This book describes the most important legal sources and principles of data privacy and data protection in China, Germany and the United States. The authors collected privacy statements from more than 400 crowdsourcing platforms, which allowed them to empirically evaluate their data privacy and data protection practices. The book compares the practices in the three countries and develops empirically-grounded policy recommendations.
Author(s): Lars Hornuf, Sonja Mangold, Yayun Yang
Series: Advanced Studies In Diginomics And Digitalization | ASDD
Edition: 1
Publisher: Springer
Year: 2023
Language: English
Commentary: TruePDF
Pages: 163
Tags: Financial Technology And Innovation; Data And Information Security; IT In Business; Business Law; Entrepreneurial Finance
Foreword
Funder Information
Contents
About the Authors
List of Figures
Chapter 1: Introduction
References
Chapter 2: Players in the Crowdsourcing Industry
2.1 Segments of the Crowd Industry
2.2 The Chinese, German, and U.S. Markets
2.3 General Market Trends
References
Chapter 3: Data Protection Law in Germany, the United States, and China
3.1 Data Privacy and Crowdsourcing in Germany: Legal Instruments, Aspects of Contract Law, Consumer Protection, and Competitio...
3.1.1 Legal Sources for Data Processing
3.1.2 Data Security: At the Interface Between Data Protection and IT Security Law
3.1.3 Protection of Personal and Sensitive Data
3.1.4 Particularities of Data Protection: Company Information, Consumer and Employee Data
3.1.5 Basic Principles of Data Processing
3.1.6 Pseudonymization and Anonymization as Data Protection Measures
3.1.7 Consent as the Central Legitimation of Data Processing
3.1.8 Algorithm-Based Decision-Making: Risks of Discrimination, Solution Approaches
3.1.9 Rights of Data Subjects
3.1.10 The Data Protection Impact Assessment: Self-Evaluation in the Case of High-Risk Data Processing
3.1.11 Internal and External Data Protection Controls
3.1.12 Sanctions
3.2 Data Privacy in Digital Business in the United States: Fragmented Rules, State Pioneers and the Prominent Role of the Fede...
3.2.1 Patchwork of Privacy Regulation
3.2.2 Data Security: Numerous Legal Sources
3.2.3 Protection of Personal and Sensitive Information: No Single Definition
3.2.4 Protection of Consumer and Employee Data
3.2.5 Main Principles of Data Processing: Sector-Specific and State-Specific Approaches
3.2.6 Anonymization and Pseudonymization
3.2.7 Consent for Data Processing: Limited Legal Requirements
3.2.8 Regulation of Algorithmic Decision-Making: Steps and Gaps
3.2.9 Individual Rights: Scattered Rules
3.2.10 Requirements for Data Protection Risk Assessments
3.2.11 Internal and External Enforcement
3.2.12 Sanctions
3.3 Data Privacy and Crowdsourcing in China
3.3.1 Various Sources of Law for Data Processing: A Brief Overview
3.3.2 Data Security
3.3.3 Protection of Personal Identifiable Information and Sensitive Data
3.3.4 Particularities of Data Protection: Company, Consumer, and Employee Data
3.3.5 Basic Principles of Data Processing
3.3.6 Anonymization and de-Identification as Data Protection Instruments
3.3.7 Consent as the Standard for Legitimation of Data Processing
3.3.8 Automated Decision-Making
3.3.9 Rights of Data Subjects
3.3.10 Data Protection Impact Assessment
3.3.11 Internal and External Data Protection Supervision
3.3.12 Sanctions
3.4 Similarities and Differences in Regulatory Approaches
3.4.1 Particularities of Norm-Setting in the Field of Data Privacy
3.4.2 Data Security Standards
3.4.3 Protection of Personal and Sensitive Data
3.4.4 Collection of Company Information and Consumer and Employee Data in the GDPR Broadly
3.4.5 General Principles of Data Processing, Privacy by Design and by Default
3.4.6 Anonymization and Pseudonymization
3.4.7 Consent for Legitimizing Data Processing
3.4.8 Regulation of Algorithmic Decision-Making
3.4.9 Individual Rights
3.4.10 Data Protection Impact Assessment
3.4.11 Enforcement Mechanisms
3.5 Interim Result and the Aspect of Regulatory Competition
References
Chapter 4: Privacy Statements in China, Germany, and the United States
4.1 Processing of Data
4.2 Processing of Data by Third Parties
References
Chapter 5: Summary and Conclusion
5.1 Increasing Regulation and Regulatory Competition
5.2 Processing of User Data
5.2.1 Privacy Statements as Main Source of Information
5.2.2 Processing of Crowdworkers´ Data
5.2.3 Collection of Sensitive Data
5.3 Processing of Data by Third Parties
5.3.1 Data Sharing
5.3.2 Use of Social Plugins and Web Analytics
5.3.3 Use of Cookies
5.3.4 Data Protection Efforts by Platforms and Outlook
References
Appendices
A. Chinese Crowdsourcing Platforms
A.1 Platforms with a Privacy Statement
A.2 Platforms Without a Privacy Statement
A.3 Platforms with No Website
B. German Crowdsourcing Platforms
B.1 Platforms with Privacy Statements
C. U.S. Crowdsourcing Platforms
C.1 Platforms with Privacy Statements
C.2 Platforms Without a Privacy Statement
C.3 Platforms with No Website
