The EU-US Privacy Shield Regime for Cross-Border Transfers of Personal Data under the GDPR: What are the legal challenges and how might these affect cloud-based technologies, big data, and AI in the medical sector?
(2020) In European Pharmaceutical Law Review 4(1). p.34-50- Abstract
- Cloud-based technologies, big data, statistical signal processing algorithms, and Artificial Intelligence (AI) technologies are expected to play an increasingly important role in themedical field. Big data and AI-technologies rely on the cloud for data storage as well as for computational power and thus need effective and robust legal frameworks for international data transfer. Because of inconsistent data protection regulations, this is not always simple to achieve as it can be illustrated in the United States (US)–European Union (EU) context. Due to the lack of general data protection law at the federal level, the US currently does not have a general ‘adequacy decision’ from the European Commission (EC) to enable EU-US cross-border data... (More)
- Cloud-based technologies, big data, statistical signal processing algorithms, and Artificial Intelligence (AI) technologies are expected to play an increasingly important role in themedical field. Big data and AI-technologies rely on the cloud for data storage as well as for computational power and thus need effective and robust legal frameworks for international data transfer. Because of inconsistent data protection regulations, this is not always simple to achieve as it can be illustrated in the United States (US)–European Union (EU) context. Due to the lack of general data protection law at the federal level, the US currently does not have a general ‘adequacy decision’ from the European Commission (EC) to enable EU-US cross-border data transfers without the need for additional data protection safeguards under GDPR. As a fallback, a ‘limited adequacy’ decision was adopted in 2016 on the so-called ‘EU/US Privacy Shield Framework’. This framework protects the fundamental rights of natural persons in the EU and allows the free transfer of personal data to companies that are certified under the EU-US Privacy Shield. However, the EU-US Privacy Shield has been recently contested at the Court of Justice of the European Union (CJEU). This paper analyzes the EU-US Privacy Shield Framework, the associated legal challenges, and how these might affect organizations deploying or implementing cloud-based medical technologies relying on cross-border data transfers from EU data subjects. (Less)
Please use this url to cite or link to this publication:
https://lup.lub.lu.se/record/c0186049-06af-4444-8029-26ef27fed118
- author
- Minssen, Timo LU ; Seitz, Claudia ; Aboy, Mateo and Corrales Compagnucci, Marcelo
- publishing date
- 2020-03-25
- type
- Contribution to journal
- publication status
- published
- subject
- keywords
- Health law, Hälsorätt
- in
- European Pharmaceutical Law Review
- volume
- 4
- issue
- 1
- pages
- 34 - 50
- publisher
- Lexxion
- external identifiers
-
- scopus:85150026229
- ISSN
- 2511-7157
- DOI
- 10.21552/eplr/2020/1/6
- language
- English
- LU publication?
- no
- id
- c0186049-06af-4444-8029-26ef27fed118
- date added to LUP
- 2020-12-16 13:16:54
- date last changed
- 2023-03-27 08:48:46
@article{c0186049-06af-4444-8029-26ef27fed118,
abstract = {{Cloud-based technologies, big data, statistical signal processing algorithms, and Artificial Intelligence (AI) technologies are expected to play an increasingly important role in themedical field. Big data and AI-technologies rely on the cloud for data storage as well as for computational power and thus need effective and robust legal frameworks for international data transfer. Because of inconsistent data protection regulations, this is not always simple to achieve as it can be illustrated in the United States (US)–European Union (EU) context. Due to the lack of general data protection law at the federal level, the US currently does not have a general ‘adequacy decision’ from the European Commission (EC) to enable EU-US cross-border data transfers without the need for additional data protection safeguards under GDPR. As a fallback, a ‘limited adequacy’ decision was adopted in 2016 on the so-called ‘EU/US Privacy Shield Framework’. This framework protects the fundamental rights of natural persons in the EU and allows the free transfer of personal data to companies that are certified under the EU-US Privacy Shield. However, the EU-US Privacy Shield has been recently contested at the Court of Justice of the European Union (CJEU). This paper analyzes the EU-US Privacy Shield Framework, the associated legal challenges, and how these might affect organizations deploying or implementing cloud-based medical technologies relying on cross-border data transfers from EU data subjects.}},
author = {{Minssen, Timo and Seitz, Claudia and Aboy, Mateo and Corrales Compagnucci, Marcelo}},
issn = {{2511-7157}},
keywords = {{Health law; Hälsorätt}},
language = {{eng}},
month = {{03}},
number = {{1}},
pages = {{34--50}},
publisher = {{Lexxion}},
series = {{European Pharmaceutical Law Review}},
title = {{The EU-US Privacy Shield Regime for Cross-Border Transfers of Personal Data under the GDPR: What are the legal challenges and how might these affect cloud-based technologies, big data, and AI in the medical sector?}},
url = {{http://dx.doi.org/10.21552/eplr/2020/1/6}},
doi = {{10.21552/eplr/2020/1/6}},
volume = {{4}},
year = {{2020}},
}