عنوان
پدید آورنده
موضوع
رده
کتابخانه
محل استقرار
شماره کتابشناسی ملی
شماره
TL4231r1xv
زبان اثر
زبان متن نوشتاري يا گفتاري و مانند آن
انگلیسی
عنوان و نام پديدآور
عنوان اصلي
Data Privacy Law in the Language of Trust Relationship in U.S. and Singapore:
نام عام مواد
[Thesis]
نام نخستين پديدآور
Phusamruat, Visakha
عنوان اصلي به قلم نويسنده ديگر
A Model for Thai Personal Data Protection
نام ساير پديدآوران
Mayali, Laurent
وضعیت نشر و پخش و غیره
نام ناشر، پخش کننده و غيره
UC Berkeley
تاریخ نشرو بخش و غیره
2018
یادداشتهای مربوط به پایان نامه ها
کسي که مدرک را اعطا کرده
UC Berkeley
امتياز متن
2018
یادداشتهای مربوط به خلاصه یا چکیده
متن يادداشت
This dissertation aims at a better understanding of the role of data privacy law inpromoting organization-individual trust relationship. It focuses on data security breachesin U.S. and Singapore, and the interactions of the regulatory designs, agencyimplementations and the emergence of organization's post-breach responses towardsaffected individuals that reflects and reinforces the value of trust in their relationship.Examining the divergent approaches adopted by U.S. and Singapore provides lessons fora regulatory design for privacy in Thailand.Based on the comparative analysis of the selected data security breach decisions from thekey regulators in both jurisdictions-the Federal Trade Commission (FTC) and thePersonal Data Protection Commission (PDPC)-and on the U.S. and Singapore'sorganizational perception of privacy, the study found a divergence as to the U.S. andSingapore design and enforcement approach to individual-organization trust relationship.The non-right-based privacy of the Singaporean Personal Data Protection Act, coupledwith the enforcement agency's interpretation, constructs the direct venue and the gap fororganizations to perform trustful behaviors towards individuals following the breach.Desirable post-breach responses from organizations are consistently witnessed from thePDPC decisions such as voluntary and prompt notification and remedies provided toindividuals, and the Personal Data Protection Commission's interpretation coversindividual interests informed by values in the society. The regulatory design aligns its 'noideal of privacy' with the organization's perception and more established practices basedon trust relationship on the ground and the PDPC mitigating criteria applied to induceorganization in initiating voluntary post-breach responses towards better protection ofindividual privacy interests.Despite more established culture of privacy among U.S. corporations, the integratedpractices on the ground, and the long-standing enforcement against unreasonable datasecurity practices under Section 5 of the FTC Act, its current mechanism does notfacilitate a venue for trust relationships that drive organizational post-breach responsestowards individuals. Unlike the PDPC, the FTC enforcement does not formally recognizepost-breach responses of organizations consistently. In a small number of cases where those post-breach responses were recognized, only limited normative implications can beinferred from those contexts. Much ambiguity and uncertainty due to the unclearboundary of liabilities set under Section 5 has left organization actors with high risks,without adequate assurance for organizations to perform desirable post-breach behaviors.The legal ideal of U.S. privacy rightness, as exemplified by Section 5, is based on thenotions of self-control, independence and informational duties, and does not coverbroader individual privacy interests, which could be promoted through trust relationships.The U.S.'s consumer protection approach, in tandem with Singapore's trust relationshipbased approach of Singapore provide a great lens for Thailand to meet the dual legalideals of privacy rightness and promoting trust relationship. Thai specific conditions andthis hybrid iteration have led to the implementation in a complementary ways. Thepending Personal Data Protection Bill of 2018 and regulatory oversight should alloworganizations with some limited space to practice exercising discretion towards desirablepost-breach responses, alongside mitigating penalties imposed by the regulator toencourage these desirable practices. Rather than treating the breach notification andpost-breach responses as reporting duties, the Thai Bill could offer an opportunity tocultivate privacy awareness and enhance an organization's trustful behaviors towardsaffected individuals. The consumer protection provisions regarding advertisings could beinterpreted by the Thai consumer protection agency to trigger investigations againstunfair and deceptive data security practices, and regulate consumer contracts inbusinesses involved in handling sensitive personal data. This consumer protection-basedmodel would provide a readily available means to protect consumer privacy interests,engage media and public vigilance to uncover breach incidents and increase individualand organizational awareness of privacy and data security.
نام شخص به منزله سر شناسه - (مسئولیت معنوی درجه اول )
مستند نام اشخاص تاييد نشده
Phusamruat, Visakha
نام شخص - ( مسئولیت معنوی درجه دوم )
مستند نام اشخاص تاييد نشده
Mayali, Laurent
شناسه افزوده (تنالگان)
مستند نام تنالگان تاييد نشده
UC Berkeley
دسترسی و محل الکترونیکی
نام الکترونيکي
مطالعه متن کتاب وضعیت انتشار
فرمت انتشار
p
اطلاعات رکورد کتابشناسی
نوع ماده
[Thesis]
کد کاربرگه
276903
اطلاعات دسترسی رکورد
سطح دسترسي
a
تكميل شده
Y
