Law

5.2 Rome II

5.2.1 Territorial Scope

5.2.2 Conflict-of-Law

5.3 Data Protection Directive and Rome I and II Regulations

5.3.1 Differentiation by nature and scope

5.3.2 Lex Specialis

5.4 General Data Protection Regulation and Rome I and II Regulations

5.5 Brussels I Regulation

5.5.1 Territorial Scope

5.5.2 Conflict-of-law

5.6 General Data Protection Regulation and Brussels I

5.7 Implication for Businesses: The Market Place Principle opens the world-wide applicability of European Data Protection

6. International transfer of personal identifiable data

6.1 Adequacy Decision and accepted treaty

6.2 Excursus: Transfer of personal identifiable data between the EU and the US

6.2.1 Safe Harbor

6.2.2 EU-U.S. Privacy Shield

6.2.3 Intermediary Results of the Analysis

6.3 Contractual Clauses

6.4 Binding Corporate Rules

6.6 Implication for Businesses: International transfer of customer data and employee data

7. Further practical implication of Transnational Data Protection

7.1 Transnational Negotiations – Always implied Data Protection issues?

7.2 Competencies necessary for Transnational Data Protection

8. Conclusion

Research Objective and Scope

This master thesis examines the legal implications of the European General Data Protection Regulation (GDPR) for transnational business models and international data transfers, focusing on how organizations must adapt their processes to comply with the EU's evolving data protection framework.

Analysis of the economic relevance and business impact of data protection and cybersecurity.
Evaluation of the EU legal framework for data protection, including conventions and directives.
Examination of conflict-of-law issues, including the Rome I, Rome II, and Brussels I regulations in relation to data protection.
Assessment of the requirements and mechanisms for the international transfer of personal identifiable data.

Excerpt from the Book

2.4 Economics of Cyber Crime and the Counter-Market of Security

The described tendencies allocate a high value to personal identifiable data. Subsequently, the accumulation and use of data are prone to missuses and even criminal actives. While crime is not considered something that is abstinent from the business world, it is also seldom realized as its own economy. Furthermore, it is – as a market – not necessarily associated with digitalization.

A criminal act is considered any behavior that deviates from societal norms, crosses the boundaries of ethical and lawful behavior, and is sanctioned by a governmental authority. As such criminal behavior is often associated with the aspect of punishment, fines, and imprisonment.

Any association to economics and business is often limited to crime happening in a certain business environment. However, crime in itself can be considered a market and thus bound to economic principles.

Within the “crime market” any individual player is motivated by the rational maximization of utility (Eide et alt., 2006). This assumption is based upon the principle of rational choice, meaning that any individual acts rationally to maximize expected utility and that this utility is “a positive function of income” (ibid). This leads to a very simplistic economic model: Any endeavor that has a greater income than zero after subtraction of costs is profitable (Segura & Lahuerta, 2010). It is a simple cost-benefit principle (Li et alteri, 2006). This model transfers the rational choice assumptions to criminal activity.

Summary of Chapters

1. Introduction: Outlines the increasing importance of data protection in modern business and states the core research question regarding the impact of the GDPR on transnational business models.

2. The economic relevance of data protection: Analyzes the economic value of data protection, the impact of digitalization, and how cybercrime operates as a market, necessitating security measures.

3. Data Protection Traditions - protecting and securing data: Explores historical origins of data protection and various legislative approaches, such as comprehensive laws versus self-regulation.

4. Legal Grounds for processing and transfer – Data Protection in the European Union: Provides a comprehensive overview of the EU's data protection legal framework, focusing on the transition from the Data Protection Directive to the GDPR.

5. Applicable law and Conflict-of-law for data protection issues: Contextualizes the GDPR within broader legal principles, specifically examining how Rome I, Rome II, and Brussels I regulations address international data protection disputes.

6. International transfer of personal identifiable data: Discusses mechanisms for transferring data to third countries, including adequacy decisions, contractual clauses, and binding corporate rules.

7. Further practical implication of Transnational Data Protection: Addresses practical challenges for businesses, such as data protection during negotiations and the need for intercultural competence among legal teams.

8. Conclusion: Summarizes the thesis, emphasizing that the GDPR acts as a guiding example for the international marketplace while imposing high compliance obligations on businesses.

Keywords

GDPR, Data Protection, Transnational Business, Personal Identifiable Data, Cybercrime, European Union, Conflict of Law, Privacy, Compliance, Data Transfer, Digitalization, Data Protection Officer, Accountability, Consumer Protection, Legal Framework.

Frequently Asked Questions

What is the core focus of this thesis?

The thesis examines the legal and economic implications of the European General Data Protection Regulation (GDPR) for international business models that rely on cross-border data flows.

What are the central themes of the work?

Key themes include the economic impact of data protection, the evolution of EU data protection legislation, the intersection of data protection with conflict-of-law rules, and the practical challenges of international data transfers.

What is the primary research question?

The research aims to answer how the European General Data Protection Regulation impacts transnational business models and their management of data transfers.

Which scientific methods are employed?

The work utilizes a legal analysis of EU regulations and directives, alongside an economic perspective using frameworks like the STEP analysis and Porter's Five Forces to evaluate the market for data protection.

What does the main part of the work cover?

The main body covers the economic relevance of data, historical traditions of data protection, the hierarchy of EU data protection laws, mechanisms for international transfers, and the practical application of GDPR in corporate environments.

How can this work be characterized by its keywords?

It is characterized by terms such as GDPR, transnational business, data transfers, compliance, conflict-of-law, and privacy by design, reflecting its focus on both the legal and managerial aspects of data protection.

How does the GDPR affect companies outside the EU?

The thesis explains that the GDPR's territorial scope extends to non-EU organizations when they offer goods or services to, or monitor the behavior of, data subjects located within the European Union.

What is the "Market Place Principle" mentioned in the work?

It refers to the concept that the GDPR's influence extends beyond EU borders, effectively requiring organizations worldwide to comply if they target individuals residing within the European Union.

Ende der Leseprobe aus 78 Seiten - nach oben

Details

Titel: Transnational Data Protection
Untertitel: The implication of the European General Data Protection Regulation for transnational business models and their data transfer
Hochschule: Steinbeis-Hochschule Berlin (SIBE)
Note: 1,0
Autor: Jan Alexander Linxweiler (Autor:in)
Erscheinungsjahr: 2017
Seiten: 78
Katalognummer: V988690
ISBN (eBook): 9783346356956
ISBN (Buch): 9783346356963
Sprache: Englisch
Schlagworte: Datenschutz Data Protection Transnational Data Protection GDPR DSGVO
Produktsicherheit: GRIN Publishing GmbH
Preis (Ebook): US$ 34,99
Preis (Book): US$ 55,99

Arbeit zitieren: Jan Alexander Linxweiler (Autor:in), 2017, Transnational Data Protection, München, Page::Imprint:: GRINVerlagOHG, https://www.diplomarbeiten24.de/document/988690