Abraha, Halefom H, ‘A Pragmatic Compromise? The Role of Article 88 GDPR in Upholding Privacy in the Workplace’ (2022) 12(4) International Data Privacy Law 276–296. https://doi.org/10.1093/idpl/ipac015.CrossRefGoogle Scholar

Adams, Zoe and Wenckebach, Johanna, ‘Collective Regulation of Algorithmic Management’ (2023) 14(2), European Labour Law Journal, 211–229. https://doi.org/10.1177/20319525231167477.CrossRefGoogle Scholar

Adams-Prassl, Jeremias, ‘Regulating Algorithms at Work: Lessons for a “European Approach to Artificial Intelligence”’ (2022) 13(1) European Labour Law Journal, 30–50. https://doi.org/10.1177/20319525211062558.CrossRefGoogle Scholar

Adams-Prassl, Jeremias, ‘What If Your Boss Was an Algorithm? The Rise of Artificial Intelligence at Work’ (2019) 41(1) Comparative Labor Law & Policy Journal 123.Google Scholar

Adams-Prassl, Jeremias and others, ‘Directly Discriminatory Algorithms’ (2022) Modern Law Review. https://doi.org/10.1111/1468-2230.12759.Google ScholarPubMed

Adams-Prassl, Jeremias and others, ‘Regulating Algorithmic Management: A Blueprint’ (2023) 14(2) European Labour Law Journal, 124–151. https://doi.org/10.1177/20319525231167299.Google Scholar

Alegre, Susie, ‘Rethinking Freedom of Thought for the 21st Century’ (2017) 3 European Human Rights Law Review, 221–233. https://susiealegre.com/wp-content/uploads/2020/04/Alegre%20from%202017_EHRLR_Issue_3_Print_final_0806%5B6745%5D.pdf (accessed 8 January 2025).Google Scholar

Al-Mosaiwi, Mohammed and Johnstone, T, ‘In an Absolute State: Elevated Use of Absolutist Words Is a Marker Specific to Anxiety, Depression, and Suicidal Ideation’ (2018) Jul 6(4) Clinical Psychological Science, 529–542. https://doi.org/10.1177/2167702617747074.CrossRefGoogle Scholar

Anger, Heike, ‘Gesichtsscan im Supermarkt ist unbedenklich’ Handelsblatt (12 June 2017) www.handelsblatt.com/politik/deutschland/datenschuetzer-zu-real-werbebildschirm-gesichtsscan-im-supermarkt-ist-unbedenklich/19921456.html?ticket=ST-143784-Qpdthm7uM2VsokkEhOHW-ap5 (accessed 8 January 2025).Google Scholar

Anglmayer, Irmgard, ‘Implementation of the Employment Equality Directive in light of the UN CRPD’ European Implementation Assessment, Study European Parliamentary Research Service (2020). www.europarl.europa.eu/RegData/etudes/STUD/2020/654206/EPRS_STU(2020)654206_EN.pdf (accessed 8 May 2025).Google Scholar

Article 19, Emotional Entanglement: China’s Emotion Recognition Market and Its Implications for Human Rights (2021). www.article19.org/wp-content/uploads/2021/01/ER-Tech-China-Report.pdf (accessed 8 January 2025).Google Scholar

Article 29 Data Protection Working Party, Advice paper on special categories of data (‘sensitive data’) (2011).Google Scholar

Article 29 Data Protection Working Party, Annex – health data in apps and devices (2018).Google Scholar

Article 29 Data Protection Working Party, Guidelines Data Protection Impact Assessment (DPIA) and Determining Whether Processing Is ‘Likely to Result in a High Risk’ for the Purposes of Regulation 2016/679, as last revised and adopted on 4 October 2017 (WP 248 rev.01).Google Scholar

Article 29 Data Protection Working Party, Guidelines on Automated Individual Decision-making and Profiling for the Purposes of Regulation 2016/679, adopted on 3 October 2017, as last revised and adopted on 6 February 2018 (WP 251 rev.01).Google Scholar

Article 29 Data Protection Working Party, Guidelines on Consent under Regulation 2016/679, adopted on 28 November 2017, as last revised and adopted on 10 April 2018 (WP 259 rev.01).Google Scholar

Article 29 Data Protection Working Party, Guidelines on Data Protection Officers (DPOs), as last revised and adopted on 5 April 2017 (WP 243 rev.01).Google Scholar

Article 29 Data Protection Working Party, Opinion 01/2015 on Privacy and Data Protection Issues Relating to the Utilisation of Drones, adopted on 16 June 2015 (WP 231).Google Scholar

Article 29 Data Protection Working Party, Opinion 06/2014 on the Notion of Legitimate Interests of the Data Controller under Article 7 of Directive 95/46/EC (WP 217).Google Scholar

Article 29 Data Protection Working Party, Opinion 2/2010 on Online Behavioural Advertising, adopted on 22 June 2010 (WP 171).Google Scholar

Article 29 Data Protection Working Party, Opinion 2/2017 on Data Processing at Work, adopted on 8 June 2017 (WP 249).Google Scholar

Article 29 Data Protection Working Party, Opinion 3/2012 on Developments in Biometric Technologies, adopted on 27 April 2012 (WP 193).Google Scholar

Article 29 Data Protection Working party, Opinion 8/2001 on the Processing of Personal Data in the Employment Context, adopted on 13 September 2001 (WP 48).Google Scholar

Article 29 Data Protection Working Party, Working Document on Genetic Data, adopted on 17 March 2004 (WP 91).Google Scholar

Article 29 Data Protection Working Party, Working Document on the Surveillance of Electronic Communications in the Workplace, adopted on 29 May 2002. (WP55).Google Scholar

Article 29 Data Protection Working Party, Working document on biometrics adopted on 1 August 2003. (WP80).Google Scholar

Bakir, Vian, ‘Psychological Operations in Digital Political Campaigns: Assessing Cambridge Analytica’s Psychographic Profiling and Targeting’ (2020) (5)67 Frontiers in Communication. doi: 10.3389/fcomm.2020.00067.Google Scholar

Belli, Luca and others, ‘Regulating Facial Recognition in Brazil: Legal and Policy Perspectives’ In Matulionyte, R., Zalnieriute, M. (eds), The Cambridge Handbook of Facial Recognition in the Modern State. Cambridge Law Handbooks. (Cambridge University Press 2024), 228–241.10.1017/9781009321211.019CrossRefGoogle Scholar

Bertuzzi, Luca, AI Act: EU Parliament’s Legal Office Gives Damning Opinion on High Risk Classification “Filters”, Euractiv (19 October 2023). www.euractiv.com/section/artificial-intelligence/news/ai-act-eu-parliaments-legal-office-gives-damning-opinion-on-highrisk-classification-filters/ (accessed 8 January 2025).Google Scholar

BEUC, ‘A European Health Data Space’ (2023). www.beuc.eu/sites/default/files/publications/BEUC-X-2023-029_A_European_Health_Data_Space.pdf (accessed 8 January 2025).Google Scholar

BEUC, ‘Connected, but unfairly treated. Consumer survey results on the fairness of the online environment’ (2023). www.beuc.eu/sites/default/files/publications/BEUC-X-2023-113_Fairness_of_the_digital_environment_survey_results.pdf (accessed 8 January 2025).Google Scholar

BEUC, ‘Consumer attitudes to health data sharing’ (2023). www.beuc.eu/sites/default/files/publications/BEUC-X-2023-051_consumer_attitudes_to_health_data.pdf (accessed 8 January 2025).Google Scholar

BEUC, ‘Consumers need strong safeguards to protect their health data’ BEUC position paper on the proposed European Health Data Space (2022). www.beuc.eu/sites/default/files/publications/BEUC-X-2022-104_Position_paper_on_the_proposed_European_Health_Data_Space.pdf (accessed 8 January 2025).Google Scholar

BEUC, ‘EU Consumer Protection 2.0. Protecting fairness and consumer choice in a digital economy’ (2022). www.beuc.eu/sites/default/files/publications/beuc-x-2022-015_protecting_fairness_and_consumer_choice_in_a_digital_economy.pdf (accessed 8 January 2025).Google Scholar

BEUC, ‘EU rules on AI lack punch to sufficiently protect consumers’ (Press release 9 December 2023). www.beuc.eu/press-releases/eu-rules-ai-lack-punch-sufficiently-protect-consumers (accessed 8 January 2025).Google Scholar

Biasin, Elisabetta and others, ‘New Cybersecurity Requirements for Medical Devices in the EU: The Forthcoming European Health Data Space, Data Act, and Artificial Intelligence Act’ (2023) 5(2) Law, Technology and Humans, 43–58. https://doi.org/10.5204/lthj.3068.CrossRefGoogle Scholar

Biéri, Martin and others, On the Record. Exploring the ethical, technical and legal issues of voice assistants, White Paper Collection No 1. (2020). www.cnil.fr/sites/cnil/files/atoms/files/cnil_white-paper-on_the_record.pdf (accessed 8 January 2025).Google Scholar

Black Dog Institute, The Future Proofing Study. www.blackdoginstitute.org.au/research-centres/future-proofing/ (accessed 8 January 2025).Google Scholar

Boire, RG, ‘On Cognitive Liberty I’ (1999) 1 Journal of Cognitive Liberties, 7–13.Google Scholar

Boire, RG, ‘On Cognitive Liberty II’ (2000) 2(2), Journal of Cognitive Liberties, 7–20.Google Scholar

Boire, RG, ‘On Cognitive Liberty III’ (2001) 2(1) Journal of Cognitive Liberties, 7–22.Google Scholar

Bol, Nadine and others, ‘Vulnerability in a Tracked Society: Combining Tracking and Survey Data to Understand Who Gets Targeted with What Content’ (2020) 22(11) New Media & Society, 1996–2017. https://doi.org/10.1177/1461444820924631.CrossRefGoogle Scholar

Booth, Robert, ‘Facebook Reveals News Feed Experiment to Control Emotions’, The Guardian (30 June 2014). www.theguardian.com/technology/2014/jun/29/facebook-users-emotions-news-feeds (accessed 8 January 2025).Google Scholar

Borbón, Diego and Borbón, Luisa, ‘A Critical Perspective on NeuroRights: Comments Regarding Ethics and Law’ Frontiers in Human Neuroscience (25 October 2021) https://doi.org/10.3389/fnhum.2021.703121.CrossRefGoogle Scholar

Bossewitch, Jonah and others, ‘Digital Futures in Mind: Reflecting on Technological Experiments in Mental Health & Crisis Support’ (University of Melbourne, 2021) https://automatingmentalhealth.cc/ (accessed 15 January 2025).10.2139/ssrn.4215994CrossRefGoogle Scholar

Bradford, Anu, The Brussels Effect: How the European Union Rules the World (New York, 2020; online ed., Oxford Academic, 19 December 2019). https://doi.org/10.1093/oso/9780190088583.001.0001.CrossRefGoogle Scholar

Brazal, Arturo and others, ‘TechDispatch – Neurodata’, EDPS TechDispatch 2024-1. https://doi.org/10.2804/411725.Google Scholar

Broughton Micova, Sally and Calef, Andrea, Elements for effective systemic risk assessment under the DSA. Report. (July 2023). https://cerre.eu/wp-content/uploads/2023/07/CERRE-DSA-Systemic-Risk-Report.pdf (accessed 8 January 2025).Google Scholar

Brożek, Bartosz and others (eds), Law and Mind. A Survey of Law and the Cognitive Sciences, (Cambridge University Press 2021).10.1017/9781108623056CrossRefGoogle Scholar

Bublitz, Jan Christoph, ‘Cognitive Liberty or the International Human Right to Freedom of Thought’ In Clausen, J. and Levy, N. (eds), Handbook of Neuroethics (Springer 2015). https://doi.org/10.1007/978-94-007-4707-4_166.Google Scholar

Bublitz, Jan Christoph, ‘Freedom of Thought as an International Human Right: Elements of a Theory of a Living Right’ In Blitz, M. J. and Bublitz, J. C. (eds), The Law and Ethics of Freedom of Thought, 1. Palgrave Studies in Law, Neuroscience, and Human Behavior. (Palgrave Macmillan 2021). https://doi.org/10.1007/978-3-030-84494-3_3.Google Scholar

Bublitz, Jan Christoph, ‘Freedom of Thought in the Age of Neuroscience: A Plea and a Proposal for the Renaissance of a Forgotten Fundamental Right’ 2014 100(1) ARSP: Archiv Für Rechts- Und Sozialphilosophie / Archives for Philosophy of Law and Social Philosophy, 1–25. www.jstor.org/stable/24756752 (accessed 19 April 2024).10.25162/arsp-2014-0001CrossRefGoogle Scholar

Bublitz, Jan Christoph, ‘Neurotechnologies and Human Rights: Restating and Reaffirming the Multi-Layered Protection of the Person’ (2024) 28(5) The International Journal of Human Rights, 782–807. https://doi.org/10.1080/13642987.2024.2310830.CrossRefGoogle Scholar

Bublitz, Jan Christoph, ‘Novel Neurorights: From Nonsense to Substance’ (2022) 15(7) Neuroethics. https://doi.org/10.1007/s12152-022-09481-3.Google ScholarPubMed

Calabrese, Sofia and Reich, Orsolya, ‘Identifying, analysing, assessing and mitigating potential negative effects on civic discourse and electoral processes: A minimum menu of risks very large online platforms should take heed of’ (January 2024). https://dq4n3btxmr8c9.cloudfront.net/files/mpdgy5/DSA_Risk_Analysis_LibertiesxEPDfin.pdf (accessed 8 January 2025).Google Scholar

Cappello, Maja (ed.), New Actors and Risks in Online Advertising, IRIS Special, (European Audiovisual Observatory 2022).Google Scholar

Carta de derechos de la persona en el entorno digital código de buenas práticas. Mexico. www.infocdmx.org.mx/images/biblioteca/2022/Carta_Derechos_Persona_EntornoDigital_Digital.pdf (accessed 11 April 2024).Google Scholar

Carta de los derechos digitales. Spain. www.lamoncloa.gob.es/presidente/actividades/Documents/2021/140721-Carta_Derechos_Digitales_RedEs.pdf (accessed 10 April 2024).Google Scholar

Christl, Wolfie, ‘Surveillance and Algorithmic Control in the Call Center. A case study on contact and service center software, automated management and outsourced work’ (2023). https://crackedlabs.org/dl/CrackedLabs_Christl_CallCenter.pdf (accessed 8 January 2025).Google Scholar

Civil society urges European Parliament to protect people’s rights in the AI Act. (19 April 2023) https://edri.org/our-work/civil-society-urges-european-parliament-to-protect-peoples-rights-in-the-ai-act/ (accessed 8 January 2025).Google Scholar

Clifford, Damian, Data Protection Law and Emotion. (Oxford University Press 2024).Google Scholar

CNIL, Employee monitoring: CNIL fined Amazon France Logistique €32 million. (23 January 2024) www.cnil.fr/en/employee-monitoring-cnil-fined-amazon-france-logistique-eu32-million (accessed 8 January 2025).Google Scholar

CNIL, Health data and use of cookies: DOCTISSIMO fined €380,000 (17.5.2023). www.cnil.fr/en/health-data-and-use-cookies-doctissimo-fined-eu380000 (accessed 8 January 2025).Google Scholar

Council of Europe, Consultative Committee of the Convention for the protection of individuals with regard to automatic processing of personal data (Convention 108), Guidelines on facial recognition (2021). https://edoc.coe.int/en/artificial-intelligence/9753-guidelines-on-facial-recognition.html (accessed 8 January 2025).Google Scholar

Council of Europe, Declaration by the Committee of Ministers on the manipulative capabilities of algorithmic processes Decl (13/02/2019)1.Google Scholar

Council of Europe, Strategic Action Plan on Human Rights and Technologies in Biomedicine www.coe.int/en/web/bioethics/strategic-action-plan (accessed 8 January 2025).Google Scholar

D’Aloia, Antonio and Chiara Errigo, Maria (eds), Neuroscience and Law. Complicated Crossings and New Perspectives (Springer 2020).10.1007/978-3-030-38840-9CrossRefGoogle Scholar

D’Amico, Alessia Sophia and others, ‘Meta’s Pay-or-Okay Model: An analysis under EU Data Protection, Consumer and Competition Law’ (2024), Technology and Regulation, 254–272. https://doi.org/10.26116/techreg.2024.019.CrossRefGoogle Scholar

Daly, Ian, ‘Affective Brain–Computer Interfacing and Methods for Affective State Detection’, In Nam, Chang S. and others (eds), Brain–Computer Interfaces Handbook. Technological and Theoretical Advances’ (CRC Press 2018), 147–159.10.1201/9781351231954-8CrossRefGoogle Scholar

Das, Shanti, ‘Mental Health Helpline Funded by Royals Shared Users’ Conversations’ The Guardian (19 February 2022). www.theguardian.com/society/2022/feb/19/mental-health-helpline-funded-by-royals-shared-users-conversations (accessed 8 January 2025).Google Scholar

Davis, Peter AE, ‘Facial detection and smart billboards: Analysing the ‘identified’ criterion of personal data in the GDPR’ (2020) Jahr 6 Ausgabe 3 European Data Protection Law Review. https://doi.org/10.21552/edpl/2020/3/7.CrossRefGoogle Scholar

Guilherme, Maia de Oliveira Wood and others, ‘The protection of mental privacy in the area of neuroscience – Societal, legal and ethical challenges’ (2024) European Parliament, Directorate-General for Parliamentary Research Services. https://data.europa.eu/doi/10.2861/869928 (accessed 8 January 2025).Google Scholar

De Sourya, Joyee and Imine, Abdessamad, ‘Consent for Targeted Advertising: The Case of Facebook’ (2020) 35 AI & Society, 1055.Google Scholar

Dejam, Jubin, Gefühlsdatenschutz, Eine Untersuchung der datenschutzrechtlichen Rahmenbedingungen von Datenverarbeitungen mittels Affective Computing, Frankfurter Studien zum Datenschutz 69 (Nomos 2023), doi.org/10.5771/9783748917953.Google Scholar

Duchoňová, Tereza, ‘Voice as the Window to the Soul: Analysis of the Level of Protection Granted by the GDPR to Emotions Inferred from One’s Voice’ (2024) 3/2023 CompLex. www.jus.uio.no/ifp/forskning/om/publikasjoner/complex/2023/complex_voice_as_the_window_to_the_soul_analysis-.html (accessed 8 January 2025).Google Scholar

Duivenvoorde, Bram and Goanta, Catalina, ‘The Regulation of Digital Advertising under the DSA: A Critical Assessment’ (2023) 51 Computer Law & Security Review. https://doi.org/10.1016/j.clsr.2023.105870.CrossRefGoogle Scholar

Dutch Ministry of the Interior and Kingdom Relations, Impact Assessment Fundamental rights and algorithms (März 2022), www.nldigitalgovernment.nl/wp-content/uploads/sites/11/2022/05/Impact-Assessment-fundamental-rights-and-algorithms.pdf (accessed 8 January 2025).Google Scholar

Eccles, Mari and Peseckyte, Giedre, ‘Why Is It So Hard to Deliver a European Health Data Deal?’ Politico (8 March 2024). www.politico.eu/article/why-is-it-so-hard-to-deliver-a-european-health-data-deal/ (accessed 8 January 2025).Google Scholar

EDPB, Binding Decision 03/2022 on the dispute submitted by the Irish SA on Meta Platforms Ireland Limited and its Facebook service (Art. 65 GDPR) adopted on 5 December 2022.Google Scholar

EDPB, Binding Decision 4/2022 on the dispute submitted by the Irish SA on Meta Platforms Ireland Limited and its Instagram service (Art. 65 GDPR) adopted on 5 December 2022.Google Scholar

EDPB, Guidelines 03/2022 on Dark patterns in social media platform interfaces: How to recognise and avoid them, version 1.0, adopted on 14 March 2022.Google Scholar

EDPB, Guidelines 03/2022 on Deceptive design patterns in social media platform interfaces: How to recognise and avoid them, version 2.0, adopted on 14 February 2023.Google Scholar

EDPB, Guidelines 2/2019 on the processing of personal data under Article 6(1)(b) GDPR in the context of the provision of online services to data subjects, version 2.0 (8 October 2019).Google Scholar

EDPB, Guidelines 3/2019 on processing of personal data through video devices, version 2.0 adopted on 29 January 2020.Google Scholar

EDPB, Guidelines 8/2020 on the targeting of social media users, version 2.0, adopted on 13 April 2021.Google Scholar

EDPB, Opinion 08/2024 on Valid Consent in the Context of Consent or Pay Models Implemented by Large Online Platforms, adopted on 17 April 2024.Google Scholar

EDPB, Statement 02/2019 on the use of personal data in the course of political campaigns, adopted on 13 March 2019.Google Scholar

EDPB-EDPS, Joint Opinion 03/2022 on the Proposal for a Regulation on the European Health Data Space (2022).Google Scholar

EDPB-EDPS, Joint Opinion 05/2021 on the proposal for a Regulation of the European Parliament and of the Council laying done harmonized rules on artificial intelligence (Artificial Intelligence Act) (18 June 2021).Google Scholar

EDPS, Opinion 01/2021 on the Proposal for a Digital Services Act (10 February 2021).Google Scholar

EDPS, Opinion 02/2022 on the Proposal for Regulation on the transparency and targeting of political advertising (20 January 2022).Google Scholar

EDPS, Opinion 3/2018 on online manipulation and personal data (9 March 2018).Google Scholar

EHCR Research and Library Division, ‘Article 10 Expression and advertising of political positions through the media/Internet in the context of elections/referendums’ (2018). https://web.archive.org/web/20210205175235/www.echr.coe.int/Documents/Research_report_expression_advertising_media_elections_ENG.pdf (accessed 8 January 2025).Google Scholar

Ehmann, Eugen and Selmayr, Martin (eds), DS-GVO Datenschutz-Grundverordnung, Beck’sche Kurz-Kommentare (3rd ed. C.H. Beck 2024).Google Scholar

Emotional AI Lab, ‘What is emotional AI’. https://emotionalai.org/so-what-is-emotional-ai/ (accessed 8 January 2025).Google Scholar

Empatica, E4 Bytes: ‘Predicting aggressive outbursts in people with autism a minute in advance’ (10 November 2020). www.empatica.com/blog/e4-bytes-predicting-aggressive-outbursts-in-people-with-autism-a-minute-in-advance.html (accessed 8 January 2025).Google Scholar

EU Agency for Fundamental Rights and Council of Europe, Handbook on European Non-Discrimination Law (Publications Office of the European Union 2018).Google Scholar

EU Agency for Safety and Health at Work (EU-OSHA), ‘Impact of Artificial Intelligence on Occupational Safety and Health’ (2021). https://osha.europa.eu/sites/default/files/Policy_brief_Impact_AI_OSH.pdf (accessed 8 January 2025).Google Scholar

EU Agency for Safety at Work, ‘Artificial Intelligence for Worker Management: Existing and Future Regulations’. https://osha.europa.eu/sites/default/files/documents/artificial-inteligence-worker-management-regulations_en.pdf (accessed 8 January 2025).Google Scholar

EU Code of Practice on Disinformation (2018) https://ec.europa.eu/newsroom/dae/document.cfm?doc_id=54454 (accessed 8 January 2025).Google Scholar

EU Commission, Annex to the Communication to the Commission, Approval of the content of the draft Communication from the Commission – Commission Guidelines on prohibited artificial intelligence practices established by Regulation (EU) 2024/1689 (AI Act), C(2025) 884 final. https://digital-strategy.ec.europa.eu/en/library/commission-publishes-guidelines-prohibited-artificial-intelligence-ai-practices-defined-ai-act (accessed 6 February 2025).Google Scholar

EU Commission, ‘Artificial intelligence: Commission kicks off work on marrying cutting-edge technology and ethical standards’ (Press Release 8 March 2018). https://ec.europa.eu/commission/presscorner/detail/en/IP_18_1381 (accessed 8 January 2025).Google Scholar

EU Commission, ‘Beyond the Horizon. Foresight in support of future EU research and innovation policy (BOHEMIA)’. https://ec.europa.eu/info/research-and-innovation/strategy/support-policy-making/shaping-eu-research-and-innovation-policy/foresight/bohemia_en (accessed 8 January 2025).Google Scholar

EU Commission, Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee of the Regions Fostering a European approach to Artificial Intelligence (COM/2021/205 final). https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex:52021DC0205 (accessed 30 January 2025).Google Scholar

EU Commission, ‘Commission opens formal proceedings against Facebook and Instagram under the Digital Services Act’ (Press Release 30 April 2024). https://ec.europa.eu/commission/presscorner/detail/en/ip_24_2373 (accessed 8 January 2025).Google Scholar

EU Commission, Communication Tackling Online Disinformation: A European Approach COM(2018) 236 final. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:52018DC0236 (accessed 8 January 2025).Google Scholar

EU Commission, ‘Digital Services Act: Commission designates first set of Very Large Online Platforms and Search Engines’, (Press Release 25 April 2023). https://ec.europa.eu/commission/presscorner/detail/en/IP_23_2413 (accessed 8 January 2025).Google Scholar

EU Commission, Directorate-General for Communications Networks, Content and Technology, Digital Services Act – Application of the risk management framework to Russian disinformation campaigns, (2023), https://data.europa.eu/doi/10.2759/764631 (accessed 8 January 2025).Google Scholar

EU Commission, Directorate-General for Justice and Consumers, Lupiáñez-Villanueva, F., and others, ‘Behavioural study on unfair commercial practices in the digital environment – Dark patterns and manipulative personalisation’ – Final report (2022) https://data.europa.eu/doi/10.2838/859030 (accessed 30 January 2025).Google Scholar

EU Commission, ‘Emotional Intelligence Online. Targeted scenario N° 7. Glimpses of the future from the BOHEMIA study’ (2018). https://research-and-innovation.ec.europa.eu/system/files/2018-06/emotional-intelligence-targeted-scenario-7_2018_en.pdf (accessed 8 January 2025).Google Scholar

EU Commission, European Health Data Space. https://health.ec.europa.eu/ehealth-digital-health-and-care/european-health-data-space_en (accessed 8 January 2025).Google Scholar

EU Commission, Explanatory Memorandum on the Proposal for a Regulation of the European Parliament and of the Council on the transparency and targeting of political advertising (2021). https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:52021PC0731 (accessed 8 January 2025).Google Scholar

EU Commission, Guidance on Strengthening the Code of Practice on Disinformation COM(2021) 262 final. https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=COM%3A2021%3A262%3AFIN (accessed 8 January 2025).Google Scholar

EU Commission, Guidance on the application of Union data protection law in the electoral context, COM(2018) 638 final. https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:52018DC0638&from=DE (accessed 8 January 2025).Google Scholar

EU Commission, Guidance on the interpretation and application of Directive 2005/29/EC of the European Parliament and of the Council concerning unfair business-to-consumer commercial practices in the internal market. (2021/C 526/01). https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=oj:JOC_2021_526_R_0001 (accessed 30 January 2025).Google Scholar

EU Commission, Guidelines for providers of Very Large Online Platforms and Very Large Online Search Engines on the mitigation of systemic risks for electoral processes pursuant to Article 35(3) of Regulation (EU) 2022/2065 (C/2024/3014). https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52024XC03014&qid=1714466886277 (accessed 30 January 2025).Google Scholar

EU Commission, Independent HLEG, Assessment List for Trustworthy Artificial Intelligence (ALTAI) for self-assessment (2020). https://digital-strategy.ec.europa.eu/en/library/assessment-list-trustworthy-artificial-intelligence-altai-self-assessment (accessed 8 January 2025).Google Scholar

EU Commission, Independent HLEG on Artificial Intelligence, Ethics guidelines for trustworthy AI (2019). https://digital-strategy.ec.europa.eu/en/library/ethics-guidelines-trustworthy-ai (accessed 8 January 2025).Google Scholar

EU Council, Infographic – Transparency and targeting of political advertising. www.consilium.europa.eu/en/infographics/political-advertising/ (accessed 8 January 2025).Google Scholar

EU Commission, ‘New Consumer Agenda: European Commission to empower consumers to become the driver of transition’ (Press Release 13 November 2020) https://ec.europa.eu/commission/presscorner/detail/en/ip_20_2069 (accessed 8 January 2025).Google Scholar

EU Commission, Questions and answers – EU Health: European Health Data Space (EHDS) (3 May 2022). https://ec.europa.eu/commission/presscorner/detail/en/qanda_22_2712 (accessed 8 January 2025).Google Scholar

EU Commission, Staff working document impact assessment on the revision of the regulatory framework for medical devices. SWD/2012/0273 final.Google Scholar

EU Commission, Supervision of the designated very large online platforms and search engines under DSA. https://digital-strategy.ec.europa.eu/en/policies/list-designated-vlops-and-vloses (accessed 8 January 2025).Google Scholar

EU Léon Declaration on European Neurotechnology, A Human Centric and Rights-Oriented Approach (2023).Google Scholar

EU Parliament, Resolution of 20 October 2020 with recommendations to the Commission on a Digital Services Act: Adapting commercial and civil law rules for commercial entities operating online (2020/2019(INL)). https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52020IP0273 (accessed 8 January 2025).Google Scholar

EU Parliament, Resolution of 12 December 2023 on addictive design of online services and consumer protection in the EU single market (2023/2043(INI)).Google Scholar

EU Parliament, Resolution of 23 October 2024 on the urgent need to revise the Medical Devices Regulation (2024/2849(RSP)). www.europarl.europa.eu/doceo/document/TA-10-2024-0028_EN.html (accessed 8 January 2025).Google Scholar

EU Parliament, A9-0356/2021, Opinion of the Committee on Civil Liberties, Justice and Home Affairs www.europarl.europa.eu/doceo/document/A-9-2021-0356_EN.html#_section5 (accessed 8 January 2025).Google Scholar

EU Parliament, AIA IMCO-LIBE Report (13 June 2023), Article 3(1)(34), Amendment 1031–1037. https://artificialintelligenceact.eu/wp-content/uploads/2022/06/AIA-IMCO-LIBE-Report-All-Amendments-14-June.pdf (accessed 8 January 2025).Google Scholar

EU Strengthened Code of Practice on Disinformation (2022). https://digital-strategy.ec.europa.eu/en/library/2022-strengthened-code-practice-disinformation (accessed 30 January 2025).Google Scholar

Eurofound, Employee monitoring and surveillance: The challenges of digitalisation, Publications Office of the European Union, Luxembourg, and Eurofund, Monitoring and surveillance of workers in the digital age (2020) www.eurofound.europa.eu/en/monitoring-and-surveillance-workers-digital-age (accessed 8 January 2025).Google Scholar

European Parliamentary Research Service, Costica Dumbrava, ‘Artificial intelligence at EU borders. Overview of applications and key issues’ (2021). www.europarl.europa.eu/RegData/etudes/IDAN/2021/690706/EPRS_IDA(2021)690706_EN.pdf 19 January 2025.Google Scholar

Farahany, Nita, The Battle for Your Brain: Defending the Right to Think Freely in the Age of Neurotechnology (St Martin’s Press 2023).Google Scholar

Feldman Barrett, Lisa and others, ‘Emotional Expressions Reconsidered: Challenges to Inferring Emotion from Human Facial Movements’ (2019) 20 Psychological Science in the Public Interest, 1–68.10.1177/1529100619832930CrossRefGoogle Scholar

Floridi, Luciano, ‘Group Privacy: A Defence and an Interpretation’ In Taylor, L. and others (eds), Group Privacy: New Challenges of Data Technologies (Springer 2016), 83–100.Google Scholar

Floridi, Luciano, ‘Open Data, Data Protection, and Group Privacy’ (2014) 27(1–3) Philosophy & Technology. https://doi.org/10.1007/s13347-014-0157-8.CrossRefGoogle Scholar

Fölster, Mara and others, ‘Facial Age Affects Emotional Expression Decoding’, Frontiers in Psychology (4 February 2014) www.frontiersin.org/articles/10.3389/fpsyg.2014.00030/full#h4 (accessed 8 January 2025).10.3389/fpsyg.2014.00030CrossRefGoogle Scholar

Fourberg, Niklas and others, ‘Online advertising: The impact of targeted advertising on advertisers, market access and consumer choice’. Study requested by the European Parliament’s committee on the Internal Market and Consumer Protection (IMCO) (2021). www.europarl.europa.eu/RegData/etudes/STUD/2021/662913/IPOL_STU%282021%29662913_EN.pdf (accessed 8 January 2025).Google Scholar

Future of Privacy Forum, ‘Privacy and the connected mind. Understanding the Data Flows and Privacy Risks of Brain-Computer Interfaces’ (2021). https://fpf.org/wp-content/uploads/2021/11/FPF-BCI-Report-Final.pdf (accessed 8 January 2025).Google Scholar

Future of Privacy Forum, ‘Privacy and the Rise of “Neurorights” in Latin America’ (20 March 2024). https://fpf.org/blog/privacy-and-the-rise-of-neurorights-in-latin-america/ (accessed 8 January 2025).Google Scholar

Garante per la protezione dei dati personali, Installazione di apparati promozionali del tipo ‘digital signage (definiti anche Totem) presso una stazione ferroviaria – 21 dicembre 2017 [7496252]. www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/7496252 (accessed 8 January 2025).Google Scholar

Gellert, Raphaël, The Risk-Based Approach to Data Protection (Oxford University Press 2020).10.1093/oso/9780198837718.001.0001CrossRefGoogle Scholar

George, Damian and others, ‘GDPR Bypass by Design? Transient Processing of Data under the GDPR’ (2019) 9(4) International Data Privacy Law, 285–298. https://doi.org/10.1093/idpl/ipz017.Google Scholar

Gola, Peter and Heckmann, Dirk (eds), Datenschutz-Grundverordnung VO EU 2016/679 Bundesdatenschutzgesetz (3rd ed. C.H. Beck 2022).Google Scholar

Gooding, Piers, ‘Mapping the Rise of Digital Mental Health Technologies: Emerging Issues for Law and Society’ (2019) 67 International Journal of Law and Psychiatry, 101498, https://doi.org/10.1016/j.ijlp.2019.101498.CrossRefGoogle ScholarPubMed

Goujard, Clothilde, ‘European Parliament pushes to ban targeted ads based on health, religion or sexual orientation’ Politico (20 January 2022) www.politico.eu/article/european-parliament-bans-use-of-sensitive-personal-data-for-targeted-ads/ (accessed 8 January 2025).Google Scholar

Greene, Gretchen, ‘The Ethics of AI and Emotional Intelligence. Data sources, applications, and questions for evaluating ethics risk’, Partnership on AI (2020). https://partnershiponai.org/paper/the-ethics-of-ai-and-emotional-intelligence/ (accessed 8 January 2025).Google Scholar

Grisse, Karina, ‘Recommender Systems, Manipulation and Private Autonomy: How European Civil Law Regulates and Should Regulate Recommender Systems for the Benefit of Private Autonomy’ In Genovesi, S. and others (eds), Recommender Systems: Legal and Ethical Issues. The International Library of Ethics, Law and Technology, vol 40. (Springer 2023). https://doi.org/10.1007/978-3-031-34804-4_6.Google Scholar

Haber, Nick and others, ‘Upgraded Google Glass Helps Autistic Kids “See” Emotions’, IEEE Spectrum (26 March 2023). https://spectrum.ieee.org/upgraded-google-glass-helps-autistic-kids-see-emotions (accessed 8 January 2025).Google Scholar

Hackenburg, Kobi and Margetts, Helen, ‘Evaluating the Persuasive Influence of Political Microtargeting with Large Language Models, PNAS’ (2024) 121(24) Political Sciences, e2403116121. https://doi.org/10.1073/pnas.2403116121.Google Scholar

Hallinan, Dara and others, ‘Legal Neuroexceptionalism: Framing a Concept’ (2023) 14(2) European Journal of Law and Technology. www.ejlt.org/index.php/ejlt/article/view/902 (accessed 8 January 2025).Google Scholar

Hallinan, Dara and others, ‘Neurodata and Neuroprivacy: Data Protection Outdated?’ (2014) 12(1) Surveillance & Society, 55–72. doi: 10.24908/ss.v12i1.4500.CrossRefGoogle Scholar

Häuselmann, Andreas, ‘Fit for purpose? Affective Computing meets EU data protection law’ (2021) 11(3) International Data Privacy Law, 245–256. https://doi.org/10.1093/idpl/ipab008.CrossRefGoogle Scholar

Häuselmann, Andreas and Custers, Bart, ‘Substantive fairness in the GDPR: Fairness Elements for Article 5.1a GDPR’ (2024) 52(105942) Computer Law & Security Review. https://doi.org/10.1016/j.clsr.2024.105942.CrossRefGoogle Scholar

Häuselmann, Andreas and others, ‘EU law and emotion data’ (11th International Conference on Affective Computing and Intelligent Interaction ACII, Cambridge, MA, USA, 2023), 1–8. doi: 10.1109/ACII59096.2023.10388181.CrossRefGoogle Scholar

Helberger, Natali and others, ‘Choice Architectures in the Digital Economy: Towards a New Understanding of Digital Vulnerability’ (2022) 45 Journal of Consumer Policy, 175–200. https://doi.org/10.1007/s10603-021-09500-5.Google ScholarPubMed

Helberger, Natali and others, ‘Digital Fairness for Consumers’ BEUC (2024). www.beuc.eu/sites/default/files/publications/BEUC-X-2024-032_Digital_fairness_for_consumers_Report.pdf (accessed 8 January 2025).Google Scholar

Helberger, Natali and others, ‘EU Consumer Protection 2.0: Structural Asymmetries in Digital Consumer Markets’ A joint report from research conducted under the EUCP2.0 project. BEUC (2021). www.beuc.eu/sites/default/files/publications/beuc-x-2021-018_eu_consumer_protection_2.0.pdf (accessed 8 January 2025).Google Scholar

Helberger, Natali and others, ‘EU Consumer Protection 2.0: The Regulatory Gap: Consumer Protection in the Digital Economy. Addendum to the report “Structural asymmetries in digital consumer markets”’ BEUC (2021). www.beuc.eu/sites/default/files/publications/beuc-x-2021-116_the_regulatory_gap-consumer_protection_in_the_digital_economy.pdf (accessed 8 January 2025).Google Scholar

Helberger, Natali and others, ‘Towards Unfair Political Practices Law: Learning Lessons from the Regulation of Unfair Commercial Practices for Online Political Advertising’ (2021) 12(3) Journal of Intellectual Property, Information Technology and E-Commerce Law JIPITEC, 273–296.Google Scholar

Hofmann, Franz and Raue, Benjamin (eds), Digital Services Act. Gesetz über digitale Dienste (Nomos 2023).Google Scholar

Hupont, Isabelle and others, ‘Measuring and Fostering Diversity in Affective Computing Research’ (2024) 15(01) IEEE Transactions on Affective Computing, 63–78. doi: 10.1109/TAFFC.2023.3244041.CrossRefGoogle Scholar

ICO, Biometrics: Insight, version 1.0 (2022). https://ico.org.uk/media/4021972/biometrics-insight-report.pdf (accessed 8 January 2025).Google Scholar

ICO, Data protection and monitoring workers. https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/employment/monitoring-workers/data-protection-and-monitoring-workers/ (accessed 8 January 2025).Google Scholar

ICO, Employment practices and data protection: Monitoring workers. Data protection and monitoring workers. https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/employment/monitoring-workers/data-protection-and-monitoring-workers/#dp4 (accessed 8 January 2025).Google Scholar

ICO, ICO tech futures: Neurotechnology. (version 01 June 2023). https://ico.org.uk/about-the-ico/research-reports-impact-and-evaluation/research-and-reports/technology-and-innovation/ico-tech-futures-neurotechnology/ (accessed 8 January 2025).Google Scholar

ICO, Information Commissioner’s Opinion: The use of live facial recognition technology in public places 18 June 2021, https://ico.org.uk/media/2619985/ico-opinion-the-use-of-lfr-in-public-places-20210618.pdf (accessed 8 January 2025).Google Scholar

ICO, Investigation into the use of data analytics in political campaigns. A report to Parliament (6 November 2018). https://ico.org.uk/media/action-weve-taken/2260271/investigation-into-the-use-of-data-analytics-in-political-campaigns-final-20181105.pdf (accessed 30 January 2025).Google Scholar

ICO, Key data protection concepts, What is special category biometric data? https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/lawful-basis/biometric-data-guidance-biometric-recognition/key-data-protection-concepts/#whatisspecial (accessed 8 January 2025).Google Scholar

Ienca, Marcello, ‘On Neurorights’ (24 September 2021) Frontiers in Human Neuroscience, https://doi.org/10.3389/fnhum.2021.701258.Google Scholar

Ienca, Marcello and Malgieri, Gianclaudio, ‘Mental Data Protection and the GDPR’ (2022) 9(1) Journal of Law and the Biosciences. https://doi.org/10.1093/jlb/lsac006.Google ScholarPubMed

Ienca, Marcello and Andorno, Roberto, ‘Towards New Human Rights in the Age of Neuroscience and Neurotechnology’ (2017) 13(5) Life Sciences, Society and Policy. https://doi.org/10.1186/s40504-017-0050-1.Google ScholarPubMed

Indra, Spiecker gen. Döhmann and others (eds), General Data Protection Regulation. Article-by-Article Commentary (Nomos 2023), https://doi.org/10.5771/9783845276984.Google Scholar

Interim report of the Special Rapporteur on freedom of religion or belief, Ahmed Shaheed: ‘Freedom of thought’ published on 05 October 2021 (A/76/380), 3 www.ohchr.org/en/documents/thematic-reports/a76380-interim-report-special-rapporteur-freedom-religion-or-belief (accessed 8 January 2025).Google Scholar

Iwaya, Leonardo Horn and others, ‘On the Privacy of Mental Health Apps’ (2023) 28(2) Empir Software Engineering. https://doi.org/10.1007/s10664-022-10236-0.CrossRefGoogle ScholarPubMed

Jasserand, Catherine A., ‘Avoiding Terminological Confusion between the Notions of “Biometrics” and “Biometric Data”: An Investigation into the Meanings of the Terms from a European Data Protection and a Scientific Perspective’ (2016) 6(1) International Data Privacy Law, 63–76. https://doi.org/10.1093/idpl/ipv020.Google Scholar

Jasserand, Catherine A, ‘Legal Nature of Biometric Data: From “Generic” Personal Data to Sensitive Data’ (2016) 3 European Data Protection Law Review, 297–311. https://doi.org/10.21552/EDPL/2016/3/6.CrossRefGoogle Scholar

Kelly-Lyth, Aislinn, ‘Algorithmic Discrimination at Work’ (2023) 14(2) European Labour Law Journal, 152–171. https://doi.org/10.1177/20319525231167300.CrossRefGoogle Scholar

Kindt, Els J, Privacy and Data Protection Issues of Biometric Applications. A Comparative Legal Analysis (Springer 2013).10.1007/978-94-007-7522-0CrossRefGoogle Scholar

Kramer, Adam DI and others, ‘Experimental Evidence of Massive-Scale Emotional Contagion through Social Networks’ (2014) Proceedings of the National Academy of Sciences (PNAS). https://doi.org/10.1073/pnas.1320040111.CrossRefGoogle Scholar

Kröger, Jacob Leon and others, ‘Privacy Implications of Voice and Speech Analysis – Information Disclosure by Inference’ In Friedewald, M. and others (eds), Privacy and Identity Management. Data for Better Living: AI and Privacy. Privacy and Identity 2019. IFIP Advances in Information and Communication Technology, vol 576. (Springer 2020). https://doi.org/10.1007/978-3-030-42504-3_16.Google Scholar

Kuner, Christopher and others (eds), The EU General Data Protection Regulation (GDPR), A Commentary (Print publication date: 2020. Published to Oxford Scholarship Online 2021). https://doi.org/10.1093/oso/9780198826491.001.0001.Google Scholar

Landsec, London’s iconic Piccadilly Lights are switched back on (Press Release 26 October 2017). https://landsec.com/media/press-releases/2017/londons-iconic-piccadilly-lights-are-switched-back (accessed 24 January 2025).Google Scholar

Laux, Johann and others, ‘Neutralizing Online Behavioural Advertising: Algorithmic Targeting with Market Power as an Unfair Commercial Practice’ (2021) 58(3) Common Market Law Review, 719–750. https://doi.org/10.54648/cola2021048 (accessed 8 January 2025).CrossRefGoogle Scholar

Le Mau, Tuan and others, ‘Professional Actors Demonstrate Variability, Not Stereotypical Expressions, When Portraying Emotional States in Photographs’ (2021) 12 (Article no. 5037) Nature Communications. https://doi.org/10.1038/s41467-021-25352-6.CrossRefGoogle ScholarPubMed

Leiser, Mark, ‘Psychological Patterns and Article 5 of the AI Act’ (2024) 1(1) Journal of AI Law and Regulation, 5–23. https://doi.org/10.21552/aire/2024/1/4.CrossRefGoogle Scholar

Levine, Alexandra S, ‘Suicide hotline shares data with for-profit spinoff, raising ethical questions’ Politico (28 January 2022) www.politico.com/news/2022/01/28/suicide-hotline-silicon-valley-privacy-debates-00002617 (accessed 8 January 2025).Google Scholar

Li, Wenkai and Quinn, Paul, ‘The European Health Data Space: An Expanded Right to Data Portability?’ (2024) 52(105913) Computer Law & Security Review. https://doi.org/10.1016/j.clsr.2023.105913.CrossRefGoogle Scholar

Ligthart, Sjors, ‘Freedom of Thought in Europe: Do Advances in ‘Brain-Reading’ Technology Call for Revision?’ (2020) 7(1) Journal of Law and the Biosciences. https://doi.org/10.1093/jlb/lsaa048.CrossRefGoogle ScholarPubMed

Ligthart, Sjors and others, ‘Minding Rights: Mapping Ethical and Legal Foundations of “Neurorights”’ (2023) 32(4) Cambridge Quarterly of Healthcare Ethics, 461–481. https://doi.org/10.1017/S0963180123000245.CrossRefGoogle Scholar

Ligthart, Sjors and others (eds), Neurolaw. Advances in Neuroscience, Justice & Security (Springer 2021).10.1007/978-3-030-69277-3CrossRefGoogle Scholar

Ligthart, Sjors and others, ‘Rethinking the Right to Freedom of Thought: A Multidisciplinary Analysis’ (2022) 22(4) Human Rights Law Review. https://doi.org/10.1093/hrlr/ngac028.CrossRefGoogle Scholar

López-Silva, Pablo and Valera, Luca (eds), Protecting the Mind. Challenges in Law, Neuroprotection, and Neurorights (Springer 2022)10.1007/978-3-030-94032-4CrossRefGoogle Scholar

Lynskey, Orla, The Foundations of EU Data Protection Law (Oxford University Press 2015).Google Scholar

Malgieri, Gianclaudio, ‘The Concept of Fairness in the GDPR: A Linguistic and Contextual Interpretation’, ACM Proceedings of the 2020 Conference on Fairness, Accountability, and Transparency (27 January 2020), 154–166. https://doi.org/10.1145/3351095.3372868.Google Scholar

Malgieri, Gianclaudio, Vulnerability and Data Protection Law (Oxford, 2023; online ed., Oxford Academic, 19 December 2019) https://doi.org/10.1177/1461444820924631.CrossRefGoogle Scholar

Malgieri, Gianclaudio and Comandé, Giovanni, ‘Sensitive-by-Distance: Quasi-Health Data in the Algorithmic Era’ (2017), 26(3) Information & Communications Technology Law, 229–249. doi: 10.1080/13600834.2017.1335468.CrossRefGoogle Scholar

Malgieri, Gianclaudio and Niklas, Jędrzej, ‘Vulnerable Data Subjects’ (2020) 37(105415) Computer Law & Security Review. https://doi.org/10.1016/j.clsr.2020.105415.CrossRefGoogle Scholar

Mantelero, Alessandro, ‘Fundamental rights impact assessments in the DSA’, Verfassungsblog (1.11.2022). https://verfassungsblog.de/dsa-impact-assessment/ (accessed 8 January 2025).Google Scholar

Mantelero, Alessandro, ‘Human Rights Impact Assessment and AI’ In Beyond Data. Human Rights, Ethical and Social Impact Assessment in AI, Information Technology and Law Series, vol 36. (T.M.C. Asser Press 2022). https://doi.org/10.1007/978-94-6265-531-7_2.CrossRefGoogle Scholar

Mantelero, Alessandro, ‘The Future of Consumer Data Protection in the E.U. Re-Thinking the “Notice and Consent” Paradigm in the New Era of Predictive Analytics’ (2014) 30(6) Computer Law & Security Review. https://doi.org/10.1016/j.clsr.2014.09.004.CrossRefGoogle Scholar

Mantelero, Alessandro, ‘The Fundamental Rights Impact Assessment (FRIA) in the AI Act: Roots, Legal Obligations and Key Elements for a Model Template’ (2024) 54 Computer Law & Security Review, 106020. https://doi.org/10.1016/j.clsr.2024.106020.CrossRefGoogle Scholar

Marda, Vidushi, ‘Not Just Privacy: The Dangers of Emotion Recognition Technology’ (14 August 2024) https://casi.sas.upenn.edu/iit/vidushimarda (accessed 8 January 2025).Google Scholar

Market Research Future, ‘Global Digital Mental Health Market Overview’ (2024). www.marketresearchfuture.com/reports/digital-mental-health-market-11062 (accessed 8 January 2025).Google Scholar

Martini, Mario and Wendehorst, Christiane (eds), KI-VO. Künstliche Intelligenz-Verordnung (C.H. Beck 2024).Google Scholar

Martini, Mario and others, ‘Dark Patterns’ (2021) 01 Zeitschrift für Digitalisierung und Recht.Google Scholar

Mashrur, FR and others, ‘BCI-Based Consumers’ Choice Prediction from EEG Signals: An Intelligent Neuromarketing Framework’ (2022) 16(861270) Frontiers in Human Neuroscience doi: 10.3389/fnhum.2022.861270.Google ScholarPubMed

Maslen, Hannah and others, ‘The Regulation of Cognitive Enhancement Devices: Extending the Medical Model’ (2014) 1(1) Journal of Law and the Biosciences, 68–93. https://doi.org/10.1093/jlb/lst003.CrossRefGoogle ScholarPubMed

McStay, Andrew and Urquhart, L, ‘“This Time with Feeling?” Assessing EU Data Governance Implications of Out of Home Appraisal Based Emotional AI’ (2019) 24 First Monday 10 https://doi.org/10.5210/fm.v24i10.9457.CrossRefGoogle Scholar

MDCG, Guidance notes for manufacturers of class I medical devices, 2019–15 rev.1 (December 2019, July 2020 rev.1). https://health.ec.europa.eu/document/download/349a2d4c-ea2a-4279-861c-7c063bc077e4_en?filename=md_guidance-manufacturers_en.pdf (accessed 8 January 2025).Google Scholar

MDCG, Manual on borderline and classification for medical devices under Regulation (EU) 2017/745 on medical devices and Regulation (EU) 2017/746 on in vitro diagnostic medical devices, Version 3 – September 2023, https://health.ec.europa.eu/document/download/71a87df8-5ca1-4555-b453-b65bdf8de909_en?filename=md_borderline_manual_en.pdf (accessed 8 January 2025).Google Scholar

Meredith, Sam, ‘Facebook-Cambridge Analytica: A timeline of the data hijacking scandal’ CNBC (10 April 2018) www.cnbc.com/2018/04/10/facebook-cambridge-analytica-a-timeline-of-the-data-hijacking-scandal.html (accessed 8 January 2025).Google Scholar

Merrill, Jeremy B and Oremus, Will, ‘Five points for anger, one for a “like”: How Facebook’s formula fostered rage and misinformation’, Washington Post (26 October 2021). www.washingtonpost.com/technology/2021/10/26/facebook-angry-emoji-algorithm/ (accessed 8 January 2025).Google Scholar

Ministère de l’Enseignement supérieur et de la Recherche, Charte de développement responsable des neurotechnologies (17 November 2022). www.enseignementsup-recherche.gouv.fr/fr/charte-de-developpement-responsable-des-neurotechnologies-87964 (accessed 8 January 2025).Google Scholar

Moreu Carbonell, Elisa, ‘The Regulation of Neuro-Rights’ (2021) 2(2) European Review of Digital Administration & Law – Erdal, 149–162. https://doi.org/10.53136/979125994752914.Google Scholar

Mozilla, ‘Top Mental Health and Prayer Apps Fail Spectacularly at Privacy, Security’ (2022) https://foundation.mozilla.org/en/blog/top-mental-health-and-prayer-apps-fail-spectacularly-at-privacy-security/ (accessed 8 January 2025).Google Scholar

Muhl, Ekaterina and Andorno, Roberto, ‘Neurosurveillance in the Workplace: Do Employers Have the Right to Monitor Employees’ Minds?’ Frontiers in Human Dynamics, 19 September 2023, Sec. Digital Impacts, 5–2023. https://doi.org/10.3389/fhumd.2023.1245619.CrossRefGoogle Scholar

Murdoch, Jim Protecting the right to freedom of thought, conscience and religion under the European Convention on Human Right (Council of Europe Human Rights Handbook 2012).Google Scholar

Nam, Chang S. and others (eds), Brain–Computer Interfaces Handbook. Technological and Theoretical Advances (CRC Press 2018).Google Scholar

Nandakumar, K and Jain, AK, ‘Soft Biometrics’. In Li, S. Z. and Jain, A. K. (eds), Encyclopedia of Biometrics (Springer, 2009), 1235–1239. https://doi.org/10.1007/978-0-387-73003-5_225.Google Scholar

Neuwirth, Rostam J, ‘Prohibited Artificial Intelligence Practices in the Proposed EU Artificial Intelligence Act (AIA)’ (2023) 48(105798) Computer Law & Security Review, https://doi.org/10.1016/j.clsr.2023.105798.CrossRefGoogle Scholar

Neuwirth, Rostam J, The EU Artificial Intelligence Act: Regulating Subliminal AI Systems (Routledge 2023).10.4324/9781003319436CrossRefGoogle Scholar

Norwegian Data Protection Authority, Urgent and Provisional Measures – Meta (14. Jul 2023) www.datatilsynet.no/contentassets/36ad4a92100943439df9a8a3a7015c19/urgent-and-provisional-measures--meta_redacted.pdf (accessed 8 January 2025).Google Scholar

Novelli, Claudio and others, ‘Generative AI in EU Law: Liability, Privacy, Intellectual Property, and Cybersecurity’ (2024) 55 Computer Law & Security Review, 106066. https://doi.org/10.1016/j.clsr.2024.106066.CrossRefGoogle Scholar

Noyb, ‘noyb files GDPR complaint against Meta over “Pay or Okay”’ (28 November 2023). https://noyb.eu/en/noyb-files-gdpr-complaint-against-meta-over-pay-or-okay (accessed 8 January 2025).Google Scholar

OECD, Consumer vulnerability in the digital age, OECD Digital Economy Papers, No. 355. OECD Publishing, (2023). https://doi.org/10.1787/4d013cc5-en.CrossRefGoogle Scholar

OECD, Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (OECD Publishing 2002). https://doi.org/10.1787/9789264196391-en.Google Scholar

OECD, Neurotechnology Toolkit to support policymakers in implementing the OECD Recommendation on Responsible Innovation in Neurotechnology (2024).Google Scholar

OECD, Recommendation of the Council on Responsible Innovation in Neurotechnology (2019) https://legalinstruments.oecd.org/en/instruments/OECD-LEGAL-0457 (accessed 8 January 2025).Google Scholar

Office of the Data Protection Ombudsman, Administrative fine imposed on psychotherapy centre Vastaamo for data protection violations (2021) https://tietosuoja.fi/en/-/administrative-fine-imposed-on-psychotherapy-centre-vastaamo-for-data-protection-violations (accessed 8 January 2025).Google Scholar

Onitiu, Daria and others, ‘How AI Challenges the Medical Device Regulation: Patient Safety, Benefits, and Intended Uses’ (2024) lsae007 Journal of Law and the Biosciences. https://doi.org/10.1093/jlb/lsae007.CrossRefGoogle Scholar

Open letter to EU AI Act negotiators: Do not trade away our rights! (8 December 2023). https://edri.org/wp-content/uploads/2023/12/Open-letter-to-EU-AI-Act-negotiators_Do-not-trade-away-our-rights-8-December-2023.pdf (accessed 8 January 2025).Google Scholar

Paal, Boris and Pauly, Daniel (eds), Datenschutz-Grundverordnung Bundesdatenschutzgesetz: DS-GVO BDSG (3rd ed. C.H. Beck 2021).Google Scholar

Panopytkon Foundation, ‘Algorithms of trauma: New case study shows that Facebook doesn’t give users real control over disturbing surveillance ads’ (28/09/2021), https://en.panoptykon.org/algorithms-of-trauma (accessed 8 January 2025).Google Scholar

Panopytkon Foundation, ‘Anxious about your health? Facebook won’t let you forget’ (7/12/2023). https://en.panoptykon.org/algorithms-of-trauma-2-anxious-about-health (accessed 20 June 2024).Google Scholar

Picard, Rosalind W, Affective Computing (MIT Press 2000).10.7551/mitpress/1140.003.0008CrossRefGoogle Scholar

Picozza, Eugenio (ed), Neurolaw: An Introduction (Springer 2016).10.1007/978-3-319-41441-6CrossRefGoogle Scholar

Prassl, Jeremias, Humans as a Service. The Promise and Perils of Work in the Gig Economy (OUP 2018)10.1093/oso/9780198797012.001.0001CrossRefGoogle Scholar

Privacy International, ‘Your mental health for sale’ (2019) https://privacyinternational.org/node/3193 (accessed 8 January 2025).Google Scholar

Purdy, Mark and others, ‘The Risks of AI to Interpret Human Emotions’, Harvard Business Review (18 November 2019) https://hbr.org/2019/11/the-risks-of-using-ai-to-interpret-human-emotions (accessed 8 January 2025).Google Scholar

Purtova, Nadehzda, ‘The Law of Everything. Broad Concept of Personal Data and Future of EU Data Protection Law’ (2018) 10 Law, Innovation and Technology, 40–81. https://doi.org/10.1080/17579961.2018.1452176.CrossRefGoogle Scholar

Quinn, Paul and Malgieri, Giancarlo, ‘The Difficulty of Defining Sensitive Data – The Concept of Sensitive Data in the EU Data Protection Framework’ (2021) 22 German Law Journal, 1583–1612. doi:10.1017/glj.2021.79.CrossRefGoogle Scholar

Rai, Sunny and others, ‘Key Language Markers of Depression on Social Media Depend on Race’, Proceedings of the National Academy of Sciences (26 March 2024). https://doi.org/10.1073/pnas.231983712.CrossRefGoogle Scholar

Rainey, Stephen and others, ‘Is the European Data Protection Regulation Sufficient to Deal with Emerging Data Concerns Relating to Neurotechnology?’ (2020) 7(1) Journal of Law and the Biosciences, 1–19. doi:10.1093/jlb/lsaa051.CrossRefGoogle Scholar

Ralston, William, ‘They Told Their Therapists Everything. Hackers Leaked It All’ Wired (4 May 2021) www.wired.com/story/vastaamo-psychotherapy-patients-hack-data-breach/ (accessed 8 January 2025).Google Scholar

Report on the novelties of the Audiovisual Media Services Directive (AVMSD) and its relevance for national legislative transposition (2023). www.osce.org/files/f/documents/a/1/539114_0.pdf (accessed 8 January 2025).Google Scholar

Report on the Public Consultation for the European Democracy Action Plan (EDAP), (2 December 2020). https://commission.europa.eu/system/files/2020-12/report_edap_public_consultation_final.pdf (accessed 8 January 2025).Google Scholar

Rhue, Lauren, ‘Racial Influence on Automated Perceptions of Emotions’ (2018) https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3281765 (accessed 8 January 2025).10.2139/ssrn.3281765CrossRefGoogle Scholar

Riefa, Christine, ‘Protecting Vulnerable Consumers in the Digital Single Market’ (2022) 33 European Business Law Review, 607–634. https://doi.org/10.54648/eulr2022028.CrossRefGoogle Scholar

Rigby, Sandra and others, ‘Implementation of the Australian National Safety and Quality Digital Mental Health Standards’ (2024) 32(4) Australasian Psychiatry, 314–318. doi: 10.1177/10398562241246488.CrossRefGoogle ScholarPubMed

Robertson, Claire E and others, ‘Negativity Drives Online News Consumption’ (2023) 7 Nature Human Behaviour, 812–822. https://doi.org/10.1038/s41562-023-01538-4.CrossRefGoogle ScholarPubMed

Ruohonen, Jukka, ‘A Review of Product Safety Regulations in the European Union’ (2022) 3 International Cybersecurity Law Review, 345–366. https://doi.org/10.1365/s43439-022-00057-8.CrossRefGoogle ScholarPubMed

Sartor, Giovanni and others, ‘Regulating targeted and behavioural advertising in digital services: How to ensure users’ informed consent’. Study requested by the European Parliament’s Committee on Legal Affairs (JURI committee) (2021). www.europarl.europa.eu/thinktank/en/document/IPOL_STU(2021)694680 (accessed 8 January 2025).Google Scholar

Sententia, Wyre, ‘Neuroethical Considerations: Cognitive Liberty and Converging Technologies for Improving Human Cognition’ (2004) 1013 Annals of the New York Academy of Sciences, 221–228. doi: 10.1196/annals.1305.014.CrossRefGoogle ScholarPubMed

Simitis, Spiros, ‘Reconsidering the Premises of Labour Law: Prolegomena to an EU Regulation on the Protection of Employees’ Personal Data’ (1999) 5(1) European Law Journal, 45–62.10.1111/1468-0386.00065CrossRefGoogle Scholar

Solove, Daniel J, ‘Data Is What Data Does: Regulating Risk, Based on Harm and Risk Instead of Sensitive Data’ (2024) 118 4 Northwestern University Law Review, 1081–1138.Google Scholar

Solove, Daniel J, ‘Murky Consent: An Approach to the Fictions of Consent in Privacy Law’ (2024) 104(593) Boston Law Review, 593. www.bu.edu/bulawreview/files/2024/04/SOLOVE.pdf (accessed 8 January 2025).Google Scholar

Spranger, Tade Matthias (ed.), International Neurolaw. A Comparative Analysis (Springer 2012).10.1007/978-3-642-21541-4CrossRefGoogle Scholar

Steindl, Elisabeth, ‘Consumer Neuro Devices within EU Product Safety Law: Are We Prepared for Big Tech Ante Portas?’ (2024) 52, Computer, Law & Security Review, 105945. https://doi.org/10.1016/j.clsr.2024.105945.CrossRefGoogle Scholar

Steindl, Elisabeth, ‘Does the European Data Protection Framework Adequately Protect our Emotions?’, (2022) 8 (2) European Data Protection Law Review, 311–319. https://doi.org/10.21552/edpl/2022/2/20.CrossRefGoogle Scholar

Steindl, Elisabeth, ‘Safeguarding Privacy and Efficacy in E-mental Health: Policy Options in the EU and Australia’ (2023) 13(3) International Data Privacy Law, 207–224. https://doi.org/10.1093/idpl/ipad009.CrossRefGoogle Scholar

Stribling, Gordon, ‘Mental Health Chatbot Gains Medical Device Status in World First’, Health Tech World (17 January 2023). www.htworld.co.uk/news/mental-health-chatbot-gains-medical-device-status-in-world-first/ (accessed 8 January 2025).Google Scholar

Taka, Anni-Mara, ‘A Deep Dive into Dynamic Data Flows, Wearable Devices, and the Concept of Health Data’ (2023), 13(2) International Data Privacy Law, 124–140. https://doi.org/10.1093/idpl/ipad007.CrossRefGoogle Scholar

Taylor, JS and others, ‘Neuropsychologists and Neurolawyers’ (1991) 5(293) Neuropsychology. https://doi.org/10.1037/0894-4105.5.4.293.Google Scholar

Taylor, Paul M, Freedom of Religion: UN and European Human Rights Law and Practice (Cambridge University Press 2005), 115. doi: 10.1017/CBO9780511616129.CrossRefGoogle Scholar

Teo, Sue Anne, ‘How to Think about Freedom of Thought (and Opinion) in the Age of AI’ (2024) 53 Computer Law & Security Review. https://doi.org/10.1016/j.clsr.2024.105969.CrossRefGoogle Scholar

Tidy, Joey, ‘Hacker jailed for blackmailing therapy patients’ (BBC 1 May 2024). www.bbc.com/news/articles/c97znd00q7mo (accessed 8 January 2025).Google Scholar

Tzanou, Maria, ‘The GDPR and (Big) Health Data. Assessing the EU Legislator’s Choices’ In Tzanou, Maria (ed), Health Data Privacy under the GDPR. Big Data Challenges and Regulatory Responses (Routledge 2020).10.4324/9780429022241CrossRefGoogle Scholar

UN Committee on the Rights of the Child, General comment No. 25 (2021) on children’s rights in relation to the digital environment https://digitallibrary.un.org/record/3906061 (accessed 8 January 2025).Google Scholar

UN Human Rights Council Advisory Committee, ‘Impact, opportunities and challenges of neurotechnology with regard to the promotion and protection of all human rights’ (A/HRC/57/61) (2024). https://documents.un.org/doc/undoc/gen/g24/133/28/pdf/g2413328.pdf. 20 January 2025.Google Scholar

UN, Our Common Agenda – Report of the Secretary-General (2021). www.un.org/en/content/common-agenda-report/assets/pdf/Common_Agenda_Report_English.pdf (accessed 8 January 2025).Google Scholar

Unesco, Ethical issues of neurotechnology: Report, adopted in December 2021 (2022), https://doi.org/10.54678/QNKB6229.CrossRefGoogle Scholar

Unesco, First draft of a Recommendation on the Ethics of Neurotechnology (revised version): Working document as of 27 August 2024, SHS/BIO/AHEG-Neuro-2/2024/1 https://unesdoc.unesco.org/ark:/48223/pf0000391074 (accessed 14 January 2025).Google Scholar

Unesco, Outcome Document of the First Meeting of the AHEG First Draft of a Recommendation on the Ethics of Neurotechnology (First Version), SHS/BIO/AHEG-Neuro/2024/1 (9 May 2024). https://unesdoc.unesco.org/ark:/48223/pf0000389768?posInSet=1&queryId=cfc56e24-7a88-4b19-90e7-63bcfc4e556b (accessed 4 May 2025).Google Scholar

Unesco, Draft Text of the Recommendation on the Ethics of Neurotechnology, SHS/IGM-NEURO/2025/MAY/3 (9 April 2025). https://unesdoc.unesco.org/ark:/48223/pf0000393395 (accessed 19 June 2025).Google Scholar

Unesco, The risks and challenges of neurotechnologies for human rights (2023), https://doi.org/10.54678/POGS7778.CrossRefGoogle Scholar

Valcke, Peggy and others, ‘Constitutional Challenges in the Emotional AI Era’ In Micklitz, H-W. and others (eds), Constitutional Challenges in the Algorithmic Society (Cambridge University Press 2021), 57–77.10.1017/9781108914857.005CrossRefGoogle Scholar

Van Drunen, Max Zeno and others, ‘The Beginning of EU Political Advertising Law: Unifying Democratic Visions through the Internal Market’ (2022) 30(2) International Journal of Law and Information Technology, 181–199. https://doi.org/10.1093/ijlit/eaac017.CrossRefGoogle Scholar

Veale, Michael and Zuiderveen Borgesius, Frederik, ‘Demystifying the Draft EU Artificial Intelligence Act – Analysing the Good, the Bad, and the Unclear Elements of the Proposed Approach’ (2021) 22(4) Computer Law Review International, 97–112. https://doi.org/10.9785/cri-2021-220402.CrossRefGoogle Scholar

Veale, Michael and others, ‘Fortifying the Algorithmic Management Provisions in the Proposed Platform Work Directive’ (2023) 14(2) European Labour Law Journal, 308–332. https://doi.org/10.1177/20319525231167983.CrossRefGoogle Scholar

Vemou, Konstantina and others, ‘TechDispatch – Facial emotion recognition’, EDPS TechDispatch 2021-1. https://doi.org/10.2804/519064.CrossRefGoogle Scholar

Verhoef, Tessa and Fosch-Villaronga, Eduard, ‘Towards affective computing that works for everyone’, 2023 11th International Conference on Affective Computing and Intelligent Interaction (ACII), Cambridge, MA, USA, 2023, 1–8. doi: 10.1109/ACII59096.2023.10388169.CrossRefGoogle Scholar

VUB Brussels Privacy Hub, More than 150 university professors from all over Europe and beyond are calling on the European institutions to include a fundamental rights impact assessment in the future regulation on artificial intelligence (12 September 2023). https://brusselsprivacyhub.com/2023/09/12/brussels-privacy-hub-and-other-academic-institutions-ask-to-approve-a-fundamental-rights-impact-assessment-in-the-eu-artificial-intelligence-act/ (accessed 8 January 2025).Google Scholar

Wachter, Sandra, ‘Affinity Profiling and Discrimination by Association in Online Behavioural Advertising’ (2020) 35(2) Berkeley Technology Law Journal, 369–430. https://doi.org/10.15779/Z38JS9H82M.Google Scholar

Wachter, Sandra, ‘Limitations and Loopholes in the EU AI Act and AI Liability Directives: What This Means for the European Union, the United States, and Beyond’ (2024) 26(3) Yale Journal of Law & Technology, 671–718.Google Scholar

Wachter, Sandra and Mittelstadt, Brent, ‘A Right to Reasonable Inferences: Re-thinking Data Protection Law in the Age of Big Data and AI’ (2019) 2019(2) Columbia Business Law Review, 494–620.Google Scholar

Waterson, Jim, ‘“Show This to Everyone”: UK Political ads Move Away from Microtargeting’, The Guardian (31 May 2024). www.theguardian.com/politics/article/2024/may/31/show-this-to-everyone-uk-political-ads-move-away-from-microtargeting (accessed 8 January 2025).Google Scholar

Wendehorst, Christiane, ‘The Proposal for an Artificial Intelligence Act COM(2021)206 from a Consumer Policy Perspective (2021)’. www.sozialministerium.at/dam/sozialministeriumat/Anlagen/Themen/Konsumentenschutz/Konsumentenpolitik/The-Proposal-for-an-Artificial-Intelligence-Act-COM2021-206-from-a-Consumer-Policy-Perspective_dec2021__pdfUA.pdf (accessed 8 January 2025).Google Scholar

Wendehorst, Christiane and Duller, Yannic, ‘Biometric Recognition and Behavioural Detection. Assessing the ethical aspects of biometric recognition and behavioural detection techniques with a focus on their current and future use in public spaces’. Study requested by the European Parliament’s Committee on Legal Affairs and Petitions’ (JURI and PETI committees) (2021). www.europarl.europa.eu/RegData/etudes/STUD/2021/696968/IPOL_STU(2021)696968_EN.pdf (accessed 8 January 2025).Google Scholar

WHO, Mental health: Concepts in mental health (17 June 2022) www.who.int/news-room/fact-sheets/detail/mental-health-strengthening-our-response (accessed 8 January 2025).Google Scholar

WHO, ‘World mental health report: Transforming mental health for all’ (2022). www.who.int/publications/i/item/9789240049338 (accessed 30 January 2025).Google Scholar

Witley, Skye, ‘Brain-Scanning Technology Spurs State Moves on Neural Privacy’ (13 February 2024). https://news.bloomberglaw.com/privacy-and-data-security/brain-scanning-technology-spurs-state-moves-on-neural-privacy (accessed 8 January 2025).Google Scholar

Wolfangel, Eva, ‘Wenn Hacker mit Gesundheits-Apps besonders leichtes Spiel haben’ Die Zeit (9 May 2023) www.zeit.de/digital/datenschutz/2023-05/gesundheitsapp-datenschutz-depression-edupression-sicherheitsluecke (accessed 8 January 2025).Google Scholar

Wolff, Heinrich Amadeus and others (eds), Datenschutzrecht, Beck‘scher Online-Kommentar (48th ed. C.H. Beck 2024).Google Scholar

World Economic Forum and Deloitte, ‘Global Governance Toolkit for Digital Mental Health: Building Trust in Disruptive Technology for Mental Health’, White Paper (2021). www.weforum.org/publications/global-governance-toolkit-for-digital-mental-health/ (accessed 8 January 2025).Google Scholar

Yue Liu, Nancy, Bio-Privacy: Privacy Regulations and the Challenge of Biometrics (1st ed. Routledge 2011). https://doi.org/10.4324/9780203804087.Google Scholar

Zanfir, Gabriela, ‘Forgetting About Consent. Why The Focus Should Be On “Suitable Safeguards” in Data Protection Law’ In Gutwirth, Serge and others (eds), Reloading Data Protection: Multidisciplinary Insights and Contemporary Challenges (Springer 2014) https://doi.org/10.1007/978-94-007-7540-4_12 (accessed 8 January 2025).Google Scholar

Zard, Lex and Sears, Alan M., ‘Targeted Advertising and Consumer Protection Law in the European Union’ (2023) 56(3) Vanderbilt Journal of Transnational Law.Google Scholar

Zarsky, Tal Z, ‘Incompatible: The GDPR in the Age of Big Data’ (2017) 47(4) Seton Hall Law Review, Article 2. https://scholarship.shu.edu/shlr/vol47/iss4/2 (accessed 30 January).Google Scholar

Zenner, Kai, ‘A Law for Foundation Models: The EU AI Act Can Improve Regulation for Fairer Competition’, OECD.AI Policy Observer (23 July 2023). https://oecd.ai/en/wonk/foundation-models-eu-ai-act-fairer-competition (accessed 8 January 2025).Google Scholar

Zuiderveen Borgesius, Frederik J, ‘Personal Data Processing for Behavioural Targeting: Which Legal Basis?’ (2015) 5(3) International Data Privacy Law, 163–176. https://doi.org/10.1093/idpl/ipv011.CrossRefGoogle Scholar

Zuiderveen Borgesius, Frederik J and others, ‘Online Political Microtargeting: Promises and Threats for Democracy’ (2018) 14(1) Utrecht Law Review, 82–96. https://doi.org/10.18352/ulr.420.CrossRefGoogle Scholar

Amendments adopted by the European Parliament on 14 June 2023 on the proposal for a regulation of the European Parliament and of the Council on laying down harmonised rules on artificial intelligence (Artificial Intelligence Act) and amending certain Union legislative acts (COM(2021)0206 – C9-0146/2021–2021/0106(COD)).Google Scholar

Charter of Fundamental Rights of the European Union 2012/C 326/02.Google Scholar

Consolidated versions of the Treaty on European Union and the Treaty on the Functioning of the European Union 2012/C 326/01.Google Scholar

Council Directive 93/42/EEC of 14 June 1993 concerning medical devices, OJ 1993 L 169.Google Scholar

Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, European Treaty Series No. 108 (1981).Google Scholar

Directive (EU) 2018/1808 of the European Parliament and of the Council of 14 November 2018 amending Directive 2010/13/EU on the coordination of certain provisions laid down by law, regulation or administrative action in Member States concerning the provision of audiovisual media services (Audiovisual Media Services Directive) in view of changing market realities. OJ L 303/69.Google Scholar

Directive (EU) 2024/2831 of the European Parliament and of the Council of 23 October 2024 on improving working conditions in platform work, OJ L, 2024/2831.Google Scholar

Directive 2001/95/EC of the European Parliament and of the Council of 3 December 2001 on general product safety, OJ 2001 L 11.Google Scholar

Directive 2010/13/EU on the coordination of certain provisions laid down by law, regulation or administrative action in Member States concerning the provision of audiovisual media services (Audiovisual Media Services Directive). OJ L 95/1.Google Scholar

Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications) COM/2017/010 final – 2017/03 (COD).Google Scholar

Proposal for a Regulation of the European Parliament and of the Council laying down harmonized rules on Artificial Intelligence (Artificial Intelligence Act) and amending certain Union legislative Acts. (COM/2021/206 final).Google Scholar

Proposal for a Regulation of the European Parliament and of the Council laying down harmonised rules on artificial intelligence (Artificial Intelligence Act) and amending certain Union legislative acts – General approach. Institutional File 2021/0106(COD).Google Scholar

Proposal for a Regulation of the European Parliament and of the Council on the European Health Data Space (COM/2022/197 final).Google Scholar

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ 2016 L 119/1.Google Scholar

Regulation (EU) 2017/745 of the European Parliament and of the Council of 5 April 2017 on medical devices, amending Directive 2001/83/EC, Regulation (EC) No 178/2002 and Regulation (EC) No 1223/2009 and repealing Council Directives 90/385/EEC and 93/42/EEC, OJ 2017 L117/1.Google Scholar

Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market For Digital Services and amending Directive 2000/31/EC (Digital Services Act). OJ L 277/1.Google Scholar

Regulation (EU) 2023/988 of the European Parliament and of the Council of 10 May 2023 on general product safety, amending Regulation (EU) No 1025/2012 of the European Parliament and of the Council and Directive (EU) 2020/1828 of the European Parliament and the Council, and repealing Directive 2001/95/EC of the European Parliament and of the Council and Council Directive 87/357/EEC. OJ L 135.Google Scholar

Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence and amending Regulations (EC) No 300/2008, (EU) No 167/2013, (EU) No 168/2013, (EU) 2018/858, (EU) 2018/1139 and (EU) 2019/2144 and Directives 2014/90/EU, (EU) 2016/797 and (EU) 2020/1828 (Artificial Intelligence Act) OJ L.Google Scholar

Regulation (EU) 2024/900 of the European Parliament and of the Council of 13 March 2024 on the transparency and targeting of political advertising. OJ L 2024/900.Google Scholar

Regulation (EU) 2025/327 of the European Parliament and of the Council of 11 February 2025 on the European Health Data Space and amending Directive 2011/24/EU and Regulation (EU) 2024/284. OJ L.Google Scholar

CJEU Case C-101/01 Bodil Lindqvist [2003].Google Scholar

CJEU Case C–184/20 OT v Vyriausioji tarnybinės etikos komisija [2022].Google Scholar

CJEU Case C-219/11 Brain Products GmbH v BioSemi VOF [2012].Google Scholar

CJEU Case C-252/21 Meta Platforms Inc and Others v Bundeskartellamt [2023].Google Scholar

CJEU Case C-291/12 Michael Schwarz v Stadt Bochum: Opinion of Advocate General Megozzi delivered on 13 June 2013 Case C-291/12 Michael Schwarz v Stadt Bochum.Google Scholar

CJEU Case C-446/21 Maximilian Schrems v Meta Platforms Ireland Ltd, formerly Facebook Ireland Ltd [2024].Google Scholar

CJEU Case C-667/21 ZQ versus Medizinischer Dienst der Krankenversicherung Nordrhein, Körperschaft des öffentlichen Rechts [2023].Google Scholar

ECtHR, Case Bӑrbulescu v Romania (Application no. 61496/08), 5 September 2017.Google Scholar

ECtHR, Case Niemietz v Germany (Application no. 13710/88), 16 December 1992.Google Scholar