The Idea of ‘Emergent Properties’ in Data Privacy: Towards a Holistic Approach

International Journal of Law and Information Technology vol 25 (2017) 139–178

47 Pages Posted: 1 Jun 2017

See all articles by Samson Esayas

Samson Esayas

University of Oslo, Faculty of Law, Norwegian Research Center for Computers and Law (NRCCL)

Date Written: February 15, 2017

Abstract

‘The whole is more than the sum of its parts.’

This article applies lessons from the concept of ‘emergent properties’ in systems thinking to data privacy law. This concept, rooted in the Aristotelian dictum ‘the whole is more than the sum of its parts’, where the ‘whole’ represents the ‘emergent property’, allows systems engineers to look beyond the properties of individual components of a system and understand the system as a single complex. Applying this concept, the article argues that the current EU data privacy rules focus on individual processing activity based on a specific and legitimate purpose, with little or no attention to the totality of the processing activities – i.e. the whole – based on separate purposes. This implies that when an entity processes personal data for multiple purposes, each processing must comply with the data privacy principles separately, in light of the specific purpose and the relevant legal basis.

This (atomized) approach is premised on two underlying assumptions:

(i) distinguishing among different processing activities and relating every piece of personal data to a particular processing is possible, and

(ii) if each processing is compliant, the data privacy rights of individuals are not endangered.

However, these assumptions are untenable in an era where companies process personal data for a panoply of purposes, where almost all processing generates personal data and where data are combined across several processing activities. These practices blur the lines between different processing activities and complicate attributing every piece of data to a particular processing. Moreover, when entities engage in these practices, there are privacy interests independent of and/or in combination with the individual processing activities. Informed by the discussion about emergent property, the article calls for a holistic approach with enhanced responsibility for certain actors based on the totality of the processing activities and data aggregation practices.

Keywords: data protection, big data, privacy, data privacy, competition law, emergent property, EU data protection

Suggested Citation

Esayas, Samson, The Idea of ‘Emergent Properties’ in Data Privacy: Towards a Holistic Approach (February 15, 2017). International Journal of Law and Information Technology vol 25 (2017) 139–178. Available at SSRN: https://ssrn.com/abstract=2977786

Samson Esayas (Contact Author)

University of Oslo, Faculty of Law, Norwegian Research Center for Computers and Law (NRCCL) ( email )

St. Olavsplass 5
Oslo, 0130
Norway

Register to save articles to
your library

Register

Paper statistics

Downloads
186
rank
156,767
Abstract Views
881
PlumX Metrics