#EUelections – Data protection in the EU
25/04/2019
Internet is an integral part of our daily lives: 70% of European citizens use it every day. It’s a tool that allows us to do things like online shopping, apply for a job, or apply for a bank loan – actions that often require you to share personal information almost daily. However, there are many risks in using citizens’ data, such as unauthorized data disclosure, identity theft, or online abuse.
As a result, new
data protection rules have come into force since May 2018: the
General Data Protection Regulation (GDPR). This regulation
provides a set of rules for the processing by a person, firm or
organization of personal data relating to individuals within the EU1.
Thus, all companies operating in the EU, apart from their location,
must comply with a set of rules on data protection.
What are the consequences of this regulation?2
-
Companies
benefit from a level playing field -
Citizens
have greater control over their personal data (ie information
processing data such as address, first name and last name of an
identified or identifiable person)
This gives new
rights to citizens3:
-
a
right to receive clear and understandable information about the
people who is
processing
their data, what
data they
are processing
and the reason they are processing
it. -
a
right to request access to personal data -
a
right to ask a service provider to transmit your personal data -
a
right “to be forgotten” : you
can ask to delete your personnel data -
a
right to give your consent for
processing
your data -
a
right to be informed if you data is lost or stolen -
a
right to complain if your data protection rights have been violated
These
rules do not only concern businesses and citizens, but also European
institutions and agencies. In fact, in September 2018, a new
regulation on the processing of data by the EU institutions
was voted
by Parliament.
What is it about ?
It is a regulation which aims to consistently apply the common data
protection principles (such as unambiguous consent, accountability
and transparency) throughout the Union and therefore it concerns both
the institutions and bodies of the Union.
In this context, the
new rules strengthen the requirements and principles for lawful data
processing. In particular, citizens’ rights are stronger, exceptions
(ie where consent is not required) are clarified and the obligations
on data controllers are further clarified4.
The role of the European Data Protection Supervisor (EDPS), the authority responsible for ensuring that EU institutions comply with the existing data law, has been strengthened. This authority has the power to conduct investigations, offer advice and monitor compliance with the law, either on its own initiative or that of an individual or agent of a European institution. In case of infringement, it may impose fines5.
Laura van Lerberghe
1« What
does the General Data Protection Regulation (GDPR) govern? »,
https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-does-general-data-protection-regulation-gdpr-govern_en
2« 2018
reform of EU data protection rules »,
https://ec.europa.eu/commission/priorities/justice-and-fundamental-rights/data-protection/2018-reform-eu-data-protection-rules_en
3Ibidem.
4« Data
protection by the EU’s institutions »,
https://what-europe-does-for-me.eu/en/portal/2/X07_17501
5Ibidem.
L’article #EUelections – Data protection in the EU est apparu en premier sur Le portail de référence pour l'espace de liberté, sécurité et justice.
Author : EU Logos|
#Dataprotection, elections, EUelections, GDPR, Protection de la vie privée et des données personnelles |
