The Regulation of Personal and Non-Personal Data in the Context of Big Data

Authors

  • Daniar Supriyadi Tilburg Institute for Law, Technology and Society, Netherlands, Netherlands

DOI:

https://doi.org/10.53955/jhcls.v3i1.71

Abstract

Data protection laws provide minimum protections for personal data, as well as facilitate the free flow of such data, by setting out principles and rules for legitimate data processing. In the big data context, personal data may not be as easy to distinguish as in traditional data processing, and that makes policy-makers and businesses turn to the identifiability concept: in other words, what data are personal. This research is based on doctrinal legal researchon the legal theory (concepts, rules, and principles) concerning data protection in the EU and Indonesia. The results of the research show that the understand such paramount terminology in data protection law, relevant factors are presented to assess the direct or indirect identification of a natural person. In the EU data protection law, the test entails, for example, risk-based measures and technological development, whereas Indonesian law on data protection has not yet established such assessments. Data within big data operations traditionally falls under the scope of data protection laws only if it discloses the private life of individuals, such as names or other civil identities, but without further conditions to ascertain whether the data can be indirectly identified with an individual.

References

Acciarini, Chiara, Francesco Cappa, Paolo Boccardelli, and Raffaele Oriani, ‘How Can Organizations Leverage Big Data to Innovate Their Business Models? A Systematic Literature Review’, Technovation, In Press.May 2022 (2023), 102713 https://doi.org/10.1016/j.technovation.2023.102713

Agesilaou, Andria, and Eleni A. Kyza, ‘Whose Data Are They? Elementary School Students’ Conceptualization of Data Ownership and Privacy of Personal Digital Data’, International Journal of Child-Computer Interaction, 33 (2022) https://doi.org/10.1016/j.ijcci.2022.100462

Antusch, S., R. Custers, H. Marien, and H. Aarts, ‘Intentional Action and Limitation of Personal Autonomy. Do Restrictions of Action Selection Decrease the Sense of Agency?’, Consciousness and Cognition, 88.January (2021), 103076 https://doi.org/10.1016/j.concog.2021.103076

Arkhipov, Vladislav, and Victor Naumov, ‘The Legal Definition of Personal Data in the Regulatory Environment of the Russian Federation: Between Formal Certainty and Technological Development’, Computer Law and Security Review, 32.6 (2016), 868–87 https://doi.org/10.1016/j.clsr.2016.07.009

Bataineh, Ahmed Saleh, Rabeb Mizouni, Jamal Bentahar, and May El Barachi, ‘Toward Monetizing Personal Data: A Two-Sided Market Analysis’, Future Generation Computer Systems, 111 (2020), 435–59 https://doi.org/10.1016/j.future.2019.11.009

Belen Saglam, Rahime, Jason R.C. Nurse, and Duncan Hodges, ‘Personal Information: Perceptions, Types and Evolution’, Journal of Information Security and Applications, 66.March (2022), 103163 https://doi.org/10.1016/j.jisa.2022.103163

Bolognini, Luca, and Camilla Bistolfi, ‘Pseudonymization and Impacts of Big (Personal/Anonymous) Data Processing in the Transition from the Directive 95/46/EC to the New EU General Data Protection Regulation’, Computer Law and Security Review, 33.2 (2017), 171–81 https://doi.org/10.1016/j.clsr.2016.11.002

van den Broek, Tijs, and Anne Fleur van Veenstra, ‘Governance of Big Data Collaborations: How to Balance Regulatory Compliance and Disruptive Innovation’, Technological Forecasting and Social Change, 129.September 2017 (2018), 330–38 https://doi.org/10.1016/j.techfore.2017.09.040

Burden, Kit, ‘EU Update’, Computer Law and Security Review, 33.6 (2017), 884–91 https://doi.org/10.1016/j.clsr.2017.10.001

Chen, Zhiheng, Peiran Li, Yanxiu Jin, Yuan Jin, Jinyu Chen, Wenjing Li, and others, ‘Using Mobile Phone Big Data to Identify Inequity of Artificial Light at Night Exposure: A Case Study in Tokyo’, Cities, 128.May (2022), 3–5 https://doi.org/10.1016/j.cities.2022.103803

Choi, Jay Pil, Doh Shin Jeon, and Byung Cheol Kim, ‘Privacy and Personal Data Collection with Information Externalities’, Journal of Public Economics, 173 (2019), 113–24 https://doi.org/10.1016/j.jpubeco.2019.02.001

Chua, Hui Na, Jie Sheng Ooi, and Anthony Herbland, ‘The Effects of Different Personal Data Categories on Information Privacy Concern and Disclosure’, Computers and Security, 110 (2021), 102453 https://doi.org/10.1016/j.cose.2021.102453

Clancy, Sian, Frank Owusu-Sekyere, Jake Shelley, Annalena Veltmaat, Alessandra De Maria, and Andrea Petróczi, ‘The Role of Personal Commitment to Integrity in Clean Sport and Anti-Doping’, Performance Enhancement and Health, 10.4 (2022) https://doi.org/10.1016/j.peh.2022.100232

Clarke, Roger, ‘Can Small Users Recover from the Cloud?’, Computer Law and Security Review, 33.6 (2017), 754–67 https://doi.org/10.1016/j.clsr.2017.08.004

Cohen, Daniela, Anat Perry, Naama Mayseless, Oded Kleinmintz, and Simone G. Shamay-Tsoory, ‘The Role of Oxytocin in Implicit Personal Space Regulation: An FMRI Study’, Psychoneuroendocrinology, 91.February (2018), 206–15 https://doi.org/10.1016/j.psyneuen.2018.02.036

Cui, Shujie, and Peng Qi, ‘The Legal Construction of Personal Information Protection and Privacy under the Chinese Civil Code’, Computer Law and Security Review, 41 (2021), 1–17 https://doi.org/10.1016/j.clsr.2021.105560

Custers, Bart, and Gianclaudio Malgieri, ‘Priceless Data: Why the EU Fundamental Right to Data Protection Is at Odds with Trade in Personal Data’, Computer Law and Security Review, 45 (2022), 105683 https://doi.org/10.1016/j.clsr.2022.105683

Cuzzocrea, Alfredo, Carson K. Leung, Anifat M. Olawoyin, and Edoardo Fadda, ‘Supporting Privacy-Preserving Big Data Analytics on Temporal Open Big Data’, Procedia Computer Science, 198.2021 (2021), 112–21 https://doi.org/10.1016/j.procs.2021.12.217

Daly, Angela, ‘Privacy in Automation: An Appraisal of the Emerging Australian Approach’, Computer Law and Security Review, 33.6 (2017), 836–46 https://doi.org/10.1016/j.clsr.2017.05.009

Degnet, Mohammed B., Helena Hansson, Marjanke A. Hoogstra-Klein, and Anders Roos, ‘The Role of Personal Values and Personality Traits in Environmental Concern of Non-Industrial Private Forest Owners in Sweden’, Forest Policy and Economics, 141.May (2022) https://doi.org/10.1016/j.forpol.2022.102767

Ding, Wenjie, and Li Chen, ‘Regulating the Use of Big Data: Justifications, Perspectives and the Chinese Way Forward’, Computer Law and Security Review, 46.100 (2022) https://doi.org/10.1016/j.clsr.2022.105729

Elliot, Mark, Kieron O’Hara, Charles Raab, Christine M. O’Keefe, Elaine Mackey, Chris Dibben, and others, ‘Functional Anonymisation: Personal Data and the Data Environment’, Computer Law and Security Review, 34.2 (2018), 204–21 https://doi.org/10.1016/j.clsr.2018.02.001

Erdos, David, ‘The UK and the EU Personal Data Framework after Brexit: A New Trade and Cooperation Partnership Grounded in Council of Europe Convention 108+?’, Computer Law and Security Review, 44 (2022), 1–17 https://doi.org/10.1016/j.clsr.2021.105639

Feng, Fei, Xia Wang, and Tianxiang Chen, ‘Analysis of the Attributes of Rights to Inferred Information and China’s Choice of Legal Regulation’, Computer Law and Security Review, 41 (2021) https://doi.org/10.1016/j.clsr.2021.105565

Georgiadis, Georgios, and Geert Poels, ‘Towards a Privacy Impact Assessment Methodology to Support the Requirements of the General Data Protection Regulation in a Big Data Analytics Context: A Systematic Literature Review’, Computer Law and Security Review, 44 (2022) https://doi.org/10.1016/j.clsr.2021.105640

Giacalone, M., D. C. Sinitò, M. V. Calciano, and V. Santarcangelo, ‘A Novel Big Data Approach for Record and Represent Compliance in the Covid-19 Era’, Big Data Research, 27 (2022) https://doi.org/10.1016/j.bdr.2021.100290

Giancaspro, Mark, ‘Is a “Smart Contract†Really a Smart Idea? Insights from a Legal Perspective’, Computer Law and Security Review, 33.6 (2017), 825–35 https://doi.org/10.1016/j.clsr.2017.05.007

Godoy, Jaqueline de, Kathrin Otrel-Cass, and Kristian Høyer Toft, ‘Transformations of Trust in Society: A Systematic Review of How Access to Big Data in Energy Systems Challenges Scandinavian Culture’, Energy and AI, 5.April (2021) https://doi.org/10.1016/j.egyai.2021.100079

Hansson, Helena, and Jaap Sok, ‘Perceived Obstacles for Business Development: Construct Development and the Impact of Farmers’ Personal Values and Personality Profile in the Swedish Agricultural Context’, Journal of Rural Studies, 81.September 2020 (2021), 17–26 https://doi.org/10.1016/j.jrurstud.2020.12.004

Hasanzadeh, Kamyar, Anna Kajosaari, Dan Häggman, and Marketta Kyttä, ‘A Context Sensitive Approach to Anonymizing Public Participation GIS Data: From Development to the Assessment of Anonymization Effects on Data Quality’, Computers, Environment and Urban Systems, 83.April (2020), 101513 https://doi.org/10.1016/j.compenvurbsys.2020.101513

Hassan, Shafiqul, Mohsin Dhali, Fazluz Zaman, and Muhammad Tanveer, ‘Big Data and Predictive Analytics in Healthcare in Bangladesh: Regulatory Challenges’, Heliyon, 7.6 (2021) https://doi.org/10.1016/j.heliyon.2021.e07179

Helvacioglu, Asli Deniz, and Hanna Stakheyeva, ‘The Tale of Two Data Protection Regimes: The Analysis of the Recent Law Reform in Turkey in the Light of EU Novelties’, Computer Law and Security Review, 33.6 (2017), 811–24 https://doi.org/10.1016/j.clsr.2017.05.014

Huang, Tao, and Yuan Zhao, ‘Revolution of Securities Law in the Internet Age: A Review on Equity Crowd-Funding’, Computer Law and Security Review, 33.6 (2017), 802–10 https://doi.org/10.1016/j.clsr.2017.05.016

Jiang, Jinglin, Li Liao, Xi Lu, Zhengwei Wang, and Hongyu Xiang, ‘Deciphering Big Data in Consumer Credit Evaluation’, Journal of Empirical Finance, 62.August 2020 (2021), 28–45 https://doi.org/10.1016/j.jempfin.2021.01.009

Karjalainen, Tuulia, ‘The Battle of Power: Enforcing Data Protection Law against Companies Holding Data Power’, Computer Law and Security Review, 47.August 2018 (2022), 105742 https://doi.org/10.1016/j.clsr.2022.105742

Kennedy, Gabriela, ‘Asia Pacific News’, Computer Law and Security Review, 33.6 (2017), 896–904 https://doi.org/10.1016/j.clsr.2017.09.006

Li, Yuanxin, and Darina Saxunová, ‘A Perspective on Categorizing Personal and Sensitive Data and the Analysis of Practical Protection Regulations’, Procedia Computer Science, 170 (2020), 1110–15 https://doi.org/10.1016/j.procs.2020.03.060

Lin, Zhengzheng, and Yanqin Jiang, ‘Character Strengths, Meaning in Life, Personal Goal, and Career Adaptability among Impoverished College Students: A Chain-Mediating Model’, Heliyon, 9.August 2022 (2023), e13232 https://doi.org/10.1016/j.heliyon.2023.e13232

Liu, Cheng yong, Ling Jan Chiou, Cheng chung Li, and Xiu Wen Ye, ‘Analysis of Beijing Tianjin Hebei Regional Credit System from the Perspective of Big Data Credit Reporting’, Journal of Visual Communication and Image Representation, 59 (2019), 300–308 https://doi.org/10.1016/j.jvcir.2019.01.018

Liu, Tianqi, Chukwunonso O. Aniagor, Marcel I. Ejimofor, Matthew C. Menkiti, Kuok Ho Daniel Tang, Bridgid Lai Fui Chin, and others, ‘Technologies for Removing Pharmaceuticals and Personal Care Products (PPCPs) from Aqueous Solutions: Recent Advances, Performances, Challenges and Recommendations for Improvements’, Journal of Molecular Liquids, 374 (2022), 121144 https://doi.org/10.1016/j.molliq.2022.121144

Liu, Yu li, Luyan Huang, Wenjia Yan, Xinghan Wang, and Ruochen Zhang, ‘Privacy in AI and the IoT: The Privacy Concerns of Smart Speaker Users and the Personal Information Protection Law in China’, Telecommunications Policy, 46.7 (2022), 102334 https://doi.org/10.1016/j.telpol.2022.102334

Liu, Yue, ‘User Control of Personal Information Concerning Mobile-App: Notice and Consent?’, Computer Law and Security Review, 30.5 (2014), 521–29 https://doi.org/10.1016/j.clsr.2014.07.008

LIU, Zhao ge, Xiang yang LI, and Xiao han ZHU, ‘Scenario Modeling for Government Big Data Governance Decision-Making: Chinese Experience with Public Safety Services’, Information and Management, 59.3 (2022), 103622 https://doi.org/10.1016/j.im.2022.103622

Lu, Bingbin, ‘The Unique Chinese Legal Approach to Online Ad Blocking: Is It in the Right Direction?’, Computer Law and Security Review, 33.6 (2017), 786–801 https://doi.org/10.1016/j.clsr.2017.05.012

Lubis, Muharman, and Dini Oktarina D. Handayani, ‘The Relationship of Personal Data Protection towards Internet Addiction: Cyber Crimes, Pornography and Reduced Physical Activity’, Procedia Computer Science, 197.2021 (2021), 151–61 https://doi.org/10.1016/j.procs.2021.12.129

Malgieri, Gianclaudio, and Bart Custers, ‘Pricing Privacy – the Right to Know the Value of Your Personal Data’, Computer Law and Security Review, 34.2 (2018), 289–303 https://doi.org/10.1016/j.clsr.2017.08.006

Mantelero, Alessandro, ‘Regulating Big Data. The Guidelines of the Council of Europe in the Context of the European Data Protection Framework’, Computer Law and Security Review, 33.5 (2017), 584–602 https://doi.org/10.1016/j.clsr.2017.05.011

Marinova, Galia, Aida Bitri, and Marsida Ibro, ‘The Role of Women in the Digital Age: Balancing Professional and Personal Challenges during the COVID-19 Pandemic’, IFAC-PapersOnLine, 54.13 (2021), 539–44 https://doi.org/10.1016/j.ifacol.2021.10.505

Marschlich, Sarah, and Diana Ingenhoff, ‘Stakeholder Engagement in a Multicultural Context: The Contribution of (Personal) Relationship Cultivation to Social Capital’, Public Relations Review, 47.4 (2021) https://doi.org/10.1016/j.pubrev.2021.102091

Mendelson, D., and D. Mendelson, ‘Legal Protections for Personal Health Information in the Age of Big Data – a Proposal for Regulatory Framework’, Ethics, Medicine and Public Health, 3.1 (2017), 37–55 https://doi.org/10.1016/j.jemep.2017.02.005

Métayer, Daniel Le, Mathias Bossuet, Fanny Coudert, Claire Gayrel, Francisco Jaime, Christophe Jouvray, and others, ‘Interdisciplinarity in Practice: Challenges and Benefits for Privacy Research’, Computer Law and Security Review, 33.6 (2017), 864–69 https://doi.org/10.1016/j.clsr.2017.05.020

Milkaite, Ingrida, Ralf De Wolf, Eva Lievens, Tom De Leyn, and Marijn Martens, ‘Children’s Reflections on Privacy and the Protection of Their Personal Data: A Child-Centric Approach to Data Protection Information Formats’, Children and Youth Services Review, 129.December 2020 (2021) https://doi.org/10.1016/j.childyouth.2021.106170

Mullins, Martin, Christopher P. Holland, and Martin Cunneen, ‘Creating Ethics Guidelines for Artificial Intelligence and Big Data Analytics Customers: The Case of the Consumer European Insurance Market’, Patterns, 2.10 (2021) https://doi.org/10.1016/j.patter.2021.100362

Oksas, Catherine, Julia Green Brody, Phil Brown, Katherine E. Boronow, Erin DeMicco, Annemarie Charlesworth, and others, ‘Perspectives of Peripartum People on Opportunities for Personal and Collective Action to Reduce Exposure to Everyday Chemicals: Focus Groups to Inform Exposure Report-Back’, Environmental Research, 212.December 2021 (2022) https://doi.org/10.1016/j.envres.2022.113173

Pantlin, Nick, ‘European National News’, Computer Law and Security Review, 33.6 (2017), 892–95 https://doi.org/10.1016/j.clsr.2017.10.002

Papakonstantinou, Vagelis, and Paul de Hert, ‘Big Data Analytics in Electronic Communications: A Reality in Need of Granular Regulation (Even If This Includes an Interim Period of No Regulation at All)’, Computer Law and Security Review, 36.November 2015 (2020), 105397 https://doi.org/10.1016/j.clsr.2020.105397

Pauletto, Christian, ‘Options towards a Global Standard for the Protection of Individuals with Regard to the Processing of Personal Data’, Computer Law and Security Review, 40.3 (2021), 371–81 https://doi.org/10.1016/j.clsr.2020.105433

Perner, Petra, and Uwe Zscherpel, ‘Engineering Applications of Artificial Intelligence: Editorial’, Engineering Applications of Artificial Intelligence, 15.2 (2002), 121 https://doi.org/10.1016/S0952-1976(02)00027-1

Purtova, Nadezhda, ‘Default Entitlements in Personal Data in the Proposed Regulation: Informational Self-Determination off the Table. and Back on Again?’, Computer Law and Security Review, 30.1 (2014), 6–24 https://doi.org/10.1016/j.clsr.2013.12.006

Rhahla, Mouna, Sahar Allegue, and Takoua Abdellatif, ‘Guidelines for GDPR Compliance in Big Data Systems’, Journal of Information Security and Applications, 61.June (2021) https://doi.org/10.1016/j.jisa.2021.102896

Rubeis, Giovanni, ‘IHealth: The Ethics of Artificial Intelligence and Big Data in Mental Healthcare’, Internet Interventions, 28.August 2021 (2022), 100518 https://doi.org/10.1016/j.invent.2022.100518

Savelyev, Alexander, ‘Russia’s New Personal Data Localization Regulations: A Step Forward or a Self-Imposed Sanction?’, Computer Law and Security Review, 32.1 (2016), 128–45 https://doi.org/10.1016/j.clsr.2015.12.003

Shen, Yuncheng, Bing Guo, Yan Shen, Xuliang Duan, Xiangqian Dong, Hong Zhang, and others, ‘Personal Big Data Pricing Method Based on Differential Privacy’, Computers and Security, 113 (2022), 102529 https://doi.org/10.1016/j.cose.2021.102529

Silva, Jesus, Darwin Solano, Claudia Fernandez, Ligia Romero, and Jesus Vargas Villa, ‘Privacy Preserving, Protection of Personal Data, and Big Data: A Review of the Colombia Case’, Procedia Computer Science, 151.2018 (2019), 1213–18 https://doi.org/10.1016/j.procs.2019.04.174

Steppe, Richard, ‘Online Price Discrimination and Personal Data: A General Data Protection Regulation Perspective’, Computer Law and Security Review, 33.6 (2017), 768–85 https://doi.org/10.1016/j.clsr.2017.05.008

de Terwangne, Cécile, ‘Council of Europe Convention 108+: A Modernised International Treaty for the Protection of Personal Data’, Computer Law and Security Review, 40.July 2013 (2021), 3–4 https://doi.org/10.1016/j.clsr.2020.105497

Václav Jane ˇcek, ‘Ownership of Personal Data in the Internet of Václav Jane C’, Computer Law & Security Review, 34.2018 (2020), 1039–52 https://doi.org/https://doi.org/10.1016/j.clsr.2018.04.007

Valero, Cayetano, Jaime Pérez, Sonia Solera-cotanilla, Mario Vega-barbas, Guillermo Suarez-tangil, Manuel Alvarez-campana, and others, ‘Analysis of Security and Data Control in Smart Personal Assistants from the User’s Perspective’, Future Generation Computer Systems, 2023 https://doi.org/10.1016/j.future.2023.02.009

Vellinga, Nynke E., ‘From the Testing to the Deployment of Self-Driving Cars: Legal Challenges to Policymakers on the Road Ahead’, Computer Law and Security Review, 33.6 (2017), 847–63 https://doi.org/10.1016/j.clsr.2017.05.006

Wan, Yong, ‘Deep Linking Does Not Constitute a “Making Available to the Publicâ€: The Perspective of Beijing Intellectual Property Court’, Computer Law and Security Review, 33.6 (2017), 876–83 https://doi.org/10.1016/j.clsr.2017.05.013

Warso, Zuzanna, ‘There’s More to It than Data Protection-Fundamental Rights, Privacy and the Personal/Household Exemption in the Digital Age’, Computer Law and Security Review, 29.5 (2013), 491–500 https://doi.org/10.1016/j.clsr.2013.07.002

Wiltshire, Deborah, and Seraphim Alvanides, ‘Ensuring the Ethical Use of Big Data: Lessons from Secure Data Access’, Heliyon, 8.2 (2022), e08981 https://doi.org/10.1016/j.heliyon.2022.e08981

Wu, Yuehua, ‘Protecting Personal Data in E-Government: A Cross-Country Study’, Government Information Quarterly, 31.1 (2014), 150–59 https://doi.org/10.1016/j.giq.2013.07.003

Yu, Xiaolan, and Yun Zhao, ‘Dualism in Data Protection: Balancing the Right to Personal Data and the Data Property Right’, Computer Law and Security Review, 35.5 (2019), 1–11 https://doi.org/10.1016/j.clsr.2019.04.001

Yuvaraj, Joshua, ‘How about Me? The Scope of Personal Information under the Australian Privacy Act 1988’, Computer Law and Security Review, 34.1 (2018), 47–66 https://doi.org/10.1016/j.clsr.2017.05.019

Zhang, Chenguo, ‘“Sampling†Is Freedom of Art: The German Federal Constitutional Court Deliberates on the Acceptability of Music Sampling in the “Metall Auf Metall†Case’, Computer Law and Security Review, 33.6 (2017), 870–75 https://doi.org/10.1016/j.clsr.2017.06.005

Zhang, Lu, ‘“Personal Information of Privacy Nature’â€under Chinese Civil Code’, Computer Law and Security Review, 43 (2021) https://doi.org/10.1016/j.clsr.2021.105637

Zharova, Anna Konstantinovna, and Vladimir Mikhailovich Elin, ‘The Use of Big Data: A Russian Perspective of Personal Data Security’, Computer Law and Security Review, 33.4 (2017), 482–501 https://doi.org/10.1016/j.clsr.2017.03.025

Zheng, Guan, ‘Trilemma and Tripartition: The Regulatory Paradigms of Cross-Border Personal Data Transfer in the EU, the U.S. and China’, Computer Law and Security Review, 43 (2021), 105610 https://doi.org/10.1016/j.clsr.2021.105610

Downloads

Published

2023-02-14

Issue

Vol. 3 No. 1 (2023): Journal of Human Rights, Culture and Legal System

Section

Articles

Citation Check

License

Authors who publish with Journal of Human Rights, Culture and Legal System agree to the following terms:

  1. Authors retain copyright and grant the Journal of Human Rights, Culture and Legal System right of first publication with the work simultaneously licensed under Creative Commons Attribution License (CC BY 4.0) that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
  2. Authors can enter into separate, additional contractual arrangements for the non-exclusive distribution of the published version of the work (e.g., post it to an institutional repository or edit it in a book), with an acknowledgment of its initial publication in this journal.
  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) before and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.