The Technical Manual for the digital evaluation tool QualiTePE supports users of the QualiTePE tool in creating, conducting and analysing evaluations to record the quality of teaching in physical education. The information on the General Data Protection Regulation (GDPR) instructs users on how to anonymise the data collection of evaluations and which legal bases apply with regard to the collection of personal data. The technical manual for the digital evaluation tool QualiTePE and the information on the General Data Protection Regulation (GDPR) are available in English, German, French, Italian, Spanish, Dutch, Swedish, Slovenian, Czech and Greek.
DOCUMENT
Following the rationale of the current EU legal framework protecting personal data, children are entitled to the same privacy and data protection rights as adults. However, the child, because of his physical and mental immaturity, needs special safeguards and care, including appropriate legal protection. In the online environment, children are less likely to make any checks or judgments before entering personal information. Therefore, this paper presents an analysis of the extent to which EU regulation can ensure children’s online privacy and data protection.
DOCUMENT
The American company Amazon has made headlines several times for monitoring its workers in warehouses across Europe and beyond.1 What is new is that a national data protection authority has recently issued a substantial fine of €32 million to the e-commerce giant for breaching several provisions of the General Data Protection Regulation (gdpr) with its surveillance practices. On 27 December 2023, the Commission nationale de l’informatique et des libertés (cnil)—the French Data Protection Authority—determined that Amazon France Logistique infringed on, among others, Articles 6(1)(f) (principle of lawfulness) and 5(1)(c) (data minimization) gdpr by processing some of workers’ data collected by handheld scanner in the distribution centers of Lauwin-Planque and Montélimar.2 Scanners enable employees to perform direct tasks such as picking and scanning items while continuously collecting data on quality of work, productivity, and periods of inactivity.3 According to the company, this data processing is necessary for various purposes, including quality and safety in warehouse management, employee coaching and performance evaluation, and work planning.4 The cnil’s decision centers on data protection law, but its implications reach far beyond into workers’ fundamental right to health and safety at work. As noted in legal literature and policy documents, digital surveillance practices can have a significant impact on workers’ mental health and overall well-being.5 This commentary examines the cnil’s decision through the lens of European occupational health and safety (EU ohs). Its scope is limited to how the French authority has interpreted the data protection principle of lawfulness taking into account the impact of some of Amazon’s monitoring practices on workers’ fundamental right to health and safety.
MULTIFILE
De zorgsector verwerkt zeer gevoelige persoonsgegevens, waaronder gezondheidsgegevens. Bij onvoorzichtige omgang, kan dit een grote impact hebben op de rechten en vrijheden van natuurlijke personen. eHealth moet daarom voldoen aan het vereiste van data protection by design. Wanneer hieraan niet is voldaan, is het zaak om handhavend op te treden ter voorkoming van datalekken. Sinds de Algemene Verordening Gegevensbescherming (AVG) van toepassing is, bereikten meerdere datalekken het voorpaginanieuws waarbij eHealth niet voldeed aan voornoemde verplichting. In dit artikel onderzoeken de auteurs in hoeverre de in de AVG opgenomen handhavingsmogelijkheden met bijbehorende rechtsmiddelen de bescherming van persoonsgegevens waarborgen bij de inzet van eHealth.
DOCUMENT
In this project we take a look at the laws and regulations surrounding data collection using sensors in assistive technology and the literature on concerns of people about this technology. We also look into the Smart Teddy device and how it operates. An analysis required by the General Data Protection Regulation (GDPR) [5] will reveal the risks in terms of privacy and security in this project and how to mitigate them. https://nl.linkedin.com/in/haniers
MULTIFILE
DOCUMENT
DOCUMENT
Design and development practitioners such as those in game development often have difficulty comprehending and adhering to the European General Data Protection Regulation (GDPR), especially when designing in a private sensitive way. Inadequate understanding of how to apply the GDPR in the game development process can lead to one of two consequences: 1. inadvertently violating the GDPR with sizeable fines as potential penalties; or 2. avoiding the use of user data entirely. In this paper, we present our work on designing and evaluating the “GDPR Pitstop tool”, a gamified questionnaire developed to empower game developers and designers to increase legal awareness of GDPR laws in a relatable and accessible manner. The GDPR Pitstop tool was developed with a user-centered approach and in close contact with stakeholders, including practitioners from game development, legal experts and communication and design experts. Three design choices worked for this target group: 1. Careful crafting of the language of the questions; 2. a flexible structure; and 3. a playful design. By combining these three elements into the GDPR Pitstop tool, GDPR awareness within the gaming industry can be improved upon and game developers and designers can be empowered to use user data in a GDPR compliant manner. Additionally, this approach can be scaled to confront other tricky issues faced by design professionals such as privacy by design.
LINK
The use of in-body wearable devices is increasing in the healthcare sector, given their capacity to diagnose diseases and monitor health conditions. At the same time, some of these devices have entered the market and are being researched for use in workplace settings to enhance workers’ health and safety. However, neither specific EU legislation nor national law currently regulates the use of in-body wearables in employment, raising questions about the safeguarding of workers’ fundamental rights to privacy and data protection. Addressing the challenges posed by this regulatory gap, this article explores whether the European legislative framework employed in the healthcare sector for medical devices could be applied to the use of in-body wearables in employment settings. It also discusses the application of a key principle of the General Data Protection Regulation when in-body wearables are used in the workplace: lawfulness.
MULTIFILE
