The legal domain distinguishes between different types of data and attaches a different level of protection to each of them. Thus, non-personal data are left largely unregulated, while privacy and data protection rules apply to personal data or personal information. There are stricter rules for processing sensitive personal data than for ‘ordinary’ personal data, and metadata or communications data are regulated differently than content communications data. Technological developments challenge these legal categorisations on at least three fronts: First, the lines between the categories are becoming harder to draw and more fluid. Second, working with various categories of data works well when the category a datum or dataset falls into is relatively stable. However, this is less and less so. Third, scholars increasingly question the rationale behind the various legal categorisations. This book assesses to what extent either of these strategies is feasible and to what extent alternative approaches could be developed by combining insights from three fields: technology, practice and law.

Bart van der Sloot is associate professor specialising in tech and privacy at Tilburg University. He was inter alia a co-author to the WRR Big Data Study and the WODC research into Big Data and procedural law for the 21st Century. Bart has won three prestigious prices and grants: the NWO Top Talent Grant, the NWO Veni Grant and the KNAW Early Career Award.

Sascha van Schendel is a post-doctoral researcher in the field of AI and the rights to data protection and non-discrimination at Tilburg University. She was inter alia a co-author to the WRR Big Data Study and the WODC research into Big Data and procedural law for the 21st Century and has many other data protection publications to her name.

Chapter 1 – Introduction Chapter 2 - Object Re-identification: Problems, Algorithms, and Responsible Research Practice
Chapter 3: The Quantum Threat to Cybersecurity and Privacy
Chapter 4 - Realistic Face Anonymisation
Chapter 5 Use of bulk data by intelligence and security services: caught between a rock and a hard place?
Chapter 6 Farm Data Sharing: current practices and principles
Chapter 7 Microdata access at Statistics Netherlands
Chapter 8 Atmospheric profiling and surveillance in the Stratumseind Living Lab: pushing the limits of identifiability
Chapter 9 - Data used in governmental automated decision-making & profiling: towards more practical protection
10. Data: a very short introduction to the EU galaxy and to five potential paths forward
11. The regulation of access to personal and non-personal data in the EU: from bits and pieces to a system?
Chapter 12: Regulating ‘non-personal data’: Developments in India
Chapter 13 Data Protection Without Data: Informationless chilling effects and data protection law
Chapter 14 Identity, Profiles and Pseudonyms in the Digital Environment
Chapter 15 Biometric Data, Within And Beyond Data Protection
Chapter 16 – Conclusions