Disentangling encryption from the personalization debate

Autor: Pier Giorgio Chiara
Jazyk: angličtina
Rok vydání: 2021
Předmět:
Zdroj: University of Vienna Law Review, Vol 4, Iss 2 (2021)
Druh dokumentu: article
ISSN: 2521-3962
DOI: 10.25365/vlr-2020-4-2-168
Popis: The great confusion about encryption, cornerstone concept of data security, may jeopardise a proper taxonomy in order to legally qualify data. Through a technical and legal literature review, this paper firstly aims to shed the light on the nature of encryption. Having set the context, the study investigates whether and to what extent the so-called relativist understanding of Recital 26 GDPR is desirable. It considers the effort required to identify the data subject only by the data controller: in the context of cryptography, GDPR’s regime would be applicable if a data controller is able to decrypt a data set or, at least, has reasonable possibilities of doing so. The legal analysis, integrated with technical aspects, addresses the case of polymorphic encryption as an argument in favour of the relativist approach in the post-Breyer era: if cryptographic means have been strong enough so that identification is no longer reasonably likely, such data would be effectively non-personal data. The advisability of such outcome will be critically discussed in the light of recent business trends, where big corporations are increasingly investing in business models aiming at removing from the equation personal data.
Databáze: Directory of Open Access Journals