GDPR. History

in #gdpr6 years ago

gdpr-new.jpg

Let's try to explain what is GDPR... So, I'll try to write some posts, some are more prepared/documented than others, sorry, I'm not an expert, just somebody that must work with this.

GDPR (Global Data Protection Regulation) is an EU law that applies to all companies that manages, transfers or uses personal data of an EU-citizen (Just to be brief), but, how have we reached this point? I assisted a webinar (sorry, not remember which) that first explained the origins and I'm going to tell you, where does this regulation comes from, and how it evolved, in future posts I'll go deeper in the regulation itself, now, a piece of history.

At the beginning... there was light... oh, well, not exactly, but it started on January 28th of 1981 with the treaty regarding the protection of individuals with regard to automatic processing of personal data that was signed at the 108th Council of Europe Convention and went into effect on October 1st 1985, more than 4 years to adapt to it. All members of the Council of Europe (47 members) ratified the treaty, only Turkey did not.

Once that regulation went into effect had some impact on companies, but it was to be updated, so on October 24th 1995, the European Data Protection Directive (officially named: Directive 95/46/EC - on the protection of individuals with regard to the processing of personal data and on the free movement of such data) was created as an essential part of the EU privacy and human rights law. The directive came into total effect on December 13th 1995 and required all EU member states to implement the corresponding provisions in national law by, latest, October 24th 1998.

Things were more "normal" for a long period of time, but, on December 1st, 2009: The Article 29 Working Party (WP29) and the Working Party on Police and Justice (WPPJ) released a paper named “Future of Privacy” as a response to the invitation for consultation by the European Commission, mainly due to the new challenges for personal data protection. With this, the main principles of data protection developed until then are considered still valid despite the new technologies and globalisation of companies and processes. However, the paper highlights that the level of data protection in the EU can benefit from a better application of the existing data protection principles in practice and modernization of the legal framework. With this, every country developed their own data protection law, with the same very basic guidelines, so, there were several different laws, leaving it not easy for international companies.

The German European Parliament Axel Voss; the Committee for Civil Liberties, Justice and Home Affairs (LIBE), on June 22nd, 2011 adopted a proposal on 'A comprehensive approach to personal data protection in the EU' as a reaction to the communication from the Commission on the future of European Data Protection Law. The main topic is the amendment of the existing Data Protection Directive 95/46/EG from 1995 (16 years with all the technology evolution).

At the opening session of the 35th Privacy Conference of the German Association for Data Protection and Data Security (GDD) on November 17th 2011, Paul Nemitz, Director for Fundamental Rights and Citizenship of the European Commission, announced to everybody that the European Commission is planning to implement a Regulation that is directly applicable to all EU Member States, to harmonize data protection laws in Europe and avoid different Data Protection laws in Europe and focus in the emerging technologies.

During 2012 there was a lot of movement regarding this new regulation/reform or update of the previous regulation, there were topics like.

  • Article 29 Data Protection Working Party published its Opinion 01/2012 as initial input on the data protection reform discussion which welcomes the reinforcement of the position of data subjects
  • The U.S. had been really very active in trying to amend/slow the draft legislation to protect the interest of US companies operating in the EU and as a consequence of this pressure it is clear that the text proposed by the Commission was significantly modified from the original intention.
  • ...

On March 12, 2014 the GDPR was voted at the European Parliament in plenary with 621 votes in favor, 10 against and 22 abstentions. Following the European Parliament vote, progress on EU data protection reform which is assumed to ensure more effective control of people over their personal data is considered irreversible. Note that the final text was voted and accepted in December 2015 and published in 2016, to be fully effective on May 25th, 2018.

There are more dates about proposals, meetings and announcements, but I think those are the most important, as you'll see the intention to unify the Data protection law at the EU area, and proteft the EU citizens

First post of the GDPR, next, will be about the regulation.

EU-GDPR-new-1.jpg

#data #protection #regulation #history
6 years ago in #gdpr by
$1.06
  • Past Payouts $1.06, 0.00 TRX
  • - Author $0.82, 0.00 TRX
  • - Curators $0.24, 0.00 TRX
3 votes
Reply 1

Coin Marketplace

STEEM 0.20
TRX 0.12
JST 0.028
BTC 64320.49
ETH 3506.40
USDT 1.00
SBD 2.54