Enforcing Privacy Regulatory, Legal and Technological Approaches

This book is about enforcing privacy and data protection. It demonstrates different approaches – regulatory, legal and technological – to enforcing privacy. 

If regulators do not enforce laws or regulations or codes or do not have the resources, political support or wherewithal to enforce them, they effectively eviscerate and make meaningless such laws or regulations or codes, no matter how laudable or well-intentioned. In some cases, however, the mere existence of such laws or regulations, combined with a credible threat to invoke them, is sufficient for regulatory purposes. But the threat has to be credible.  As some of the authors in this book make clear – it is a theme that runs throughout this book – “carrots” and “soft law” need to be backed up by “sticks” and “hard law”. 

The authors of this book view privacy enforcement as an activity that goes beyond regulatory enforcement, however. In some sense, enforcing privacy is a task that befalls to all of us. Privacy advocates and members of the public can play an important role in combatting the continuing intrusions upon privacy by governments, intelligence agencies and big companies. 

Contributors to this book - including regulators, privacy advocates, academics, SMEs, a Member of the European Parliament, lawyers and a technology researcher – share their views in the one and only book on Enforcing Privacy.

About the authors.- 1 Introduction to Enforcing Privacy; David Wright and Paul De Hert.- 2 Enforcing privacy; David Wright.- Countries.- 3 Failures of privacy self-regulation in the United States; Robert Gellman and Pam Dixon.- 4 From a model pupil to a problematic grown-up: Enforcing privacy and data protection in Hungary; Iván Székely.- 5 A tale of two privacies: Enforcing privacy with hard power and soft power in Japan; Hiroshi Miyashita.- 6 The Spanish experience of enforcing privacy norms: two decades of evolution from sticks to carrots; Artemio Rallo Lombarte.- 7 Data protection and enforcement in Latin America and in Uruguay; Ana Brian Nougrères.- International mechanisms.-8 The International Working Group on Data Protection in Telecommunications – contributions to transnational privacy enforcement;Alexander Dix.- 9 Enforcing privacy across different jurisdictions; Dan Svantesson.- 10 Cross-border breach notification; Blair Stewart.- 11 Responsive regulation of data privacy:theory and Asian examples; Graham Greenleaf.- 12 Enforcement and reform of the EU-US Safe Harbor Agreement Instruments; Chris Connolly and Peter van Dijk.- 13 How effective are fines in enforcing privacy?; Hazel Grant and Hannah Crowther.- 14 Enforcing privacy rights: Class action litigation and the challenge of cy pres; Marc Rotenberg and 

David Wright is Director of Trilateral Research, a London-based research company, which he founded in 2004. He has been a partner in numerous projects funded by the European Commission involving privacy, surveillance, risk, security and ethics. He has published many articles in peer-reviewed journals. In addition to Enforcing Privacy, he co-edited and co-authored Privacy Impact Assessment (Springer 2012) with Paul De Hert. He was also principal editor of Surveillance in Europe (Routledge 2015). 

Paul De Hert is an international fundamental rights expert, with work on human rights and criminal and surveillance law, constitutionalism and the impact of technology on law. He is interested both in legal practice and more fundamental reflections about law.

He is full professor at the Vrije Universiteit Brussel (VUB) being co-director of the Research Group Law Science Technology & Society (LSTS) and of the Brussels Privacyhub. He also teaches “Privacy and Data Protection” at the Tilburg Institute of Law, Technology, and Society (TILT).