The INFO-LEG team was at the Data Justice conference in Cardiff on May 22-23.
Nadya Purtova gave a talk about the future of data protection law as a legal framework for data justice, which is meant to prevent and mitigate adverse effects of all data practices rather than focus on one specific type of data, ie personal data. The talk was in part based on the article “The law of everything” (just out in open access!), and in part on some new ideas. Briefly, as Nadya argued in the paper, every piece of data – depending on the context – has a potential and is more likely to impact rights and interests of people. This fact, together with a legal definition of personal data, means that all data is soon to become ‘personal’. We can also argue that data protection law already incorporates justice considerations, such as principle of fairness and transparency of data processing. The emphasis on individual control rights in the current data protection law may not necessarily fit the picture of a legal instrument securing data justice, since justice should be addressed as a societal matter. However, it is not that farfetched to imagine that this will change in future. Data protection law has already gone through some fundamental evolutionary changes, from regulating databases without using the language of privacy or rights, to the current system. It is possible to imagine that the time will be ripe for the next generation of data protection built on a different foundation, such as data justice.
Raphael Gellert talked about “Data protection and notions of information: a conceptual exploration“. This presentation is based upon his work in progress. The goal is to reflect on the capacity of data protection law to adequately address contemporary data processing operations based on semi-autonomous learning algorithms. To this end, the talk explored the notion of personal data which the GDPR defines as any information related to an identified or identifiable individual, and focuses on the interplays between information and data, by resorting to information studies. Raphael talked about the history of information theory and data protection. It tends to suggest that data protection is based upon understanding of data as “the digital representation of information” and understanding of information as primarily semantic (as containing meaning and leading to –changes in- knowledge). Yet, machine learning and semi-autonomous learning algorithms are seemingly based on different conceptions of data and information. So far the presentation raised questions: To what extent are these different conceptualisations of data and information compatible? How, and to what extent does this hamper the capacity of data protection law to address these technological developments, if at all?