Law & Data Course Overview 2024/2025

Questions and Answers

What is the principle of proportionality in the context of limitations on rights?

Limitations can be imposed without any justification.

Limitations may only be made if they genuinely meet objectives of general interest. (correct)

Limitations should only protect the interests of the state.

Limitations must be reasonable and necessary to achieve explicit objectives.

Which of the following is NOT a general principle of EU law?

Legal certainty

Primacy of EU Law

Protection of fundamental rights

Direct applicability of international agreements (correct)

What does Article 6(3) TEU emphasize regarding fundamental rights?

They are exclusively determined by national laws.

They are solely based on EU legislation.

They can be overridden for state security purposes.

They are guaranteed by the European Convention and constitutional traditions. (correct)

In what context can the European Union conclude international agreements?

When provided for in Treaties or legally binding acts.

Which principle emphasizes the expectation that actions by the EU will be consistent?

Legitimate expectation

What is meant by 'primacy of EU Law'?

EU law takes precedence over conflicting national laws.

Which of the following best describes the development of legal principles in EU law?

They are subject to constant development from constitutional traditions.

Which statement about limitations on rights is accurate?

Limitations must be proportionate to the legitimate aim pursued.

What article outlines the process for a European state to apply for EU membership?

Article 49 TEU

Which of the following is NOT mentioned as a common value that applicant states must respect?

Economic stability

What must happen after an application for EU membership is submitted?

The Council must act unanimously after consulting the Commission.

Which body is responsible for notifying the European Parliament of a new membership application?

The Council

What condition must an applicant state fulfill to be considered for EU membership?

Undertake to promote the common values of the Union.

Which statement about ratification of the agreement is TRUE?

It must be ratified by all contracting states according to their constitutional requirements.

Which aspect is LEAST important in the assessment of an applicant state’s eligibility for EU membership?

Commitment to military cooperation

What role does the European Parliament play in the membership application process?

It must be consulted and must give consent by a majority.

What is considered the most comprehensive of rights valued by civilized men?

Right to be let alone

Which of the following is NOT explicitly mentioned as part of the right to privacy?

Right to public speech

According to the provided content, what is a primary distinction in the legal traditions concerning privacy?

Common law focuses on individual liberty while civil law emphasizes dignity.

What does personal data refer to in the context provided?

Information that can identify a natural person directly or indirectly

Which article of the UN Universal Declaration of Human Rights addresses privacy?

Article 12

Which statement best describes the relationship between the right to privacy and personal data?

They are intertwined and sometimes overlap.

In the common law tradition, which right primarily relates to freedom from interference?

Right to liberty

Which of the following best defines 'personhood' in the context of privacy rights?

Protection of identity and dignity

What does the term 'non-interference' imply in terms of privacy rights?

Freedom from unwarranted intrusion

What does Article 8(1) of the CFR emphasize regarding personal data?

The right to protect personal data

Which principle from the OECD Privacy Guidelines focuses on ensuring the quality of collected data?

Data Quality Principle

What is CoE Convention 108 significant for?

It is the first legally binding instrument on data protection.

Which of the following principles is NOT included in CoE Convention 108?

Right to deletion without reason

The Openness Principle under the OECD guidelines primarily relates to which aspect?

Transparency of data processing practices

What does the Purpose Specification Principle require?

Data must be collected for specific, legitimate purposes.

Which article of the Treaty on European Union (TEU) relates specifically to data protection?

Article 39

In CoE Convention 108, which of the following is a fundamental right for individuals concerning their personal data?

Right to know what information is stored

The Accountability Principle in the OECD guidelines emphasizes which of the following?

Organizations must be accountable for their data practices.

Which principle from CoE Convention 108 emphasizes the necessity for legitimate and fair data processing?

Legitimate purposes

What does the Security Safeguards Principle require organizations to implement?

Strong security measures for data protection

What is the main responsibility of the data controller?

To determine the purposes and means of processing personal data

Which of the following is NOT a right of the data subject under GDPR?

Right to privacy without request

Which directive emphasizes the need for consent when processing personal data?

General Data Protection Regulation (GDPR)

What is the purpose of the Data Protection Management System (DPMS)?

To ensure compliance with legal regulations

What must processors do according to their obligations under GDPR?

Act upon instructions of the controller

Which of the following is a component of the Data Protection by Design principle?

Implementing pseudonymization techniques

What does the right to be forgotten entail?

The data subject can request erasure of personal data

Under the GDPR, who is required to appoint a Data Protection Officer?

Organizations involved in large-scale data processing

What is the significance of the principle of data minimization?

To process only data necessary for the specified purpose

Which of the following best describes the role of a Data Protection Officer?

To monitor compliance with data protection laws

According to GDPR, what is one of the obligations of the data processor?

Design and implement secure data systems

What should a data controller maintain as part of their obligations under GDPR?

Record of processing activities

What is the primary goal of the European Electronic Communications Code?

To promote connectivity across the EU

What does 'processing' of personal data encompass?

Any operation performed on personal data

What is the primary purpose of the General Data Protection Regulation (GDPR)?

To ensure the protection of personal data and the rights of data subjects

Which of the following is classified as sensitive data under GDPR?

Racial or ethnic origin

Which condition must be met for processing sensitive data according to GDPR?

Explicit consent must be obtained

What is a Data Protection Impact Assessment (DPIA)?

An assessment of the impact of processing operations on data protection

Under GDPR, what does the term 'data minimization' refer to?

Ensuring data is relevant and limited to what is necessary

Which of the following is NOT a principle outlined by GDPR?

Data retention

What is required for personal data to be considered accurate under GDPR?

It must reflect the truth of the situation

What does GDPR state regarding the accessibility of personal data?

It should only be accessed with the individual's intervention

Which entity is primarily responsible for ensuring compliance with data protection rules?

The Data Protection Officer (DPO)

What is NOT an exception for processing sensitive data under GDPR?

Data for marketing purposes

Which of the following best defines personal data?

Information relating to an identified or identifiable natural person

Which of the following conditions is NOT a legal basis for data processing under GDPR?

Spontaneous consent by third parties

What does transparency in data processing imply according to GDPR?

Data controllers must inform data subjects about data processing activities

Which of the following is NOT included in the content of a Data Protection Impact Assessment (DPIA)?

Assessment of data subject complaints

Study Notes

Course Information

• Course title: Law & Data
• Academic year: 2024/2025
• University: University of Padova
• Instructor: Fiorella Dal Monte, PhD
• Date of presentation: October 2, 2024 (and October 4, 9, 11, 16, 18, 23, 27, 6, 8, 13, 15, 18, 20)

Course Outline

• Target audience
• Syllabus and Contents
• Reference materials
• Exams
• Students' meetings

Main Contents

• Legal Systems (EU Legal System, Basics of EU Law, Sources of EU Law)
• EU Privacy and Personal Data Protection (General Principles, Enforcement, Protection of Other Data, Case studies/workshops)
• EU Digital Strategy
• AI Act
• References to different legal systems and comparisons

Basic Legal Notions

• Notion of Law
• Basic legal notions
• Legal systems to be considered
• International Law
• European Union Law

What is Law?

• Definition as a binding custom or practice of a community
• Enforced by a controlling authority
• Courts uphold, interpret, and apply law

What is Law? (cont.)

• Control brought about by existence or enforcement of law
• Action of laws as means of redressing wrongs
• Rule or order that's advisable or obligatory to observe (e.g., self-preservation)
• Something compatible with and enforceable by established law
• The act of the law as upheld authority

Additional Topics

• a rule of construction or procedure
• whole body of laws relating to one subject (e.g., criminal, probate)
• rule made by government to order society's behavior
• modern separation of powers (legislative, executive, judicial)
• legal certainty, impartiality, equality before law
• branches of law (public, private)
• types of state legal systems (civil, common law)
• sources of law (hard, soft law), examples (treaties/conventions, legislation, case law, public/private policy, doctrine, fundamental principles, customary law)
• hierarchy of sources of law
• the European Union (what is it?, differences between the Council of Europe, European Free Trade Association, and European Economic Area, EU member states, application for EU membership, Copenhagen criteria)
• checks and balances
• EU secondary law (regulations, directives, decisions, opinions, recommendations, atypical acts—communications, resolutions, white papers, green papers)
• differences between regulations, directives and decisions
• examples of EU secondary legislation on data (e.g., Data Protection Directive, GDPR, Data Protection Law Enforcement Directive, E-communications Directive)
• institutions of the EU (European Parliament, European Council, Council of the European Union, European Commission, Court of Justice of the EU, European Central Bank, Court of Auditors)
• European Parliament (functions, structure, etc.)
• European Council (functions, structure, etc.)
• European Commission (functions, structure, etc.)
• European Court of Justice (functions, structure, etc.)
• Bodies of EU (European Data Protection Supervisor, European Data Protection Board, Agencies of the European Commission)
• What is privacy? (negative, positive, common law, civil law origins, right to be let alone)
• history of right to privacy (UN universal declaration, international covenant, EU charter)
• OECD Privacy Guidelines
• CoE Convention 108
• Applicable EU legislation
• GDPR (main subjects, data subject rights, controller obligations, processor obligations, processing of personal data, data protection impact assessment, main principles of PD processing, cases of legal permission, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity & confidentiality, accountability, privacy policy templates)

Description

Explore the foundational aspects of Law & Data in this comprehensive overview for the academic year 2024/2025 at the University of Padova. Topics include EU legal systems, privacy laws, AI regulations, and general legal principles. Perfect for students keen on understanding the interplay between law and digital innovations.