Detailed notes about the GDPR. Explanation of fundamental principles and rules for processing data. What is the GDPR for? What are the specific sections of the GDPR? What are the values and rationale of data protection laws?
History
The Advisory Committee on Automated Personal Data Systems
in the Department of Health, Education and Welfare’
acknowledged in their paper, ‘Records, Computers, and the
Rights of Citizens’ 1973:
“Computers linked together through high-speed
telecommunications networks are destined to become the
principal medium for making, storing, and using records about
people.”
- In 1980 the OECD issued the Recommendations of the
Council Concerning Guidelines Governing the Protection of
Privacy and Trans-Border Flows of Personal Data
- Council of Europe Convention for the Protection of
Individuals with regard to Automatic Processing of
Personal Data (Convention 108 is a Council of Europe
Treaty)
- Directive 95/46/EC on the protection of individuals with
regard to the processing of personal data and on the free
movement of such data
- Regulation 2016/679 on the protection of natural persons
with regard to the processing of personal data and on the
free movement of such data, and repealing Directive
95/46/EC
Values and Rationale of Data Protection Law
Article 1 GDPR: Subject matter and objectives
1. This Regulation lays down rules relating to the protection
of natural persons with regard to the processing of
personal data and rules relating to the free movement of
personal data.
2. This Regulation protects fundamental rights and freedoms
of natural persons and in particular their right to the
protection of personal data.
3. The free movement of personal data within the Union shall
be neither restricted nor prohibited for reasons connected
with the protection of natural persons with regard to the
processing of personal data.
Article 2: Material scope
, 1. This Regulation applies to the processing of personal data
wholly or partly by automated means and to the
processing other than by automated means of personal
data which form part of a filing system or are intended to
form part of a filing system.
Relationships between the data controller, processor and
subject are governed by the GDPR. Articles are binding and
recitals can be used as guiding text for interpretation.
‘Personal data’ means any information relating to an identified
or identifiable natural person (‘data subject’); an identifiable
natural person is one who can be identified, directly or
indirectly, in particular by reference to an identifier such as a
name, an identification number, location data, an online
identifier or to one or more factors specific to the physical,
physiological, genetic, mental, economic, cultural or social
identity of that natural person.’
Recital 26 says that: “to determine whether a natural person is
identifiable, account should be taken of all the means
reasonably likely to be used, such as singling out, either by the
controller or by another person to identify the natural person
directly or indirectly. To ascertain whether means are
reasonably likely to be used to identify the natural person,
account should be taken of all objective factors, such as the
costs of and the amount of time required for identification,
taking into consideration the available technology at the time
of the processing and technological developments.”
Data Protection Principles (cumulative)
a. Data should be processed, transparent, fairly, and
lawfully;
b. Collected for specified, explicit and legitimate purposes
and not further processed in a way incompatible with
those purposes. Exception for archiving purposes in the
public interest, scientific or historical research;
c. Adequate, relevant, and limited to what is necessary in
relation to the purposes for which they are collected
and/or further processed;
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller emilyknight. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $3.75. You're not tied to anything after your purchase.
