Accountability by dialogue: A new approach to data protection

(invited lecture)

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Abstract

Current legal frameworks for data protection have a number of flaws. The notion of informed consent does not work in practice. Leg- islation only covers personal data, but it doesnt cover data about groups and it doesn’t cover conditions on usage of data for certain purposes. Supervision is largely based on self-regulation. Regulatory agencies have little capacity. On the other hand, we observe that many business models are based on data about users. Users pay with their data. Access to data should therefore be seen as a counteroffer in a contract. In this paper we will therefore suggest a different approach to data protection, based on the idea of accountability. In this short paper, we propose a dialogue framework to facilitate such accountability, in the application domain of data protection. The idea is to empower users to negotiate better terms and conditions in their contracts, monitor compliance, and chal- lenge the organization in case of breaches of contract. That means that in addition to the current legal framework for data protection, which is generally based on public law, we suggest to make more use of private law as the legal framework of preference. To enable accountability over data protection, we foresee two kinds of functionality. Tools that may help users negotiate sensible contracts that take data protection aspects into account. An infrastructure that monitors actual usage of data, detects possible breaches of contract and allows users to challenge the organi- zation. In addition, we discuss the necessary elements of a governance structure to enable effective enforcement.
Original languageEnglish
Title of host publicationComputational Accountability and Responsibility in Multiagent Systems (CAReMAS 2017)
EditorsMatteo Baldoni, Cristina Baroglio , Roberto Micalizio
PublisherCEUR Workshop Proceedings
Pages1-1
Volume2051
Publication statusPublished - 2017

Fingerprint

data protection
dialogue
responsibility
organization
private law
personal data
public law
self-regulation
functionality
supervision
legislation
governance
infrastructure
Group

Keywords

  • accountability, data protection

Cite this

Hulstijn, J. (2017). Accountability by dialogue: A new approach to data protection: (invited lecture). In M. Baldoni, C. Baroglio , & R. Micalizio (Eds.), Computational Accountability and Responsibility in Multiagent Systems (CAReMAS 2017) (Vol. 2051, pp. 1-1). CEUR Workshop Proceedings.
Hulstijn, Joris. / Accountability by dialogue: A new approach to data protection : (invited lecture). Computational Accountability and Responsibility in Multiagent Systems (CAReMAS 2017). editor / Matteo Baldoni ; Cristina Baroglio ; Roberto Micalizio. Vol. 2051 CEUR Workshop Proceedings, 2017. pp. 1-1
@inproceedings{cf404c7e250e465b9f8884ac2636ed28,
title = "Accountability by dialogue: A new approach to data protection: (invited lecture)",
abstract = "Current legal frameworks for data protection have a number of flaws. The notion of informed consent does not work in practice. Leg- islation only covers personal data, but it doesnt cover data about groups and it doesn’t cover conditions on usage of data for certain purposes. Supervision is largely based on self-regulation. Regulatory agencies have little capacity. On the other hand, we observe that many business models are based on data about users. Users pay with their data. Access to data should therefore be seen as a counteroffer in a contract. In this paper we will therefore suggest a different approach to data protection, based on the idea of accountability. In this short paper, we propose a dialogue framework to facilitate such accountability, in the application domain of data protection. The idea is to empower users to negotiate better terms and conditions in their contracts, monitor compliance, and chal- lenge the organization in case of breaches of contract. That means that in addition to the current legal framework for data protection, which is generally based on public law, we suggest to make more use of private law as the legal framework of preference. To enable accountability over data protection, we foresee two kinds of functionality. Tools that may help users negotiate sensible contracts that take data protection aspects into account. An infrastructure that monitors actual usage of data, detects possible breaches of contract and allows users to challenge the organi- zation. In addition, we discuss the necessary elements of a governance structure to enable effective enforcement.",
keywords = "accountability, data protection",
author = "Joris Hulstijn",
year = "2017",
language = "English",
volume = "2051",
pages = "1--1",
editor = "Matteo Baldoni and {Baroglio }, Cristina and Micalizio, {Roberto }",
booktitle = "Computational Accountability and Responsibility in Multiagent Systems (CAReMAS 2017)",
publisher = "CEUR Workshop Proceedings",

}

Hulstijn, J 2017, Accountability by dialogue: A new approach to data protection: (invited lecture). in M Baldoni, C Baroglio & R Micalizio (eds), Computational Accountability and Responsibility in Multiagent Systems (CAReMAS 2017). vol. 2051, CEUR Workshop Proceedings, pp. 1-1.

Accountability by dialogue: A new approach to data protection : (invited lecture). / Hulstijn, Joris.

Computational Accountability and Responsibility in Multiagent Systems (CAReMAS 2017). ed. / Matteo Baldoni; Cristina Baroglio ; Roberto Micalizio. Vol. 2051 CEUR Workshop Proceedings, 2017. p. 1-1.

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

TY - GEN

T1 - Accountability by dialogue: A new approach to data protection

T2 - (invited lecture)

AU - Hulstijn, Joris

PY - 2017

Y1 - 2017

N2 - Current legal frameworks for data protection have a number of flaws. The notion of informed consent does not work in practice. Leg- islation only covers personal data, but it doesnt cover data about groups and it doesn’t cover conditions on usage of data for certain purposes. Supervision is largely based on self-regulation. Regulatory agencies have little capacity. On the other hand, we observe that many business models are based on data about users. Users pay with their data. Access to data should therefore be seen as a counteroffer in a contract. In this paper we will therefore suggest a different approach to data protection, based on the idea of accountability. In this short paper, we propose a dialogue framework to facilitate such accountability, in the application domain of data protection. The idea is to empower users to negotiate better terms and conditions in their contracts, monitor compliance, and chal- lenge the organization in case of breaches of contract. That means that in addition to the current legal framework for data protection, which is generally based on public law, we suggest to make more use of private law as the legal framework of preference. To enable accountability over data protection, we foresee two kinds of functionality. Tools that may help users negotiate sensible contracts that take data protection aspects into account. An infrastructure that monitors actual usage of data, detects possible breaches of contract and allows users to challenge the organi- zation. In addition, we discuss the necessary elements of a governance structure to enable effective enforcement.

AB - Current legal frameworks for data protection have a number of flaws. The notion of informed consent does not work in practice. Leg- islation only covers personal data, but it doesnt cover data about groups and it doesn’t cover conditions on usage of data for certain purposes. Supervision is largely based on self-regulation. Regulatory agencies have little capacity. On the other hand, we observe that many business models are based on data about users. Users pay with their data. Access to data should therefore be seen as a counteroffer in a contract. In this paper we will therefore suggest a different approach to data protection, based on the idea of accountability. In this short paper, we propose a dialogue framework to facilitate such accountability, in the application domain of data protection. The idea is to empower users to negotiate better terms and conditions in their contracts, monitor compliance, and chal- lenge the organization in case of breaches of contract. That means that in addition to the current legal framework for data protection, which is generally based on public law, we suggest to make more use of private law as the legal framework of preference. To enable accountability over data protection, we foresee two kinds of functionality. Tools that may help users negotiate sensible contracts that take data protection aspects into account. An infrastructure that monitors actual usage of data, detects possible breaches of contract and allows users to challenge the organi- zation. In addition, we discuss the necessary elements of a governance structure to enable effective enforcement.

KW - accountability, data protection

M3 - Conference contribution

VL - 2051

SP - 1

EP - 1

BT - Computational Accountability and Responsibility in Multiagent Systems (CAReMAS 2017)

A2 - Baldoni, Matteo

A2 - Baroglio , Cristina

A2 - Micalizio, Roberto

PB - CEUR Workshop Proceedings

ER -

Hulstijn J. Accountability by dialogue: A new approach to data protection: (invited lecture). In Baldoni M, Baroglio C, Micalizio R, editors, Computational Accountability and Responsibility in Multiagent Systems (CAReMAS 2017). Vol. 2051. CEUR Workshop Proceedings. 2017. p. 1-1