The Future of International Data Transfers: Managing Legal Risk with a User-Held Data Model

• URL: http://arxiv.org/abs/2407.20514v1
• Date: Tue, 30 Jul 2024 03:15:36 GMT
• Title: The Future of International Data Transfers: Managing Legal Risk with a User-Held Data Model
• Authors: Paulius Jurcys, Marcelo Corrales Compagnucci, Mark Fenwick,
• Abstract summary: The General Data Protection Regulation contains a blanket prohibition on the transfer of personal data outside of the European Economic Area unless strict requirements are met. New technologies have made international data transfers the norm and not the exception. This article examines one such alternative, namely a user-held data model.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: The General Data Protection Regulation contains a blanket prohibition on the transfer of personal data outside of the European Economic Area unless strict requirements are met. The rationale for this provision is to protect personal data and data subject rights by restricting data transfers to countries that may not have the same level of protection as the EEA. However, the ubiquitous and permeable character of new technologies such as cloud computing, and the increased inter connectivity between societies, has made international data transfers the norm and not the exception. The Schrems II case and subsequent regulatory developments have further raised the bar for companies to comply with complex and, often, opaque rules. Many firms are, therefore, pursuing technology-based solutions in order to mitigate this new legal risk. These emerging technological alternatives reduce the need for open-ended cross-border transfers and the practical challenges and legal risk that such transfers create after Schrems. This article examines one such alternative, namely a user-held data model. This approach takes advantage of personal data clouds that allows data subjects to store their data locally and in a more decentralised manner, thus decreasing the need for cross-border transfers and offering end-users the possibility of greater control over their data.

Related papers

• Towards Best Practices for Open Datasets for LLM Training [21.448011162803866]
  Many AI companies are training their large language models (LLMs) on data without the permission of the copyright owners. Creative producers have led to several high-profile copyright lawsuits. This trend in limiting data information causes harm by hindering transparency, accountability, and innovation.
  arXiv  Detail & Related papers  (2025-01-14T17:18:05Z)
• Towards Data Governance of Frontier AI Models [0.0]
  We look at how data can enable new governance capacities for frontier AI models. Data is non-rival, often non-excludable, easily replicable, and increasingly synthesizable. We propose a set of policy mechanisms targeting key actors along the data supply chain.
  arXiv  Detail & Related papers  (2024-12-05T02:37:51Z)
• The Data Minimization Principle in Machine Learning [61.17813282782266]
  Data minimization aims to reduce the amount of data collected, processed or retained. It has been endorsed by various global data protection regulations. However, its practical implementation remains a challenge due to the lack of a rigorous formulation.
  arXiv  Detail & Related papers  (2024-05-29T19:40:27Z)
• A new framework for global data regulation [0.0]
  We propose a regulatory framework designed to apply not to specific data or tools themselves, but to the outcomes and rights that are linked to the use of these data and tools in context. This framework is designed to recognize, address, and protect a broad range of human rights, including privacy.
  arXiv  Detail & Related papers  (2023-08-24T17:48:56Z)
• Distributed Machine Learning and the Semblance of Trust [66.1227776348216]
  Federated Learning (FL) allows the data owner to maintain data governance and perform model training locally without having to share their data. FL and related techniques are often described as privacy-preserving. We explain why this term is not appropriate and outline the risks associated with over-reliance on protocols that were not designed with formal definitions of privacy in mind.
  arXiv  Detail & Related papers  (2021-12-21T08:44:05Z)
• Preventing Unauthorized Use of Proprietary Data: Poisoning for Secure Dataset Release [52.504589728136615]
  We develop a data poisoning method by which publicly released data can be minimally modified to prevent others from train-ing models on it. We demonstrate the success of our approach onImageNet classification and on facial recognition.
  arXiv  Detail & Related papers  (2021-02-16T19:12:34Z)
• Privacy Preservation in Federated Learning: An insightful survey from the GDPR Perspective [10.901568085406753]
  Article is dedicated to surveying on the state-of-the-art privacy techniques, which can be employed in Federated learning. Recent research has demonstrated that retaining data and on computation in FL is not enough for privacy-guarantee. This is because ML model parameters exchanged between parties in an FL system, which can be exploited in some privacy attacks.
  arXiv  Detail & Related papers  (2020-11-10T21:41:25Z)
• Second layer data governance for permissioned blockchains: the privacy management challenge [58.720142291102135]
  In pandemic situations, such as the COVID-19 and Ebola outbreak, the action related to sharing health data is crucial to avoid the massive infection and decrease the number of deaths. In this sense, permissioned blockchain technology emerges to empower users to get their rights providing data ownership, transparency, and security through an immutable, unified, and distributed database ruled by smart contracts.
  arXiv  Detail & Related papers  (2020-10-22T13:19:38Z)
• A vision for global privacy bridges: Technical and legal measures for international data markets [77.34726150561087]
  Despite data protection laws and an acknowledged right to privacy, trading personal information has become a business equated with "trading oil" An open conflict is arising between business demands for data and a desire for privacy. We propose and test a vision of a personal information market with privacy.
  arXiv  Detail & Related papers  (2020-05-13T13:55:50Z)
• Beyond privacy regulations: an ethical approach to data usage in transportation [64.86110095869176]
  We describe how Federated Machine Learning can be applied to the transportation sector. We see Federated Learning as a method that enables us to process privacy-sensitive data, while respecting customer's privacy.
  arXiv  Detail & Related papers  (2020-04-01T15:10:12Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.