Aleksandra Kuczerawy

Privacy Settings in Social Networking Sites: Is It Fair?

The present paper examines privacy settings in Social Networking Sites (SNS) and their default state from the legal point of view. The analysis will be conducted on the example of Facebook as one of the most popular –and controversial- SNS and one of the most active providers constantly amending its privacy settings. The paper will first present the notion of privacy settings and will explain how they can contribute to protecting the privacy of the user. Further on, this paper will discuss the general concerns expressed by users and data protection authorities worldwide with regard to the changes of Facebook’s privacy settings introduced in February 2010. Focus will be put on the implementation of the fairness principle in SNS. This principle implies that a person is not unduly pressured into supplying his data to a data controller, and on the other hand that the processing of personal data is transparent for the data subject.

Facebook and its EU Users – Applicability of the EU Data Protection Law to US Based SNS

The present paper examines the problem of applicable data protection law in a relationship between EU users and non-EU based Social Networking Site (SNS). The analysis will be conducted on the example of Facebook, which is one of the most popular SNS. The goal of the paper is to examine whether European users of Facebook can rely on their national data protection legislations in case of a privacy infringement by the SNS. The 95/46/EC Directive on Data Protection provides several options to protect EU residents in such relation. The paper will analyze whether Facebook’s participation in the Safe Harbor Program means that it is a subject to the regulation of the Data Protection Directive. Then, the paper will discuss if data processing activities of Facebook fall under the scope of the Data Protection Directive at all.

The identity landscape

Many people will have an image of ‘who they are’ and how their identity is established. Moreover, most individuals will probably relate the concept of identity (and identity management) to their reputation as an individual, how they define themselves, and how others look at them. In this view, identity relates to the personal aspect of identity. However, the term identity is also used in many other ways, for instance in the sense of cultural identity — what makes an Englishman English? —, or in the sense of identity management in IT systems. Because of this, a clear definition of ‘identity’ is difficult to provide.

Employing Robot Journalists: Legal Implications, Considerations and Recommendations

Algorithmic processes that convert data into narrative news texts allow news rooms to publish stories with limited to no human intervention (Carlson, 2015, p. 416). The new trend creates many opportunities, but also raises significant legal questions. Aside from financial benefits, further refinement could make the smart algorithms capable of writing less standard, maybe even opinion, pieces. The responsible human merely needs to define clear questions about what the algorithm needs to discuss in the article and in what manner. But how does it square with the traditional rules of publishing, editorial control and the privacy and data protection framework? This paper analyses the legal implications when employing robot journalists. More specifically, the question of authorship for algorithmic output and the liability issues that could arise when the algorithmic output includes unlawful personal data processing as well as inaccurate, harmful or even illegal content will be assessed. The analysis is performed analyzing European legislation on copyright and data protection and applying Belgian legislation on press liability as a consistent country example to support certain legal considerations and conclusions. Furthermore, the paper answers the question as to how publishers could prevent the creation of inaccurate content by the algorithms they use.

Indicators for Media Pluralism

The European Media Pluralism Monitor (MPM) starts from the assumption that, in order to obtain a complete and accurate picture of actual or imminent threats to media pluralism in a country, different sets of indicators should be combined (KU Leuven — ICRI et al. 2009). It distinguishes between three types of indicators that assess respectively legal, economic, and socio-demographic factors relevant for media pluralism. The aim of this chapter is to describe these different indicators, give an overall account of the methods adopted to select and measure them, and explain how they interrelate.

Regulating identity management

The notions of identity, privacy, personal information and data protection are closely related to each other. Privacy, according to Alan F. Westin ‘is the claim of individuals, groups or institutions to determine for themselves when, how, and to what extent information about them is communicated to others’ [Wes67, p.7]. Another definition, provided by Lee Bygrave, states that privacy is ‘a condition or state in which a person … is more or less inaccessible to others, either on the spatial, psychological or informational plane’ [Byg02]. Discussions regarding to the nature and sense of ‘privacy’ is long-lasting and complex. This chapter will not go into this particularly challenging debate, but rather it will sketch the legal framework in which privacy enhancing identity management operates.

User-centric privacy-enhancing identity management

Online identities are associated to individuals and improper handling of these identities may therefore affect these individuals. Placing the individual at the center of identity management and empowering them with tools to actively manage their identity may help limit the privacy risks provoked by the information society. As we have argued in the previous chapters, embedding privacy into the design of identity management systems is important. What the actual embodiment of privacy features into IdM encompasses is less clear. The previous chapter has shown a number of data protection principles that have to be observed by any system that handles personal data. These principles are part of the legal requirements for the development of any application that handles personal data, including identity management systems. There are also other sources of requirements. Human computer interaction research, sociological research and economics/business studies can also contribute to defining requirements for privacy-enhancing identity management systems. In the current chapter we focus on results obtained in PRIME research in the fields of law and sociology and human computer interaction that resulted in a set of concrete set of requirements for user-centric privacy-enhancing IdM. A more detailed description of user-focused privacy requirements can be found in PRIME’s Deliverables Framework V3 [PRI08] and Requirements V3 [KDR+08].