Peter Blume

Data Protection in the Cloud

Abstract This article discusses the data protection issues made topical by cloud computing. It takes its starting point in a decision made by the Danish Data Protection Agency which is probably the first decision concerning this issue in an EU member state. The article focuses on the relationship between controller and processor, data security, data transfer and data subject rights. It concludes that cloud computing is a challenge but that data protection law should be able to meet that challenge.

Personal Data Transfer: Possibilities and Limitations

In this article the classic issue of transfer of personal data is once again considered. Both transfer between European Union member states and transfer from these to third countries are included. It is argued that the way in which data protection rules are drafted and their dependence on rules outside data protection make real harmonization impossible to achieve. This is a problem because the transfer problem has two aspects: Internally it concerns the ability to process transferred data, and Externally it concerns the possibility of marking a transfer. A solution must include both aspects and adopt either the current high European level of protection or a lower one. It is not enough just to use different legal forms such as contract. The article is pessimistic but, however, ends on a optimistic note.

Changes in the Sources of Law in Information Society

The purpose of the paper is to indicate in which way modern digital information systems influence the range of legal sources and to assess whether such changes improve the quality of judgements and other legal decisions. The paper uses examples from Danish law but does not in any detail describe specific information systems. It takes a more general approach. At the beginning the concept of a legal source is briefly discussed and it is considered why these sources are used. Preconditions for their usage are mainly availability and comprehensibility. With this background changes with respect to general legal rules, judicial and administrative decisions in national law are discussed with emphasis on the general considerations that are made in connection with developing information systems. Next developments in connection with EU law, international law and foreign law are considered and the importance of the Internet is emphasized. At the end it is briefly considered whether the different changes will lead to...

CCTV Surveillance: Something wrotten in the State of Denmark?

This article discusses the new rules in Danish law concerning CCTV surveillance and the data protection issues that are related to such surveillance. This new regulation is viewed from a European perspective.

Data protection of law offenders

Abstract The article discusses how processing of data related to people who have been convicted, charged or suspected in connection with a crime is regulated. After presenting some of the basic assumptions of data protection, different aspects of Danish law are first analysed. These include conditions of processing both in the public and the private sector, the extent of processing (especially in the Central Criminal Register), rules on security and on access to criminal records. Finally the question of a DNA register is discussed. Next the Council of Europe Police Data Recommendation and Directive 95/46 EC are described. Furthermore, the rules of the Schengen and the Europol Conventions are analysed. It is concluded that the privacy of criminals in many ways is endangered, but that it is still possible to envisage sound data protection combined with necessary crime prevention.