Data protection existed since 1995. Since then, the fair processing of personal data is a law requirement. To this duty of loyalty, the doctrine associated an obligation of transparency.
However, we assisted to the emergence of long and unintelligible general conditions of use. Needless to say, every citizen accepted them without understanding, or even knowing, what he was engaging in, without knowing that he had just exchanged plots of private life for a service. From plots to plots, firms was able to profiling people. This phenomenon has increased with the emergence of big data activities, allowing to collect and process a gigantic number of data in a reccord time, defining an inidividual more and more precisely ; what he/she likes, what he/she buys, where he/she is located: an over-definition of an individual, in the middle of an ocean of data.
The new Data Protection Regulation (GDPR) intends to reinforce the transparency requirement. It is now clearly in the text that transparency is an obligation for the data controller. Article 5 states that: “Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject“. Recital 58 adds: ” The principle of transparency requires that any information addressed to the public or to the data subject be concise, easily accessible and easy to understand, and that clear and plain language and, additionally, where appropriate, visualisation be used. Such information could be provided in electronic form, for example, when addressed to the public, through a website. This is of particular relevance in situations where the proliferation of actors and the technological complexity of practice make it difficult for the data subject to know and understand whether, by whom and for what purpose personal data relating to him or her are being collected“. The data controller must adopt a proactive approach for providing information and not waiting for an intervention of the data subject. Transparency is a mean of enhancing the privacy of users and facilitating the exercise of their rights. The Article 29 Working Party insists on the need for transparency to be user-centric before the start of the processing and throughout it. The GDPR establishes a list of information for the data subject. With the attempt to annihilate unclear consent, the Regulation requires to give information in concise, clear, understandable and easily accessible terms. Following the Article 29 Working Party, the data controller must dissociated information about the processing of personal data from others to guarantee the data subject’s particular attention. The controller must take into account the specificities of the data subject, especially if they are children or vulnerable persons.
Even if this duty of transparency can be seen as a constraint on the shoulders of the data controller, who must identify the type of persons concerned and the most intelligible way of fulfilling the obligation to inform. However, it could be also a decision-making tool for the data controller in the use and management of personal data. In the framework of the TeSLA project, real and effective information on the functioning of the system, the tools and their limits dictated by the need for efficiency allows academic authorities to make a more just and enlightened decision, taking into consideration all the elements. Transparency then becomes not only a legal constraint, but also a real contribution in the academic procedure of decision-making in case of suspicion of cheating by a student.
For more information, please see the mentioned Guidelines from Article 29 Working Party: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=615250
Manon Knockaert, UNamur (CRIDS).
FUNDED BY THE EUROPEAN UNION
TeSLA is not responsible for any contents linked or referred to from these pages. It does not associate or identify itself with the content of third parties to which it refers via a link. Furthermore TESLA is not liable for any postings or messages published by users of discussion boards, guest books or mailing lists provided on its page. We have no control over the nature, content and availability of any links that may appear on our site. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
TeSLA is coordinated by Universitat Oberta de Catalunya (UOC) and funded by the European Commission’s Horizon 2020 ICT Programme. This website reflects the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.