Origins and Historical Context of Data Protection Law

Question 1

What was the rationale for European Data Protection Law?

Answer 1

Increase of computers for communications in 1970s

Question 2

Trans-border trade

Answer 2

Balance between national concerns for personal freedom and privacy, and the ability to support free trade at European Economic Community (EEC) level
This is also where the EU gets the authority to regulate privacy (free movement)

Question 3

What does UDHR stand for?

Answer 3

Universal Declaration of Human Rights (1948)

Question 4

When was UDHR adopted?

Answer 4

1948 - after atrocities of world war 2

Question 5

UDHR acknowledges…

Answer 5

“the inherent dignity and the equal and inalienable rights of all members of the human race in the foundation of freedom, justice, and peace in the world”

Question 6

What is article 12 of the UDHR?

Answer 6

Right to privacy

Question 7

What is article 19 of the UDHR?

Answer 7

Right to freedom of information/transfer of information

Question 8

What is article 29(2) of the UDHR?

Answer 8

Sets out the circumstances in which limitations

on individual rights are permissible i.e. balancing of rights

Question 9

What does ECHR stand for?

Answer 9

European Convention of Human Rights

Question 10

Who was the ECHR drafted by?

Answer 10

Council of Europe

Question 11

When was the ECHR opened for signature?

Answer 11

1950 in Rome

Question 12

When was the ECHR entered into force?

Answer 12

1953

Question 13

What does ECtHR stand for?

Answer 13

European Court of Human Rights (aka the Strasbourg Court)

Question 14

Where is the ECtHR located?

Answer 14

Strasbourg, France

Question 15

What is the ECtHR?

Answer 15

A system of enforcement and binding decisions, that may also give advisory opinions on European Convention of Human Rights

Question 16

What is Article 8 of the ECHR?

Answer 16

The right to privacy: concerns necessity and proportionality, public interest, not an absolute right

Question 17

What is Article 10 of the ECHR?

Answer 17

Right to freedom of expression/information

Question 18

What is Article 10(2) of the ECHR?

Answer 18

Balance of freedom of expression/information and reasons to breach rights -
Necessary in a democratic society
National security
Territorial integrity
Public safety
Prevention of disorder or crime
Protection of health or morals
Protection of the reputation or the rights of others
Preventing disclosure of information received in confidence
Maintaining the authority and impartiality of the judiciary

Question 19

Between the 1960s - 1980s, countries had laws controlling use of personal information by government and large companies. National legislation didn’t adequately protect right to privacy with emerging technological advances. What recommendation was made?

Answer 19

Recommendation 509 on Human Rights and modern scientific and technological developments (Council of Europe, CoE)

Question 20

In 1973-1973, the Council of Europe made what resolutions? What did they cover?

Answer 20

Resolutions 73/2 and 74/29: principles of data protection in automated databanks

Question 21

What does OECD stand for?

Answer 21

Organisation for Economic Co-operation and Development

Question 22

What were the OECD guidelines on the protection of privacy and transborder flows of personal data?

Answer 22

to facilitate the harmonization of data protection law between countries
not legally binding
no distinction between personal info gathered electronically or not
notice or consent
specific purpose for collection
individual rights to obtain information from data controller
balance privacy and free flow of information/trade
domestic laws may have higher standards

Question 23

What is the Council of Europe convention 108?

Answer 23

For the Protection of Individuals with regard to Automatic Processing of Personal Data)

Legally binding: first binding international instrument to set standards for personal data and balance with free flow of info for int’l trade

Those using personal information have social responsibility to safeguard such personal data

Based on principles of CoE 73/22 and 74/29

Exceptions allowed for signatories when necessary measure in democratic society (e.g. state security or crim investigation) **proportionality

***FREE FLOW OF INFO AMONG SIGNATORIES b/c min level of protection

Additional Protocol addresses transfers to countries that are not signatories

Legitimate interests of the individual

In the public interest

Transfer based on contractual clauses approved by supervisory authority

Mutual assistance with supervisory authorities

Question 24

CoE Convention 108 was open to signature by…

Answer 24

countries outside Europe!
it’s still the only binding legal instrument with a worldwide scope of application in field of data protection open to any country

Question 25

When was the Data Protection Directive (95/46/EC) brought into force?

Answer 25

1995 (the European Commission called on the European Parliament in 1976)

Question 26

What do the directives in the Data Protection Directive (95/46/EC) provide?

Answer 26

Legislation only - methods of implementation are left to the member states.

Question 27

What convention is the Data Protection Directive (95/46/EC) based on?

Answer 27

Convention 108

Question 28

What was the drawback of the Data Protection Directive (95/46/EC)? How was this fixed?

Answer 28

Differences in member states led to incorrect implementation/different standards - e.g. requirement to notify local DPAs of processing details. This was fixed by GDPR.