Archives

  • Yearbook of Data Protection
    Vol. 7

    The Yearbook of Data Protection is an open-access legal journal that aims to disseminate legal studies on the right to personal data protection. The Yearbook is edited by the Obervatorory of Personal Data Protection’s members, a knowledge centre created in 2016 at NOVA School of Law. It is part of the Research & Development Centre on Law and Society.

    The seven articles published in the 2024 edition of the Yearbook result from a call launched in 2023 on the Observatory of Personal Data Protection website. The articles were subjected to a blind peer review process and subsequently revised by the Yearbook coordinators.

  • Yearbook of Data Protection 2023
    Vol. 6 (2023)

    The Yearbook of Data Protection 2023 begins with a text by Javier Muñiz on the protection of workers' health data in the Spanish legal system, followed by an article by Saul Leite addressing personal data protection in the context of remote assessment in higher education. Daniel de Melo writes about civil liability for data processing. Next, Francisco Júnior examines the assessment that must be conducted when the data controller relies on legitimate interest to justify personal data processing. Patrícia Carneiro presents an analysis of the Data Governance Act and its relationship with the General Data Protection Regulation (GDPR), especially regarding the lawfulness of processing. Amanda Novaes reviews the regime of personal data transfers in light of the Schrems II case, and Diana Camões discusses the relationship between personal data protection and competition. Finally, Madanela Cruz and Iakovina Kindylid analyze the European data spaces and their relationship with the GDPR, while Elisabete Castela and Tiago Branco da Costa focus on data altruism in the context of clinical research.

  • Yearbook of Data Protection 2022
    Vol. 5 (2022)

    The Yearbook of Data Protection 2022 begins with a text by João Carrilho on the principle of open administration and personal data protection, followed by an article by Christiano Aguiar addressing the conflicts between personal data protection and the duties of money laundering in the context of data processing by financial institutions. Algorithms are once again discussed in the Yearbook, by Frederico Sequeira, in a text about hiring and firing of workers. Subsequently, Joel Alves focuses on electronic administration, efficiency, and personal data protection. Diogo Fonseca, Inês Aires, Isabel Chowdhury, and Margarida Pereira present a practical approach to the regime of personal data transfers and, finally, Sérgio Correia writes about the right to object and Joana Figueiredo addresses the topic of anonymization in the context of smart cities.

  • Yearbook of Data Protection 2021
    Vol. 4 (2021)

    The Yearbook of Data Protection 2021 begins with a text by Catarina Silva on the use of cookies and consent, followed by an article by Patrick de Pitta Simões addressing the responsibility for processing data generated by Whistleblowing. Algorithms are once again discussed in the Yearbook in two texts: one, authored by Sandra Barbosa and Sara Félix, focused on Article 22 of the General Data Protection Regulation, and another text by Lucas Cortizo, about the effects of algorithmic discrimination. Subsequently, Diogo Alves delves into the role of Cybersecurity in the protection of personal data, and finally, Tamára Cheles writes about the challenges consumers face in the era of big data.

  • Yearbook of Data Protection 2020
    Vol. 3 (2020)

    The Yearbook of Data Protection 2020 begins with a text by Francisco Pereira Coutinho on the independence of the National Commission for the Protection of Personal Data, followed by an article by Augusto Torbay that addresses the topic of anonymization as a mechanism for the protection of personal data. The rights of the data subject are the next topic, particularly in relation to algorithmic decisions, in a text authored by Beatriz Trindade. Francisca Gomes delves into the same subject, but from a different perspective, that is, seeking to explain the content of the fundamental right to the protection of personal data. Lastly, Patrícia Santos writes about the topic of the retention periods for personal data of job applicants.

  • Yearbook of Data Protection 2019
    Vol. 2 (2019)

    The Yearbook of Data Protection 2019 begins with a text by Sérgio Henriques and João Luís on the legal grounds for the processing of personal data in the workplace, with special emphasis on consent. It is followed by two texts on the rights of the data subject, particularly the right not to be subject to exclusively automated decisions and the right to erasure; the first, authored by Gabriela Caldas, contributes to the debate around the (non-)existence of a data subject's right to an explanation of decisions made by algorithms without any human intervention; the second, by Francisco Lima and Mateus Carvalho, problematizes the hypothesis of the global application of the right to erasure.


    The compatibility of certain technologies and their applications with the GDPR was a topic that occupied a significant part of the most recent academic debate on the right to personal data protection. This is the case with Smart Tourist Destinations, whose compliance with the GDPR principles is discussed by Manuel David Masseno and Cristiana Santos. The same applies to blockchain and video surveillance, analyzed respectively by Maria Rebelo and Lurdes Alves.


    The Yearbook concludes with a critical view of the special data protection regimes (Inês Oliveira), an analysis of Directive (EU) 2016/681 and its respective proposal for transposition into national law (Ricardo Rodrigues de Oliveira), and a discussion on the law of secrets and constitutional imperativeness as a dilemma to new threats in a global context of defense and security (Sérgio Azevedo).

  • Yearbook of Data Protection 2018
    Vol. 1 (2018)

    The Yearbook of Data Protection 2018 opens with two texts focusing on the scope of the rights of personal data subjects enshrined in the general regulation on personal data protection: the first, by Graça Canto Moniz, particularly focuses on the right to portability; the second, by Afonso José Ferreira, addresses the issue of profiling and autonomous algorithms. This is followed by an article by Teresa Vale Lopes, which analyzes the main obligations and responsibilities that the regulation establishes for companies and their respective impact on the organizational plan, and three texts by Inês Oliveira Andrade de Jesus, Martinho Lucas Pires, and Ricardo Rodrigues de Oliveira, which delve into international personal data transfers. The Yearbook concludes with an article by Emellin de Oliveira on the Passenger Name Record (PNR), approved by Directive (EU) 2016/681, concerning the use of passenger identification record data as a tool to combat terrorism and serious crime.