Module 1: Data Protection Laws Flashcards

1
Q

Universal Declaration of Human Rights

A

1948

United Nations General Assembly

Nonbinding.

Article 12: human right to privacy
Article 19: Right to free speech
Article 29(2): 12 & 19 not absolute and should be balanced

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

European Convention on Human Rights

A

1953

Council of Europe

International Treaty
Enforced by ECHR

Article 8: Privacy 
Article 10: freedom of expression and sharing info across national boundaries 
Article 10(2): Balance 

Required member state ratification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Treaty of Rome

A

1958

Allowed the Data Protection Directive to be setup as a harmonizing measure

Enriched free trade

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

OECD Guidelines

A

1980 - Updated in 2013

Aimed to facilitate data flows and protect personal data in a global economy

Most widely recognized framework for fair information practices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the 8 OECD Principles?

A
  1. Collection limitation
    1. Data quality
    2. Purpose specification
    3. Use limitation
    4. Security safeguards
    5. Openness
    6. Individual participation
    7. Accountability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Convention 108

Council of Europe Convention

A

Council of Europe

  • Differs from OECD because it requires signatories
  • Principles must be applied in domestic legislation

Enforced by ECHR

Governs international data transfers (along with GDPR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

First data protection instrument for several Council of Europe member states

A

Convention 108

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

EU Data Protection Directive (95/46/EC)

A

European Commission

Set out general data protection principles and obligations, requiring EU member states to transpose and implement them.

Differed across member states

Formed the Article 29 Working Party

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Charter of Fundamental Rights of the EU

A

2000

European Union Institutions

Comprehensive collection of individual’s rights including the fundamental right to the protection of personal data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Ecommerce Directive

Directive 2000/31/EC

A

2000

Issues relating to personal data are outside of its scope

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

e-Privacy Directive

EU Directive on Privacy and Electronic Communications

A

2002

Legally binding on EU member states
Requires local implementation.

Generally applies to processing of personal data through public electronic communications services and networks in the EU.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

EU Data Retention Directive (2006/24/EC)

A

2006

Annulled in 2014 by the Court of Justice of the EU

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Treaty of Lisbon

A

2009

To strengthen and improve the core structures of the EU and help it function more efficiently.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Gave the Charter of Fundamental Rights of The EU full legal effect in the EU.

A

Treaty of Lisbon

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

General Data Protection Regulation (GDPR)

A

Became law in 2016
Replaced the Data Protection Directive and became enforceable on 25th of May 2018.

Directly applicable and enforceable by law
Provides one set of data protection rules for all
Allows member states a degree of tailoring

Forms the European Data Protection Board (EDPB)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the 7 Principles of the GDPR?

A
  1. Lawfulness, Fairness and Transparency of Processing
  2. Purpose Limitation
  3. Data Minimization
  4. Accuracy
  5. Storage Limitation
  6. Integrity and Confidentiality
  7. Accountability
17
Q

Convention 108+

A

2018

A version of convention 108 overhauled to align with the GDPR, signed by 20 states of the Council of Europe including the UK.

According to the European Commission it serves as a means for 3rd countries (those outside of the EU) to adopt the basic tenets of the GDPR.

18
Q

The CoE Convention

A

The Council of Europe Convention for the Protection of Individuals with Regard to the
Automatic Processing of Personal Data of 1981

19
Q

The EU Directive on Electronic Commerce (2000/31/EC)

A
20
Q

European data retention regimes

A