Abstract
This article considers the emergence of big data and how it poses considerable difficulties for the European Data Protection framework's key enabling concept: the notion of personal data. The article starts by outlining the fact that there is an emerging body of opinion which suggests that some of these problems might best be addressed by adopting a risk-management-based model of personal data. This, it is argued, is suggestive of the emergence of a possible fusion between the disciplines of data protection law and risk management. The article contends, however, that there are several complications associated with the adoption of risk-management-based regulatory strategies, which have to date not been meaningfully explored in the legal and regulatory literature pertaining to data protection. Consequently, these are issues in need of address. Whilst not intending to counsel against the adoption of risk-management-based regulatory strategies, the aim of this article is to begin bridging the metaphorical ‘gap’ between legal, regulatory, and risk research and management discourses, to stoke a much-needed debate in this topical area. To this end, the article highlights several areas which are in need of further consideration, and where there will likely be possibilities for future inter-disciplinary research.
Original language | English |
---|---|
Pages (from-to) | 312-335 |
Number of pages | 24 |
Journal | Information & Communications Technology Law |
Volume | 26 |
Issue number | 3 |
Early online date | 10 Sept 2017 |
DOIs | |
Publication status | Published - 31 Dec 2017 |
Keywords
- Big data
- data protection
- personal data
- risk management
- regulation