Online Behavior Recognition: Can We Consider It Biometric Data under GDPR?-Reference-Cited by-同舟云学术

Online Behavior Recognition: Can We Consider It Biometric Data under GDPR?

Published:2018-09-17 Issue:2 Volume:12 Page:161-178
ISSN:1802-5951
Container-title:Masaryk University Journal of Law and Technology
language:
Short-container-title:MUJLT

Author:

Krausová Alžběta

Abstract

Our everyday use of electronic devices and search for various contents online provides valuable insights into our functioning and preferences. Companies usually extract and analyze this data in order to predict our future behavior and to tailor their marketing accordingly. In terms of the General Data Protection Regulation such practice is called profiling and is subject to specific rules. However, the behavior analysis can be used also for unique identification or verification of identity of a person. Therefore, this paper claims that under certain conditions data about online behavior of an individual fall into the category of biometric data within the meaning defined by the GDPR. Moreover, this paper claims that profiling of a person can not only be done upon existing biometric data as biometric profiling but it can also lead to creation of new biometric data by constituting a new biometric template. This claim is based both on legal interpretation of the concepts of biometric data, unique identification, and profiling as well as analysis of existing technologies. This article also explains under which conditions online behavior can be considered biometric data under the GDPR, at which point profiling results in creation of new biometric data and what are the consequences for a controller and data subjects.

Publisher

Masaryk University Press

Subject

Law,Library and Information Sciences,Computer Science Applications

Reference30 articles.

1. [1] (1996) Webster’s Encyclopedic Unabridged Dictionary of the English Language. New York: Random House.

2. [2] Article 29 – Data Protection Working Party. (2003) Working document on biometrics. 12168/02/EN WP 80. Brussels: Directorate E of the European Commission. Available from: http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2003/wp80_en.pdf [Accessed 15 November 2017].

3. [3] Article 29 – Data Protection Working Party. (2007) Opinion 4/2007 on the concept of personal data. 01248/07/EN WP 136. Brussels: Directorate C of the European Commission. Available from: http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2007/wp136_en.pdf [Accessed 20 October 2017].

4. [4] Article 29 – Data Protection Working Party. (2012) Opinion 01/2012 on the data protection reform proposals. 00530/12/EN WP 191. Brussels: Directorate C of the European Commission. Available from: http://www.europarl.europa.eu/document/activities/cont/201305/20130508ATT65841/20130508ATT65841EN.pdf [Accessed 15 October 2017].

5. [5] Article 29 – Data Protection Working Party. (2012) Opinion 3/2012 on developments in biometric technologies. 00720/12/EN WP 193. Brussels: Directorate C of the European Commission. Available from: http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2012/wp193_en.pdf [Accessed 20 October 2017].

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Analysis of Biometric Data Under the General Data Protection Regulation;Acta Informatica Pragensia;2019-12-31