eBook - ePub

Privacy and Data Protection based on the GDPR

Name: Privacy and Data Protection based on the GDPR
ISBN: 9789401806787

Leo Besemer,

English
ePUB (mobile friendly)
Available on iOS & Android

eBook - ePub

Privacy and Data Protection based on the GDPR

Leo Besemer,

About this book

Information about people is becoming increasingly valuable. Enabled by new technologies, organizations collect and process personal data on a large scale. Free flow of data across Europe is vital for the common market, but it also presents a clear risk to the fundamental rights of individuals. This issue was addressed by the Council of the European Union and the European Parliament with the introduction of the General Data Protection Regulation (GDPR). For many organizations processing personal data, the GDPR came as a shock. Not so much its publication in the spring of 2016, but rather the articles that appeared about it in professional journals and newspapers leading to protests and unrest. "The heavy requirements of the law would cause very expensive measures in companies and organizations", was a concern. In addition, companies which failed to comply "would face draconian fines". This book is intended to explain where these requirements came from and to prove that the GDPR is not incomprehensible, that the principles are indeed remarkably easy to understand. It will help anyone in charge of, or involved in, the processing of personal data to take advantage of the innovative technologies in processing without being unduly hindered by the limitations of the GDPR. The many examples and references to EDPB (European Data Protection Board) publications, recent news articles and case law clarify the requirements of the law and make them accessible and understandable. "Leo's book can provide very effective support to you and your colleagues in reaching this understanding and applying it in practice." Fintan Swanton, Managing Director of Cygnus Consulting Ltd., Ireland.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.

No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.

Perlego offers two plans: Essential and Complete

Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.

Both plans are available with monthly, semester, or annual billing cycles.

We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.

Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.

Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.

Yes, you can access Privacy and Data Protection based on the GDPR by Leo Besemer in PDF and/or ePUB format, as well as other popular books in Education & Architecture General. We have over one million books available in our catalogue for you to explore.

Information

Publisher

Year

eBook ISBN

Topic

Subtopic

PART I | Privacy and data protection history and scope

In this first part of the book we look into the history of privacy and data protection law. The need for privacy has increased tremendously over the past century, fueled by advancements in technology that offer ever more opportunities to collect information about individuals. The concept of privacy as a fundamental right was only established after, and undoubtedly also as a result of, the Second World War. Chapter 1 describes how the right to privacy was incorporated in treaties and later in law, and how this ultimately led to the General Data Protection Regulation (GDPR) which is applicable law in the EU and the Member States of the European Economic Area.

We then move on to the context in which the GDPR interacts with other European law and with national law in the Member States. We sometimes tend to forget how much legislative power we have given to the EU. Based on the Treaty on the Functioning of the European Union (TFEU), however, the GDPR as a European regulation not only interacts with national law, it supersedes it.

The GDPR is very important for anyone who processes personal data on European residents in any way, but the scope of the law is not unlimited. That is what the rest of Chapter 1 is devoted to. Questions like “can we still send season’s greetings” and “what about the rowing club’s list of members” are answered there.

1 History and context

Key subjects

In this chapter we will cover:

The history of privacy as a concept;

Privacy and data protection from a legal viewpoint;

Applicable European and national law regarding privacy and data protection;

The scope of the General Data Protection Regulation.

1.1 The history of privacy and data protection

At the time our distant ancestors lived as nomads, privacy was not an issue. In fact, it was in the group’s interest to stay close at all times, to hunt together, to look out for the group and help defend it, to share food, shelter and indeed body warmth. Knowing each other intimately was important, both because of the need to trust each other’s skills and to be aware of hostile intentions, such as the continuous struggle for leadership of the group. In those circumstances, seeking isolation would be seeking danger and being banned from the group would almost certainly lead to death.

This lack of personal privacy did not really change in the ages thereafter. Poor people had little or no privacy, either because they were not free (slaves, serfs, servants, etc.) or because they lived closely together in settlements or neighborhoods where the same need for mutual help and support still existed. But the rich had hardly any privacy either, because the habits and the necessity of security required the continuous presence of many staff. Seclusion was seen as abnormal behavior. The view was that you would only seek it if you had something to hide. Only if you wanted to do something that could not bear the light of day.

The need for privacy as we know it today came up for the first time at the end of the 19th century, when newspapers appeared with extensive society pages, taking gossip to a new level. The announcement on 22 October 1882 of the engagement of Mr. Samuel D. Warren Jr. and Miss. Mabel Bayard, was a kind of starting point. Samuel Warren was a young lawyer from Boston, USA, and as such not used to being the subject of newspaper headlines. His fiancée, however, was a daughter of Senator Bayard and what we today would call a celebrity. Over the following decade, more than sixty newspaper articles appeared, describing down to the smallest detail their social life, their marriage, their family’s highlights and sad events. (Gaida 2008).

The continuing intrusive press coverage ultimately lead to an article in Harvard Law Review, written by Louis D. Brandeis and Samuel D. Warren Jr. (Brandeis 1890), which is widely regarded as the first publication in the United States to advocate a right to privacy.

“The press is overstepping in every direction the obvious bounds of propriety and of decency. Gossip is no longer the resource of the idle and of the vicious, but has become a trade, which is pursued with industry as well as effrontery. To satisfy a prurient taste the details of sexual relations are spread broadcast in the columns of the daily papers. To occupy the indolent, column upon column is filled with idle gossip, which can only be procured by intrusion upon the domestic circle.” (…)

“Recent inventions and business methods call attention to the next step which must be taken for the protection of the person, and for securing to the individual what Judge Cooley calls the right ‘to be let alone.’”

“Instantaneous photographs and newspaper enterprise have invaded the sacred precincts of private and domestic life; and numerous mechanical devices threaten to make good the prediction that what is whispered in the closet shall be proclaimed from the house-tops. (…)”

Source: (Brandeis, 1890)

In the article Warren and Brandeis advocate the necessity of law enforcing this right to be let alone and describe its boundaries as an extension of the then existing common law. At that time privacy was thought of as a relational matter, only existing in the context of home and family. At first, however, this desire to control personal information and social image, and the plea for a legal system to protect these rights, did not get much attention.

Up to and directly after World War II, state constitutions protected only aspects of privacy. Such guarantees concerned, for example, the inviolability of the home and of correspondence and the classical problem of unreasonable searches of the body. No state constitution, however, contained a general guarantee of the right to privacy. An integral guarantee protecting the more specific aspects of privacy and private life in their entirety, was unknown at the time.

1.1.1 Human rights law

1.1.1.1 Universal Declaration of Human Rights

After World War II, the UN Commission of Human Rights (UNCHR) started working on what was initially intended as an International Bill of Rights. It was one of the first attempts to make globally enforceable agreements. EU history literature (Diggelman, 2014) describes the tedious discussions between the members of the Committee, representants with very different legal and cultural backgrounds from all regions of the world. This was a time when the right of women to be treated as equals to men was hardly accepted anywhere, a time when governments all over the world had come to regard torture and inhuman treatment as acceptable means to an end.

The Universal Declaration of Human Rights (UDHR) is a milestone document in the history of human rights. The UDHR was proclaimed by the United Nations General Assembly in Paris on December 10, 1948 (General Assembly resolution 217A) as a common standard of achievements for all peoples and all nations. It sets out, for the first time, fundamental human rights to be universally protected. In its preamble the UDHR recognizes that “the inherent dignity and (…) the equal and inalienable rights of all members of the human family is the foundation of freedom, justice and peace in the world.”

The declaration explicitly defines the right to a private life and the freedoms associated with this:

No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation.

Everyone has the right to the protection of the law against such interference or attacks.

UDHR Article 12

However, the declaration also defines the right to freedom of information and expression:

Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers.

UDHR Article 19

These provisions may seem at odds, in particular where the exercise of the rights defined in Article 19 might result in an invasion of privacy, violating Article 12. This potential conflict, however, is reconciled later:

In the exercise of his rights and freedoms, everyone shall be subject only to such limitations as are determined by law solely for the purpose of securing due recognition and respect for the rights and freedoms of others and of meeting the just requirements of morality, public order and the general welfare in a democratic society.

UDHR Article 29(2)

Keeping the balance between the right to information and the rights and freedoms of individuals, however, is a challenge. A thread through the history of privacy law up to the current day.

It took another eighteen years before the United Nations in UN Assembly Resolution 217 (III) ag...

Cover
Title
Colophon
Foreword
Contents
Acknowledgements
How this book is organized
Part I | Privacy and data protection history and scope
Part II | Principles and practice of processing
Part III | International data transfers
Part IV | Risk assessment and mitigation
Part V | The supervisory authorities
Appendix A Sources
Appendix B European Data Protection Board (EDPB) Publications
Index