EU Privacy Laws Flashcards
(42 cards)
What does Article 12 of the Human Rights Declaration (UDHR) state?
No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, Nor to attacks upon his honour and reputation: Everyone has the right to the protection of the law against such interference or attacks.
What does Article 19 of the Human Rights Declaration (UDHR) state?
Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers.
Which UDHR (Human Rights Declaration) provision states that individual rights are not absolute and a balance must be struck?
Article 29(2) - In the exercise of his rights and freedoms, everyone shall be subject only to such limitations as are determined by law solely for the purpose of securing due recognition and respect for the rights and freedoms of others and of meeting the just requirements of morality, public order and the general welfare in a democratic society.
When was the ECHR entered into and whom does it apply too
3 Sept 1953
All Council of Europe member states.
What is the system of enforcement for the ECHR?
European Court of Human Rights in Strasbourg
On 1 Nov 1998, restructured as Court of Human Rights
What is art 8 of the ECHR
Everyone has the right to respect for his private and family life, his home and correspondence.
There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety, or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.
What is Article 10 of the ECHR
Everyone has the right to freedom of expression. This right shall include freedom to hold opinions and to receive and impart info and ideas without interference by public authority and regardless of frontiers.
Also qualified.
What do OECD principles have a similarity with?
CoE Convention for The Protection of Individuals with regard to Automatic Processing of Personal Data.
Does the OECD principles include both automated and non-automated data?
Yes
When did Convention 108 (Convention for the Protection of Individuals with regard to the Automatic Processing of Personal Data?
Opened for signature to the member states of the Council of Europe 28 Jan 1981
What was the first legally binding international instrument in the area of data protection?
Convention 108
How does Convention 108 differ from the OECD Guidelines?
Requires signatories to take necessary steps in their domestic legislation to apply the principles it Lays down with regard to processing personal information.
What does Convention 108 consist of?
Substantive law provisions in the form of basic principles (Chap II)
Special rules on trans-border data flows (Chapter III)
Mechanisms for mutual assistance (Chapter IV) and consultation between the parties (Chapter V)
What are special categories of data under Convention 108?
Personal information that reveals racial origin, political opinion or religious or other beliefs, as well as personal data that concerns health or sexual life or criminal convictions may not be processed automatically unless domestic law provides appropriate safeguards.
When implementing Convention 108, what exception can signatories add?
Only when this is a “necessary measure in a democratic society” (I.e. state security or criminal investigation)
What does Article 12 of Convention 108 state?
Where transfers of personal info are made between signatories of Convention 108, those countries shall not impose any prohibitions or require any special authorisation for the purpose of the protection of privacy before such transfers can take place.
What is the Additional Protocol?
Opened for signature in 2001. Provided a measure for transfer of personal info to non signatory countries by introducing an “adequate” standard.
When is derogation from Convention 108 permitted?
Permitted only where the exporting country has in place specific rules in its national law for certain categories of personal data or of automated personal data files and the importing country does not provide equivalent protection or where the transfer is provided to a non-party
When was the Charter of Fundamental Rights signed?
7 Dec 2000, came into binding legal effect December 2009 (when the Treaty of Lisbon came into force)
What provisions of this the Charter of Fundamental Rights reflects ECHR Articles 8 and 10?
Articles 7 and 10
What is Art 8 of the Charter of Fundamental Rights?
(1) Right to the protection of personal data concerning him or her;
(2) Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified.
(3) Compliance with these rules shall be subject to control by an independent authority.
What does any limitation to these rights must be in accordance with?
Art 52, which mirrors the limitations based on necessity and proportionality contained in the ECHR
When was the Treaty of Lisbon signed?
1 Dec 2009 (same date when the Charter of Fundamental Rights came into effect)
When did LEDP come into effect
5 May 2016 - member states have until 6 May 2018 to transpose the LEDP Directive into national law
