Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

European Data Protection CIPP E > Data Protection Laws (1) > Flashcards

Data Protection Laws (1) Flashcards

1
Q

What is the Council of Europe and how many members does it have?

A

International organization
46 member states

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the 2 privacy laws under the Council of Europe?

A
  1. European Convention on Human Rights (ECHR)
  2. Convention 108 (first legally binding international instrument in data protection)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the European Union?

A

Economic and Political union
27 member states

(not Switzerland or UK)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the 6 privacy laws under the EU?

A
  1. Charter of Fundamental Rights of the EU
  2. Treaty on the Functioning of the EU
  3. Lisbon Treaty (improved the TFEU)
  4. General Data Protection Regulation (GDPR)
  5. ePrivacy Directive (communications)
  6. national data protection laws across Europe
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the European Economic Area (EEA)?

A

EU countries (27)
+
3 (Iceland, Norway, Liechtenstein)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the European Free Trade Association (EFTA)?

A

trade agreement
all EU + EEA + Switzerland

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which countries does the GDPR apply to?

A

All EU countries (27)

not UK or Switzerland

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the Court of Justice of the EU?

A

Judicial body of the EU
Decides and enforces EU law

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which court hears cases on data protection as brought by national courts and the EU Commission against member states?

A

Court of Justice of the EU (CJEU)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Does the European Court of Human Rights hear data protection cases?

A

Yes

if they related to Article 8 of the European Convention on Human Rights (ECHR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What was the ruling in the Google Spain v. AEPD and Mario Costeja Gonzalez case?

A

Google Spain must remove links to the Vanguardia articles reporting the bankruptcy

  1. information was not up to date and
  2. the right to be forgotten
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What was the intention of the OECD Guidelines?

A

Principles around the protection of data

Facilitate free transfer of data with common data protection guidelines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the 7 data protection principles under the OECD Guidelines?

A
  1. Openness
  2. Individual Participation
  3. Security
  4. Accountability
  5. Collection and Use Limitation
  6. Purpose Specification
  7. Data Quality
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the Convention 108, and why was it created?

A

First legally binding international instrument in the field of data protection

Created to achieve greater unity and extend privacy protection across borders

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the EU Data Protection Directive?

A

A directive to add data protection to national legislation for EU member states

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the e-commerce directive?

A

Legal issues particularly in electronic commerce (digital marketing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Why was the ePrivacy Directive created?

A

to protect personal data and privacy given advancements in digital technologies introduced in public communication networks

need for consistent and equal protections regardless of technology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What was the purpose of the Treaty of Lisbon?

2007

A

Strengthen the structures of the European Union
Made the Charter of Fundamental Rights binding

19
Q

What is the GDPR?

A

A regulation that directly applies to all EU member states

20
Q

What are the EU legislative institutions?

A
  1. European Commission - implements EU decisions and policies, propose legislation
  2. Council of the EU - legislative decision-making (represent their own countries)
  3. European Parliament - legislative development (directly elected)
21
Q

What is the co-legislation procedure for EU governance?

A
  1. European Commission proposes legislation
  2. Council of the EU and European Parliament agree on legislation to turn into EU law
22
Q

Which body implements EU decisions and policies?

A

European Commission

23
Q

Which body defines EU priorities and sets political direction?

A

EU Council

24
Q

Which bodies are engaged in legislative decision-making?

A

Council of the EU
European Parliament

25
Q

What are the four responsibilities of the European Parliament?

A
  1. legislative development
  2. supervisory oversight of other institutions
  3. democratic representation
  4. development of the budget
26
Q

What is the difference between the Data Protection Directive and GDPR?

A

Directive: ordered member states to implement data protection into local law

GDPR: applicable and enforceable as law in every EU member state, allows for local clarifications or exceptions

27
Q

Does the ePrivacy Directive apply to private communication channels such as company intranet?

A

No

(although principles of Directive still apply if personal data are processed)

28
Q

The European Convention on Human Rights is a product of which institution?

A

The Council of Europe

29
Q

What is the role of the European Parliament?

A

engaged in legislative development

30
Q

What is the difference between the European Council and the Council of the EU?

A

European Council: heads of state of EU countries and EC presidents and High Representative. Defines EU’s priorities and sets political direction

Council of the EU: one minister from each member state based on policy issue to be discussed. Conducts legislative decision-making with Parliament

31
Q

What is the name of the first legally binding international instrument in data protection in the EU?

A

Convention 108

Two reasons:
1. member states failure to respond to previous resolutions concerning protection of privacy and
2. need for binding international instrument to reinforce principles in previous resolutions

32
Q

What are 3 reasons Convention 108 is noteworthy?

A
  1. Based on principles
  2. Recognizes importance of free flow of information
  3. Requires member states to enact national legislation
33
Q

Why did the European Commission propose a Data Protection Directive following Convention 108?

A

member states were taking a fragmented approach to implementation and privacy protection was inconsistent

34
Q

In GDPR, what are articles versus recitals?

A

articles = operative law

recitals = detail about how to interpret article

35
Q

How does GDPR differ from the Directive?

A
  1. directly applicable across all member states without further intervention
  2. strengthens consent in relation to data use
  3. provides new and stronger rights to data subjects
  4. introduces accountability responsibilities
  5. imposes compliance obligations on processors
  6. expands range of measures to legitimize transfers
  7. places security obligations on both controllers and processors
  8. affords individuals right to compensation and judicial remedies
36
Q

What are the 3 objectives of the new rules in the LED (Law Enforcement Directive)?

A
  1. better cooperation between law enforcement authorities
  2. better protection of citizen data
  3. clear rules for international data flows
37
Q

What is the scope of the ePrivacy Directive?

A

processing of personal data in connection with the provision of publicly available electronic communication services in public communication networks in the EU

38
Q

What are the 6 key provisions of the ePrivacy Directive?

A
  1. appropriate technical and organizational measures to safeguard security
  2. ensure confidentiality of communications and traffic data
  3. most forms of digital marketing require opt-in consent
  4. processing of traffic and billing data subject to restrictions
  5. location data may only be processed if anonymous or with consent
  6. subscribers must be informed before being included in a directory
39
Q

What was the most relevant update to the ePrivacy Directive regarding breaches?

A

mandatory notification for personal data breaches by electronic communication service providers to authority and individual

40
Q

How was the ePrivacy Directive amended regarding cookies?

A

storing of information or the gaining of access of information already stored in the terminal equipment of a user is only allowed if user has given consent having been provided with clear and comprehensive information

41
Q

Are EU Directives binding?

A

only in terms of final result to be achieved

forms and methods of implementation are left to member states

42
Q

What were the first rules to balance personal freedom with restrictions of rights?

A

The Universal Declaration of Human Rights of the United Nations

The European Convention on Human Rights (ECHR)

43
Q

What are the 3 mechanisms that data can be transferred out of the European Economic Area (EEA)?

A

1) adequacy findings,
2) appropriate safeguards,
3) under specific derogations

44
Q

What was the goal of the Convention 108, OECD Guidelines and Data Protection Directive?

A

harmonize the approach to data protection

agree on principles and leave implementation to member states

European Data Protection CIPP E (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions