Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Addressing the Responsibility Gap in Data Protection by Design: Towards a More Future-oriented, Relational, and Distributed Approach
Stockholms universitet, Juridiska fakulteten, Juridiska institutionen, Institutet för rättsinformatik (IRI).
2022 (Engelska)Ingår i: Tilburg Law Review, ISSN 2211-0046, Vol. 27, nr 1, s. 1-21Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

This paper explores the extent to which technology providers are responsible to end users for embedding data protection rules in the AI systems they design and develop, so as to safeguard the fundamental rights to privacy and data protection. The main argument set forth is that a relational rationale, requiring a broader range of actors in the supply chain to share legal responsibility for Data Protection by Design (DPbD) is better suited to address infringements to these fundamental rights than the current model that assigns responsibility mainly to the data controller or data processor. Reconceptualizing the law in a more future-oriented, relational, and distributed way would make it possible to adapt legal rules – including those within the GDPR and the continuously evolving EU acquis – to the complex reality of technology development, at least partly addressing the responsibility gap in DPbD.

A future-oriented conception of responsibility would require technology providers to adopt more proactive approaches to DPbD, even where they are unlikely to qualify as a controller. A relational approach to DPbD would require technology providers to bear greater responsibilities to those individuals or groups that are affected by their design choices. A distributed approach to DPbD would allow for downstream actors in the supply chain to bear part of the legal responsibility for DPbD by relying on legal requirements that are applicable to various actors in the supply chain supporting DPbD such as those found in contract law, liability law, and the emerging EU acquis governing AI, data, and information security.

Ort, förlag, år, upplaga, sidor
2022. Vol. 27, nr 1, s. 1-21
Nyckelord [en]
Data Protection by Design, technology providers, GDPR, AI Act, responsibility
Nationell ämneskategori
Juridik (exklusive juridik och samhälle)
Identifikatorer
URN: urn:nbn:se:su:diva-215106DOI: 10.5334/tilr.274ISI: 001000908400001Scopus ID: 2-s2.0-85151292444OAI: oai:DiVA.org:su-215106DiVA, id: diva2:1740034
Tillgänglig från: 2023-02-28 Skapad: 2023-02-28 Senast uppdaterad: 2024-05-24Bibliografiskt granskad

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

Förlagets fulltextScopus

Person

Colonna, Liane

Sök vidare i DiVA

Av författaren/redaktören
Colonna, Liane
Av organisationen
Institutet för rättsinformatik (IRI)
I samma tidskrift
Tilburg Law Review
Juridik (exklusive juridik och samhälle)

Sök vidare utanför DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetricpoäng

doi
urn-nbn
Totalt: 73 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf