Abstract
The increasing commercialisation of human Information and Communication Technology (ICT) implants has generated heated debate over the ethical, legal and social implications of their use. Despite stakeholders calling for greater policy and legal certainty within this area, gaps have already begun to emerge between the commercial reality and the current legal frameworks designed to regulate it. The aim of this chapter is to examine the effectiveness of the European Union current data protection regulatory framework for regulating ICT implants. By focusing on current and future applications of human ICT implants, the research presented here highlights the potential regulatory challenges posed by the applications, and makes a series of recommendations as to how such issues may be best avoided by jurisdictions grappling with similar emerging issues. In doing so, the chapter draws together the notions of innovation, risk and data protection within the context of a broader governance framework.
This chapter is an updated and reworked version of the paper: Kosta Eleni & Bowman Diana, Treating or Tracking? Regulatory Challenges of Nano-Enabled ICT Implants, Law & Policy, 2011, Vol.33(2), pp. 256–275.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
A ‘data controller’ is defined in Article 2(d) of the Data Protection Directive as ‘the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by national or Community laws or regulations, the controller or the specific criteria for his nomination may be designated by national or Community law’.
- 4.
- 5.
Elliot 2006.
- 6.
- 7.
Wolinsky 2007.
- 8.
Gamboa 2007.
- 9.
Hitachi 2007.
- 10.
The Verichip Corporation is now called PositiveID: http://www.positiveidcorp.com. Accessed 19 August 2011.
- 11.
Wolinksky 2006.
- 12.
VeriChip 2007a.
- 13.
VeriChip 2007a.
- 14.
VeriChip 2007a.
- 15.
VeriChip 2006, p 1.
- 16.
Wolinksy 2006.
- 17.
VeriChip 2007b.
- 18.
Halperin et al. 2008.
- 19.
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, hereinafter the ‘data protection directive’, O.J. L 281, 23.11.1995, pp 31–50.
- 20.
European Commission 2009.
- 21.
European Commission 2009.
- 22.
Pitkänen and Niemelä 2007.
- 23.
Article 29 WP136 2007.
- 24.
Article 29 WP126 2007, p 15.
- 25.
See Zwenne and Schermer 2005, where they applied the same reasoning to RFID tags.
- 26.
Kuner 2007.
- 27.
Kuner 2007.
- 28.
Kuner 2007.
- 29.
Zwenne and Schermer 2005.
- 30.
Buchta et al. 2005.
- 31.
European Group on Ethics 2005.
- 32.
Directive 2002/58/EC of the European Parliament and of the Council concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), O. J. L 201, 12.07.2002, pp 37–47.
- 33.
Cuijpers et al. 2007.
- 34.
Cuijpers and Koops 2008, p 884.
- 35.
Cuijpers and Koops 2008, p 891. The term electronic communications network is defined in Article 2(a) of the Framework Directive (Directive 2002/21/EC, as amended).
- 36.
Cuijpers and Koops 2008, p 891. The term electronic communications service is defined in Article 2(c) of the Framework Directive (Directive 2002/21/EC, as amended).
- 37.
van der Hof et al. 2006, pp 152–153.
- 38.
Article 3 ePrivacy Directive.
- 39.
European Commission 2007, p 5.
- 40.
Recital 56 ePrivacy Directive.
- 41.
See, for example, European Commission 2007; 2009.
- 42.
- 43.
OECD 2008, p 51.
- 44.
OECD 2008.
References
van der Hof S et al (2006) Openbaarheid in het internettijdperk—De invloed van ICT op juridische concepten van openbaarheid (Sdu Uitgevers, Den Haag), pp 152–153
Anton PS, Silberglitt R, Schneider J (2001) The global technology revolution: bio/nano/material trends and their synergies with information technology by 2015. RAND National Defense Research Institute, Arlington
Buchta A, Dumortier J, Krasemann H (2005) The legal and regulatory framework for PRIME. In: Fischer-Hübner S, Andersson C (ed) D14.0.a: Framework V0. Brussels: Privacy and Identity Management for Europe Project
Commission European (2007) Communication on radio frequency identification (RFID) in Europe: steps towards a policy framework. EC, Brussels
Cuijpers C, Koops BJ (2008) How fragmentation in European law undermines consumer protection: the case of location-based services. Eur Law Rev 6:880–897
Cuijpers C, Roosendaal A, Koops BJ (eds) (2007) D11.5: the legal framework for location based services in Europe, FIDIS (Future of Identity in the Information Society) Project, 12 June 2007
Elliot V (2006) Speed through the check out with just a wave of your arm, The Times, 10 October. http://technology.timesonline.co.uk/tol/news/tech_and_web/personal_tech/article666972.ece
European Commission (2009) Commission recommendation of 12.5.2009 on the implementation of privacy and data protection principles in applications supported by radio-frequency identification. EC, Brussels
European Group on Ethics and Science in New Technologies (2005) Ethical aspects of ICT implants in the human body. EC, Brussels
Gamboa, JP (2007) Micro RFID chips raise some privacy concerns, The Daily Aztec, 22 February. http://www.thedailyaztec.com/2.7446/micro-rfid-chips-raise-some-privacy-concerns-1.798488
Halperin D, Heydt-Benjamin TS, Fu K, Kohno T, Maisel WH (2008) Security and privacy for implantable medical devices. IEEE Pervasive Comput (special issue on implantable electronics) 7(1):30–39
Henning JE, Peter BL, Bernd S (2004) Privacy enhancing technology concepts for RFID technology scrutinised. RVS Group, Bieldefeld
Hitachi (2007) Hitachi RFID Solutions. http://www.hitachi-eu.com/mu/
Kabene SM (ed) (2010) Healthcare and the effect of technology: developments, challenges and advancements. IGI Global, London
Kuner Christopher (2007) European data protection law—corporate compliance and regulation. Oxford University Press, Oxford
Maynard AD (2006) Nanotechnology: a research strategy for addressing risk. Project on Emerging Nanotechnologies, Washington, DC
McHugh J (2004) A chip in your shoulder: should i get an RFID implant? Slate Magazine, 10 November. http://slate.msn.com/id/2109477/
Organisation for Economic Co-operation and Development (2008) Radio frequency identification (RFID): a focus on information security and privacy. Working Party of Information Security and Privacy, Paris
Pitkänen O and Niemelä M (2007) Privacy and data protection in Emerging RFID-Applications. Paper presented at the EU RFID Forum 2007, RFID Academic Convocation, 14 March. http://aalto-fi.academia.edu/OPitk%C3%A4nen/Papers/494866/Privacy_and_data_protection_in_emerging_RFID-applications
Rotter P, Daskala B, Compaño R (2008) RFID implants: opportunities and challenges for identifying people. IEEE Technol Soc Mag 27(2):24
VeriChip (2006) VeriMed patient identification Delray Beach, Florida
VeriChip (2007a) Company: our RFID tags. www.verichipcorp.com
VeriChip (2007b) News release: VeriChip corporation to unveil plans for self-contained implantable RFID glucose-sensing microchip at Grand Hyatt in New York on December 4, 28 November. http://www.verichipcorp.com/news/1196258532
Weber K (2006) Privacy invasions. EMBO Rep 7:s36–s39
Weckert J (2007) An approach to nanoethics. In: Hodge GA, Bowman DM, Ludlow K (eds) New global regulatory frontiers in regulation: the age of nanotechnology. Edward Elgar, Cheltenham, pp 49–66
Wolinksky H (2006) Tagging products and people. EMBO Rep 7(10):965–968
Zwenne GJ, Schermer B (2005), Privacy en andere juridische aspecten van RFID: unieke identificatie op afstand van producten en personen [Privacy and other legal aspects of RFID: unique identification from a distance of products and people], ‘s-Gravenhage. Elsevier Juridisch, The Hague. http://www.nvvir.nl/doc/rfid-tekst.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 T.M.C. ASSER PRESS, The Hague, The Netherlands, and the author(s)
About this chapter
Cite this chapter
Kosta, E., Bowman, D.M. (2012). Implanting Implications: Data Protection Challenges Arising from the Use of Human ICT Implants. In: Gasson, M., Kosta, E., Bowman, D. (eds) Human ICT Implants: Technical, Legal and Ethical Considerations. Information Technology and Law Series, vol 23. T.M.C. Asser Press, The Hague, The Netherlands. https://doi.org/10.1007/978-90-6704-870-5_9
Download citation
DOI: https://doi.org/10.1007/978-90-6704-870-5_9
Published:
Publisher Name: T.M.C. Asser Press, The Hague, The Netherlands
Print ISBN: 978-90-6704-869-9
Online ISBN: 978-90-6704-870-5
eBook Packages: Humanities, Social Sciences and LawLaw and Criminology (R0)