
The concept of a risk-based approach to data protection came to the fore during the overhaul process of the EU's General Data Protection Regulation (GDPR). At its core, it consists of endowing the regulated organizations that process personal data with increased responsibility for complying with data protection mandates. Such increased compliance duties are performed through risk management tools. This book provides a comprehensive analysis of this legal and policy development, which considers a legal, historical, and theoretical perspective. By framing the risk-based approach as a sui generis implementation of a specific regulation model 'known as meta regulation, this book provides a recollection of the policy developments that led to the adoption of the risk-based approach in light of regulation theory and debates. It also discusses a number of salient issues pertaining to the risk-based approach, such as its rationale, scope, and meaning; the role for regulators; and its potential and limits. The book also looks at they way it has been undertaken in major statutes with a focus on key provisions, such as data protection impact assessments or accountability. Finally, the book devotes considerable attention to the notion of risk. It explains key terms such as risk assessment and management. It discusses in-depth the role of harms in data protection, the meaning of a data protection risk, and the difference between risks and harms. It also critically analyses prevalent data protection risk management methodologies and explains the most important caveats for managing data protection risks.
This book investigates the legal, historical, and theoretical foundations of the risk-based approach to data protection as established within the European Union's General Data Protection Regulation (GDPR). Raphaël Gellert, a scholar in the field of data protection law, utilizes regulation theory to analyze how organizations are tasked with managing personal data through specific compliance mandates. The text argues that the risk-based approach functions as a form of meta-regulation, shifting the burden of compliance from prescriptive rules to internal risk management frameworks.
What You Will Find
Scope Limits
Experts identify this work as a foundational academic text for understanding the regulatory philosophy behind modern data protection laws. Readers frequently note the high level of academic density and the rigorous theoretical approach applied to legal analysis.
Page Count:
304
Publication Date:
2020-01-01
Publisher:
OUP Oxford
ISBN-10:
0192574744
ISBN-13:
9780192574749
No comments yet. Be the first to share your thoughts!