Considerable attention has been devoted in recent years to studying the legal challenges associated with Big Data. The main emphasis – including in, but not limited to, the field of data protection – has been on the role and content of the primary rules of the system. This stance makes perfect sense: it places the focus on the norms that should govern social and individual behaviour in terms that range from individual consent and data minimisation, accuracy and purpose limitation, integrity and confidentiality, to the principles of lawfulness, fairness, and transparency, as enshrined in Article 5 of the EU General Data Protection Regulation (GDPR). Still, I argue here that it is time to widen our perspective to include not only the hard laws of EU governance, but also to consider the role played by the secondary rules of the law. At the same time, we must evaluate the intent of the law in governing the process of technological innovation and the different ways in which human and social behaviours can be regulated. This article examines four types of secondary rules atworkwith(in) the GDPR and attempts to show how the mechanisms and procedures of legal flexibility provided by such rules may shed light on the kinds of primary rules needed within the field of Big Data.

The Legal Challenges of Big Data: Putting Secondary Rules First in the Field of EU Data Protection

PAGALLO, Ugo
2017-01-01

Abstract

Considerable attention has been devoted in recent years to studying the legal challenges associated with Big Data. The main emphasis – including in, but not limited to, the field of data protection – has been on the role and content of the primary rules of the system. This stance makes perfect sense: it places the focus on the norms that should govern social and individual behaviour in terms that range from individual consent and data minimisation, accuracy and purpose limitation, integrity and confidentiality, to the principles of lawfulness, fairness, and transparency, as enshrined in Article 5 of the EU General Data Protection Regulation (GDPR). Still, I argue here that it is time to widen our perspective to include not only the hard laws of EU governance, but also to consider the role played by the secondary rules of the law. At the same time, we must evaluate the intent of the law in governing the process of technological innovation and the different ways in which human and social behaviours can be regulated. This article examines four types of secondary rules atworkwith(in) the GDPR and attempts to show how the mechanisms and procedures of legal flexibility provided by such rules may shed light on the kinds of primary rules needed within the field of Big Data.
2017
3
1
34
46
Automated Processing; Big Data; Data Protection; Privacy; Secondary Rules of the Law.
Ugo Pagallo
File in questo prodotto:
File Dimensione Formato  
EDPL-1-2017_Article_Pagallo-2.pdf

Accesso riservato

Tipo di file: PDF EDITORIALE
Dimensione 512.75 kB
Formato Adobe PDF
512.75 kB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2318/1640445
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact