Data protection

Data protection is a key issue in our digitally networked society. It includes protection against the improper processing and forwarding of personal data and is based on the right to informational self-determination enshrined in the German Basic Law. This right enables individuals to decide for themselves how and to what extent their data is used. Data protection also serves to protect privacy and safeguard personal rights, which underlines its great social and legal importance. Read the latest news on data protection from the Table.Briefings editorial team here! Data protection: Definition It is difficult to give a general definition of data protection. However, the central element is protection against improper data processing and forwarding. This is particularly important whenever personal data is collected. The protection of data is based on the right to informational self-determination enshrined in the German Basic Law. This means that people can decide for themselves what happens to their data. Data protection measures also serve to protect privacy and respect personal rights. Data protection is often equated with cyber security, but both are in fact pillars of a modern data strategy. However, data protection refers less to the unauthorized use of data by hackers and cybercriminals than to the misuse of data. Why is data protection important? The use of digital technologies is generating ever larger volumes of data. At the same time, it is becoming easier and easier to misuse this data, so clear protective measures are needed. It seems tempting for companies to use collected data to market their services and products to specific target groups. However, if this is done without explicit consent, the right to self-determination of individuals is violated. In the digital age, data protection is subject to constant change in technical processes. Data protection news is therefore on the digital policy agenda. Data protection in Germany was recently supplemented by an amendment to the Federal Data Protection Act (BDSG 2018). Fundamental rights of data protection in Europe EU data protection law is based on Article 8 of the Charter of Fundamental Rights of the European Union. In addition to basic civil liberties, it explicitly states the right to the protection of personal data. It also mentions that data may only be collected with prior consent. It also states that data may only be collected for predetermined purposes. According to the charter, these regulations are to be monitored by an independent body. The core element is therefore that individuals have stronger rights to their data. At the same time, more control and transparency apply to data processing. The 99 articles of the GDPR regulate all the details based on this in eleven chapters. This makes the GDPR one of the most complex regulations in European digital policy. It therefore requires constant, precise analysis and assessment. Data Protection Committee and Data Protection Officer in the EU An important pillar of data protection in the EU is the establishment of a Data Protection Committee. This acts as an independent European body in accordance with the Charter of Principles. It is made up of the national data protection authorities and the European Data Protection Supervisor. The main tasks of the Data Protection Board are to provide law enforcement powers and advice on draft legislation. The European Data Protection Supervisor is more specifically concerned with the correct application of data law and data protection regulations. Financing data protection in Europe Data protection in the EU is financed as part of the "Rights, Equality and Citizenship" program. In addition to combating social inequality and discrimination, the program also provides for the strengthening of data and consumer protection. Six years and a budget of EUR 439 billion have been earmarked for this. Data protection in the EU: GDPR Since May 2018, the European Union has been regulating data protection in the EU by means of a new data protection regulation. The paper, which is over a hundred pages long, is called the General Data Protection Regulation (GDPR). This regulation primarily strengthens the fundamental rights of EU citizens. This means a greater say in how personal data may be processed. At the same time, the GDPR sets out clear rules on which guidelines companies must comply with in the digital single market. Previously, the data protection laws of the individual member states in the EU were inconsistent. Data protection in Europe is therefore significantly standardized by the GDPR. At the same time, there are still national bodies that are specifically responsible for the regulations in the member states, e.g. data protection in Germany. The extent to which data protection is satisfactorily regulated under the GDPR is evaluated by the EU Commission every four years. Data protection and the Data Governance Act The Data Governance Act in Europe serves as the framework for handling data, including data protection. This is where the EU determines how data management and data exchange will be organized in the future. With uniform guidelines on the use of data, the EU Commission wants to enable the use of artificial intelligence and big data technologies in particular. The Data Governance Act (DGA) supplements the existing guidelines of the General Data Protection Regulation (GDPR). The DGA also regulates the possibilities for the joint use of data. Data protection is to be ensured through certain protective measures such as anonymization and pseudonymization.