Abstract: This paper studies the problem of data protection in the sharing economy, the liability for the data processing conducted in such a context and identifies a gap in the way GDPR is enforced by collaborative platforms. The study discusses whether collaborative platforms are information society services and further analyses how the self-declared status of an information society service prevents collaborative platforms from creating an adequate framework to protect personal data. More precisely, after concluding the contract between the final receiver and the service provider, a collaborative platform will temporarily withdraw from its data controller role, allowing the service providers to process data without a legal framework that enforces GDPR principles.
Keywords: GDPR; sharing economy; data protection; data controller; collaborative platform
References
Carballa Smichowsk B., Data as a common in the sharing economy: a general policy proposal, Document de travail n°2016-10 du Centre d'Economie de l'Université de Paris Nord, august 2016
Chapuis-Doppler A., Delhomme V., A regulatory conundrum in the platform economy, case C-390/18 Airbnb Ireland, în European Law Blog, 12.02.2020
CJUE, Marea Cameră, cauza C-210/16 din 5 iunie 2018, Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein împotriva Wirtschaftsakademie Schleswig-Holstein GmbH
CJUE, Marea Cameră, cauza C-390/18 din 19 decembrie 2019, X, cu participarea YA, Airbnb Ireland UC, Hôtelière Turenne SAS, Association pour un hébergement et un tourisme professionnels (AHTOP), Valhotel
CJUE, Marea Cameră, cauza C‑434/15 din 20 decembrie 2017, Asociación Profesional Elite Taxi împotriva Uber Systems SpainSL
Erdos D., Identification in EU Data Protection Law, în University of Cambridge Faculty of Law Research Paper, nr. 4/2021, ianuarie 2021, http://dx.doi.org/ 10.2139/ssrn.3761068
Erickson K., Sørensen I., Regulating the Sharing Economy: Introduction to the Special Issue, în Internet Policy Review, volumul 5, numărul 2, 2016
Geradin D., Online Intermediation Platforms and Free Trade Principles – Some Reflections on the Uber Preliminary Ruling Case, SSRN, 2016, http://dx.doi.org/10.2139/ ssrn.2759379
Goodwin T., The Battle is for the Customer Interface, în Techcrunch, 4.03.2015
Hatzopoulos V., Roma S., Caring for sharing? Collaborative economy under EU law, în Common Market Law Review, volumul 54, numărul 1, 2017
Hawlitschek F., Teubner T., Weinhardt C., Trust in the Sharing Economy, în Swiss Journal of Business Research and Practice, volumul 70, numărul 1, https://doi.org/10.5771/0042-059X-2016-1-26
Jackson A., Boyette C., Williams D., This Uber driver took passengers to the airport and then allegedly went back to their house and tried to break in, în CNN, 9.04.2019
Jerome J., Dambrine B., Ambrose B., User Reputation: Building Trust and Addressing Privacy Issues in the Sharing Economy, în Future of Privacy Forum, iunie 2015
Kuner C., Bygrave L.A., Docksey C.(coord.), The EU General Data Protection Regulation: A Commentary, Editura Oxford University Press, mai 2021
Li H., Yu L., He W., The Impact of GDPR on Global Technology Development, în Journal of Global Information Technology Management, volumul 22, numărul 1, 2019, https://doi.org/10.1080/1097198X.2019.1569186
Logras K., Information Technology. Uber vs Airbnb: key takeaways from ECJ’s case law, în Logaras & Associates Newsletter, martie 2020
Lutz C., Hoffmann C.P., Bucher E., Fieseler C., The Role of Privacy Concerns in the Sharing Economy, în Information, Communication and Society, volumul 21, 2017, http://dx.doi.org/10.1080/1369118X.2017.1339726
Mangini V., Tal I., Moldovan A.-N., An empirical study on the impact of GDPR and right to be forgotten - organisations and users perspective, în Proceedings of the 15th International Conference on Availability, Reliability and Security, articolul 37, 2020, https://doi.org/10.1145/3407023.3407080
Maunula G. L., Advancing Technological State-of-the-Art for GDPR Compliance: Considering Technology Solutions for Data Protection Issues in the Sharing Economy, în Journal of the Midwest Association for Information Systems, volumul 2020, numărul 2, articolul 4
Moerel L., The long arm of EU data protection law: Does the Data Protection Directive apply to processing of personal data of EU citizens by websites worldwide?, în International Data Privacy Law, volumul 1, numărul 1, februarie 2011, https://doi.org/10.1093/idpl/ipq004
Ranzini G., Etter M., Lutz C., Vermeulen I., Privacy in the Sharing Economy, în Report from the EU H2020 Research Project Ps2Share: Participation, Privacy, and Power in the Sharing Economy, aprilie 2017, http://dx.doi.org/10.2139/ssrn.2960942
Ungureanu C. T, Protecția datelor cu caracter personal în contractele internaționale, în Analele științifice ale Universității „Al. I. Cuza” Iași, Tomul LXIII, Științe Juridice, 2017, nr. II
Ungureanu C.T., Drept internațional privat european în raporturi de comerț internațional, Editura Hamangiu, București, 2021
Zhao S., Grasmuck S., Martin J., Identity construction on Facebook: Digital empowerment in anchored relationships, în Computers in Human Behavior, volumul 24, numărul 5, https://doi.org/10.1016/j.chb.2008.02.012