Citation and metadata
Recommended citation
Stephanie Rossello, Pierre Dewitte, Exploring the limits of joint control: the case of COVID-19 digital proximity tracing solutions, 12 (2021) JIPITEC 342 para 1.
Download Citation
Endnote
%0 Journal Article %T Exploring the limits of joint control: the case of COVID-19 digital proximity tracing solutions %A Rossello, Stephanie %A Dewitte, Pierre %J JIPITEC %D 2021 %V 12 %N 3 %@ 2190-3387 %F rossello2021 %X Referring to the judgment of the CJEU in Fashion-ID, some scholars have anticipated that, “at this rate everyone will be a [joint] controller of personal data”. This contribution follows this arguably provocative, but not entirely implausible, line of thinking. In the first part of the article, we highlight the ambiguities inherent to the concept of “joint control” and confront them with those pertaining to the notion of “identifiability”. In the second part, we investigate the effects of the broad legal test for joint control on the role of the individual user of BLE-based COVID-19 digital proximity tracing solutions. This offers the possibility to examine, at a theoretical level, whether the impact of the broad notion of joint control differs depending on the architecture of the system (i.e. centralized or decentralized). We found out that the strict application of the joint controllership test could lead to unexpected and, most likely, unintended results. First, an app user could, in theory, qualify as a joint controller with a national health authority regardless of the protocol’s architecture. Second, an actor could, again in theory, be considered as a joint controller of data that is not personal from that actor’s perspective. %L 340 %K COVID-19 %K GDPR %K Joint control %K centralisation %K decentralisation %K digital proximity tracing %K identifiability %K personal data %U http://nbn-resolving.de/urn:nbn:de:0009-29-53370 %P 342-369Download
Bibtex
@Article{rossello2021, author = "Rossello, Stephanie and Dewitte, Pierre", title = "Exploring the limits of joint control: the case of COVID-19 digital proximity tracing solutions", journal = "JIPITEC", year = "2021", volume = "12", number = "3", pages = "342--369", keywords = "COVID-19; GDPR; Joint control; centralisation; decentralisation; digital proximity tracing; identifiability; personal data", abstract = "Referring to the judgment of the CJEU in Fashion-ID, some scholars have anticipated that, ``at this rate everyone will be a [joint] controller of personal data''. This contribution follows this arguably provocative, but not entirely implausible, line of thinking. In the first part of the article, we highlight the ambiguities inherent to the concept of ``joint control'' and confront them with those pertaining to the notion of ``identifiability''. In the second part, we investigate the effects of the broad legal test for joint control on the role of the individual user of BLE-based COVID-19 digital proximity tracing solutions. This offers the possibility to examine, at a theoretical level, whether the impact of the broad notion of joint control differs depending on the architecture of the system (i.e. centralized or decentralized). We found out that the strict application of the joint controllership test could lead to unexpected and, most likely, unintended results. First, an app user could, in theory, qualify as a joint controller with a national health authority regardless of the protocol's architecture. Second, an actor could, again in theory, be considered as a joint controller of data that is not personal from that actor's perspective.", issn = "2190-3387", url = "http://nbn-resolving.de/urn:nbn:de:0009-29-53370" }Download
RIS
TY - JOUR AU - Rossello, Stephanie AU - Dewitte, Pierre PY - 2021 DA - 2021// TI - Exploring the limits of joint control: the case of COVID-19 digital proximity tracing solutions JO - JIPITEC SP - 342 EP - 369 VL - 12 IS - 3 KW - COVID-19 KW - GDPR KW - Joint control KW - centralisation KW - decentralisation KW - digital proximity tracing KW - identifiability KW - personal data AB - Referring to the judgment of the CJEU in Fashion-ID, some scholars have anticipated that, “at this rate everyone will be a [joint] controller of personal data”. This contribution follows this arguably provocative, but not entirely implausible, line of thinking. In the first part of the article, we highlight the ambiguities inherent to the concept of “joint control” and confront them with those pertaining to the notion of “identifiability”. In the second part, we investigate the effects of the broad legal test for joint control on the role of the individual user of BLE-based COVID-19 digital proximity tracing solutions. This offers the possibility to examine, at a theoretical level, whether the impact of the broad notion of joint control differs depending on the architecture of the system (i.e. centralized or decentralized). We found out that the strict application of the joint controllership test could lead to unexpected and, most likely, unintended results. First, an app user could, in theory, qualify as a joint controller with a national health authority regardless of the protocol’s architecture. Second, an actor could, again in theory, be considered as a joint controller of data that is not personal from that actor’s perspective. SN - 2190-3387 UR - http://nbn-resolving.de/urn:nbn:de:0009-29-53370 ID - rossello2021 ER -Download
Wordbib
<?xml version="1.0" encoding="UTF-8"?> <b:Sources SelectedStyle="" xmlns:b="http://schemas.openxmlformats.org/officeDocument/2006/bibliography" xmlns="http://schemas.openxmlformats.org/officeDocument/2006/bibliography" > <b:Source> <b:Tag>rossello2021</b:Tag> <b:SourceType>ArticleInAPeriodical</b:SourceType> <b:Year>2021</b:Year> <b:PeriodicalTitle>JIPITEC</b:PeriodicalTitle> <b:Volume>12</b:Volume> <b:Issue>3</b:Issue> <b:Url>http://nbn-resolving.de/urn:nbn:de:0009-29-53370</b:Url> <b:Pages>342-369</b:Pages> <b:Author> <b:Author><b:NameList> <b:Person><b:Last>Rossello</b:Last><b:First>Stephanie</b:First></b:Person> <b:Person><b:Last>Dewitte</b:Last><b:First>Pierre</b:First></b:Person> </b:NameList></b:Author> </b:Author> <b:Title>Exploring the limits of joint control: the case of COVID-19 digital proximity tracing solutions</b:Title> <b:Comments>Referring to the judgment of the CJEU in Fashion-ID, some scholars have anticipated that, “at this rate everyone will be a [joint] controller of personal data”. This contribution follows this arguably provocative, but not entirely implausible, line of thinking. In the first part of the article, we highlight the ambiguities inherent to the concept of “joint control” and confront them with those pertaining to the notion of “identifiability”. In the second part, we investigate the effects of the broad legal test for joint control on the role of the individual user of BLE-based COVID-19 digital proximity tracing solutions. This offers the possibility to examine, at a theoretical level, whether the impact of the broad notion of joint control differs depending on the architecture of the system (i.e. centralized or decentralized). We found out that the strict application of the joint controllership test could lead to unexpected and, most likely, unintended results. First, an app user could, in theory, qualify as a joint controller with a national health authority regardless of the protocol’s architecture. Second, an actor could, again in theory, be considered as a joint controller of data that is not personal from that actor’s perspective.</b:Comments> </b:Source> </b:Sources>Download
ISI
PT Journal AU Rossello, S Dewitte, P TI Exploring the limits of joint control: the case of COVID-19 digital proximity tracing solutions SO JIPITEC PY 2021 BP 342 EP 369 VL 12 IS 3 DE COVID-19; GDPR; Joint control; centralisation; decentralisation; digital proximity tracing; identifiability; personal data AB Referring to the judgment of the CJEU in Fashion-ID, some scholars have anticipated that, “at this rate everyone will be a [joint] controller of personal data”. This contribution follows this arguably provocative, but not entirely implausible, line of thinking. In the first part of the article, we highlight the ambiguities inherent to the concept of “joint control” and confront them with those pertaining to the notion of “identifiability”. In the second part, we investigate the effects of the broad legal test for joint control on the role of the individual user of BLE-based COVID-19 digital proximity tracing solutions. This offers the possibility to examine, at a theoretical level, whether the impact of the broad notion of joint control differs depending on the architecture of the system (i.e. centralized or decentralized). We found out that the strict application of the joint controllership test could lead to unexpected and, most likely, unintended results. First, an app user could, in theory, qualify as a joint controller with a national health authority regardless of the protocol’s architecture. Second, an actor could, again in theory, be considered as a joint controller of data that is not personal from that actor’s perspective. ERDownload
Mods
<mods> <titleInfo> <title>Exploring the limits of joint control: the case of COVID-19 digital proximity tracing solutions</title> </titleInfo> <name type="personal"> <namePart type="family">Rossello</namePart> <namePart type="given">Stephanie</namePart> </name> <name type="personal"> <namePart type="family">Dewitte</namePart> <namePart type="given">Pierre</namePart> </name> <abstract>Referring to the judgment of the CJEU in Fashion-ID, some scholars have anticipated that, “at this rate everyone will be a [joint] controller of personal data”. This contribution follows this arguably provocative, but not entirely implausible, line of thinking. In the first part of the article, we highlight the ambiguities inherent to the concept of “joint control” and confront them with those pertaining to the notion of “identifiability”. In the second part, we investigate the effects of the broad legal test for joint control on the role of the individual user of BLE-based COVID-19 digital proximity tracing solutions. This offers the possibility to examine, at a theoretical level, whether the impact of the broad notion of joint control differs depending on the architecture of the system (i.e. centralized or decentralized). We found out that the strict application of the joint controllership test could lead to unexpected and, most likely, unintended results. First, an app user could, in theory, qualify as a joint controller with a national health authority regardless of the protocol’s architecture. Second, an actor could, again in theory, be considered as a joint controller of data that is not personal from that actor’s perspective.</abstract> <subject> <topic>COVID-19</topic> <topic>GDPR</topic> <topic>Joint control</topic> <topic>centralisation</topic> <topic>decentralisation</topic> <topic>digital proximity tracing</topic> <topic>identifiability</topic> <topic>personal data</topic> </subject> <classification authority="ddc">340</classification> <relatedItem type="host"> <genre authority="marcgt">periodical</genre> <genre>academic journal</genre> <titleInfo> <title>JIPITEC</title> </titleInfo> <part> <detail type="volume"> <number>12</number> </detail> <detail type="issue"> <number>3</number> </detail> <date>2021</date> <extent unit="page"> <start>342</start> <end>369</end> </extent> </part> </relatedItem> <identifier type="issn">2190-3387</identifier> <identifier type="urn">urn:nbn:de:0009-29-53370</identifier> <identifier type="uri">http://nbn-resolving.de/urn:nbn:de:0009-29-53370</identifier> <identifier type="citekey">rossello2021</identifier> </mods>Download
Full Metadata
Bibliographic Citation | Journal of intellectual property, information technology and electronic commerce law 12 (2021) 3 |
---|---|
Title |
Exploring the limits of joint control: the case of COVID-19 digital proximity tracing solutions (eng) |
Author | Stephanie Rossello, Pierre Dewitte |
Language | eng |
Abstract | Referring to the judgment of the CJEU in Fashion-ID, some scholars have anticipated that, “at this rate everyone will be a [joint] controller of personal data”. This contribution follows this arguably provocative, but not entirely implausible, line of thinking. In the first part of the article, we highlight the ambiguities inherent to the concept of “joint control” and confront them with those pertaining to the notion of “identifiability”. In the second part, we investigate the effects of the broad legal test for joint control on the role of the individual user of BLE-based COVID-19 digital proximity tracing solutions. This offers the possibility to examine, at a theoretical level, whether the impact of the broad notion of joint control differs depending on the architecture of the system (i.e. centralized or decentralized). We found out that the strict application of the joint controllership test could lead to unexpected and, most likely, unintended results. First, an app user could, in theory, qualify as a joint controller with a national health authority regardless of the protocol’s architecture. Second, an actor could, again in theory, be considered as a joint controller of data that is not personal from that actor’s perspective. |
Subject | COVID-19, GDPR, Joint control, centralisation, decentralisation, digital proximity tracing, identifiability, personal data |
DDC | 340 |
Rights | DPPL |
URN: | urn:nbn:de:0009-29-53370 |