Page 217 - ITU KALEIDOSCOPE, ATLANTA 2019
P. 217
ICT for Health: Networks, standards and innovation
[6] See for example: [17] Article 29 Data Protection Working Party, Letter to
https://www.washingtonpost.com/technology/2019/0 Mr. Timmens and Annex – health data in apps and
4/10/tracking-your-pregnancy-an-app-may-be-more- devices, 2015, available at:
public-than-you- https://ec.europa.eu/justice/article-
think/?noredirect=on&utm_term=.7f91beb5e812. 29/documentation/other-
document/files/2015/20150205_letter_art29wp_ec_h
[7] See for example: https://www.wsj.com/articles/you- ealth_data_after_plenary_en.pdf and
give-apps-sensitive-personal-information-then-they- https://ec.europa.eu/justice/article-
tell-facebook-11550851636?mod=e2tw and 29/documentation/other-
https://www.theguardian.com/technology/2017/may/ document/files/2015/20150205_letter_art29wp_ec_h
01/facebook-advertising-data-insecure-teens>. ealth_data_after_plenary_annex_en.pdf.
[8] See: https://theoutline.com/post/7039/there-is-a- [18] Article 29 Working Party (A29WP), Annex by letter
reason-apps-make-it-so-fun-to-track-your-health. – health data in apps and device, 2015 p. 5.
[9] T. Mulder, M. Tudorica, Privacy policies, cross- [19] According to Article 5 (1, a) GDPR.
border health data and the GDPR, Information &
Communications Technology Law (2019) 28,3. [20] Article 9 (2,a) GDPR.
[10] Regulation (EU) 2016/679 of the European [21] Article 6 (a) GDPR.
Parliament and of the Council of 27 April 2016 on
the protection of natural persons with regard to the [22] Article 4 (11) GDPR.
processing of personal data and on the free
movement of such data, and repealing Directive [23] Recital 32 GDPR. See also L. Golba, ‘Consent for
95/46/EC (General Data Protection Regulation) Personal Data Processing in Digital Environment
[2016] OJ L 119/1. According to GDPR’, Annuals of the Administration
and Law, no. 17 (2), p. 253-265.
[11] See for example: The concept of ‘transfer’ of data
under European data protection law – in the context [24] Article 7 (1) GDPR.
of transborder data flows, Faculty of Law –
University of Oslo, 01-12-2015, available at: [25] See for example:
https://www.duo.uio.no/bitstream/handle/10852/497 https://www.theguardian.com/technology/appsblog/
22/8026_The-concept-of-transfer-of-data-under- 2013/sep/03/fitness-health-apps-sharing-data-
European-data-protection-law---In-the-context-of- insurance; T. Mulder, ‘Health Apps, their Privacy
transborder-data- Policies and the GDPR’, European Journal of Law
flows.pdf?sequence=1&isAllowed=y. and Technology, (10) 1 (2019).
[12] Articles 2 and 3 GDPR. [26] Article 4 (2) GDPR.
[13] N. Dasko, ‘The General Data Protection Regulation [27] Council of Europe, “Explanatory report to the
(GDPR) – A Revolution Coming of European Data Convention for the protection of individuals with
Protection Laws in 2018. What’s New for Ordinary regard to automatic processing of personal data”
Citizens?’, Comparative Law Review, p. 128, (ETS No 108), para. 9.
available at:
http:h//tdtpx:./d/odix.o.drgo/i.1o0rg.g1/21707.152/7 [28] See for example: The concept of ‘transfer’ of data
C77L7R5./2C0L1R7.2.00156. under European data protection law – in the context
of transborder data flows, Faculty of Law –
[14] T. Mulder, M. Tudorica, Privacy policies, cross- University of Oslo, 01-12-2015, available at:
border health data and the GDPR, Information & https://www.duo.uio.no/bitstream/handle/10852/497
Communications Technology Law (2019) 28,3. 22/8026_The-concept-of-transfer-of-data-under-
European-data-protection-law---In-the-context-of-
[15] Article 4 (15) GDRP. transborder-data-
flows.pdf?sequence=1&isAllowed=y.
[16] The EDPB is the independent European advisory
body on data protection. [29] P.M. Schwartz, ‘Managing Global Data Privacy’
(2009) Privacy Projects, p. 4.
– 197 –
