The Technical Manual for the digital evaluation tool QualiTePE supports users of the QualiTePE tool in creating, conducting and analysing evaluations to record the quality of teaching in physical education. The information on the General Data Protection Regulation (GDPR) instructs users on how to anonymise the data collection of evaluations and which legal bases apply with regard to the collection of personal data. The technical manual for the digital evaluation tool QualiTePE and the information on the General Data Protection Regulation (GDPR) are available in English, German, French, Italian, Spanish, Dutch, Swedish, Slovenian, Czech and Greek.
DOCUMENT
Veel overheden en bedrijven denken dat het met de nieuwe privacywet (GDPR) niet zo’n vaart zal lopen. Maar weten zij waar ze alle data bewaren? En wat ermee gebeurt? Het rondslingeren van data is een groot probleem, zeggen Hans Henseler en Geert-Jan van Bussel. Bedrijven en overheden hebben hun information governance en informatiewaardeketen niet onder controle.
DOCUMENT
Design and development practitioners such as those in game development often have difficulty comprehending and adhering to the European General Data Protection Regulation (GDPR), especially when designing in a private sensitive way. Inadequate understanding of how to apply the GDPR in the game development process can lead to one of two consequences: 1. inadvertently violating the GDPR with sizeable fines as potential penalties; or 2. avoiding the use of user data entirely. In this paper, we present our work on designing and evaluating the “GDPR Pitstop tool”, a gamified questionnaire developed to empower game developers and designers to increase legal awareness of GDPR laws in a relatable and accessible manner. The GDPR Pitstop tool was developed with a user-centered approach and in close contact with stakeholders, including practitioners from game development, legal experts and communication and design experts. Three design choices worked for this target group: 1. Careful crafting of the language of the questions; 2. a flexible structure; and 3. a playful design. By combining these three elements into the GDPR Pitstop tool, GDPR awareness within the gaming industry can be improved upon and game developers and designers can be empowered to use user data in a GDPR compliant manner. Additionally, this approach can be scaled to confront other tricky issues faced by design professionals such as privacy by design.
LINK
Data collected from fitness trackers worn by employees could be very useful for businesses. The sharing of this data with employers is already a well-established practice in the United States, and companies in Europe are showing an interest in the introduction of such devices among their workforces. Our argument is that employers processing their employees’ fitness trackers data is unlikely to be lawful under the General Data Protection Regulation (GDPR). Wearable fitness trackers, such as Fitbit and AppleWatch devices, collate intimate data about the wearer’s location, sleep and heart rate. As a result, we consider that they not only represent a novel threat to the privacy and autonomy of the wearer, but that the data gathered constitutes ‘health data’ regulated by Article 9. Processing health data, including, in our view, fitness tracking data, is prohibited unless one of the specified conditions in the GDPR applies. After examining a number of legitimate bases which employers can rely on, we conclude that the data processing practices considered do not comply with the principle of lawfulness that is central to the GDPR regime. We suggest alternative schema by which wearable fitness trackers could be integrated into an organization to support healthy habits amongst employees, but in a manner that respects the data privacy of the individual wearer.
MULTIFILE
Werkgevers in de Europese Unie gebruiken draagbare technologie, zoals smartphones, om er preventief voor te zorgen dat hun bedrijf geen besmettingshaard wordt. Door bron- en contactonderzoek en tracking van werknemers proberen zij dat te bereiken. Maar hoe zit dit in relatie tot de Europese AVG-regels? Stefania Marassi van de Haagse Hogeschool stelt dat er strikte voorwaarden moeten zijn om deze technologie te mogen gebruiken.
MULTIFILE
The American company Amazon has made headlines several times for monitoring its workers in warehouses across Europe and beyond.1 What is new is that a national data protection authority has recently issued a substantial fine of €32 million to the e-commerce giant for breaching several provisions of the General Data Protection Regulation (gdpr) with its surveillance practices. On 27 December 2023, the Commission nationale de l’informatique et des libertés (cnil)—the French Data Protection Authority—determined that Amazon France Logistique infringed on, among others, Articles 6(1)(f) (principle of lawfulness) and 5(1)(c) (data minimization) gdpr by processing some of workers’ data collected by handheld scanner in the distribution centers of Lauwin-Planque and Montélimar.2 Scanners enable employees to perform direct tasks such as picking and scanning items while continuously collecting data on quality of work, productivity, and periods of inactivity.3 According to the company, this data processing is necessary for various purposes, including quality and safety in warehouse management, employee coaching and performance evaluation, and work planning.4 The cnil’s decision centers on data protection law, but its implications reach far beyond into workers’ fundamental right to health and safety at work. As noted in legal literature and policy documents, digital surveillance practices can have a significant impact on workers’ mental health and overall well-being.5 This commentary examines the cnil’s decision through the lens of European occupational health and safety (EU ohs). Its scope is limited to how the French authority has interpreted the data protection principle of lawfulness taking into account the impact of some of Amazon’s monitoring practices on workers’ fundamental right to health and safety.
MULTIFILE
In this project we take a look at the laws and regulations surrounding data collection using sensors in assistive technology and the literature on concerns of people about this technology. We also look into the Smart Teddy device and how it operates. An analysis required by the General Data Protection Regulation (GDPR) [5] will reveal the risks in terms of privacy and security in this project and how to mitigate them. https://nl.linkedin.com/in/haniers
MULTIFILE
