The first steps of a revolution with a set date (25 May 2018): the “new” General Data Protection regime

regulation-3246979_1280

by Pedro Madeira Froufe, Editor


1. Homo digitalis[i] is increasingly more present in all of us. It surrounds us, it captures us. Our daily life is digitalising rapidly. We live, factually and considerably, a virtual existence… but very real! The real and the virtual merge in our normal life; the frontiers between these dimensions of our existence are bluring. Yet, this high-tech life of ours does not seem to be easily framed by law. Law has its own time – for now barely compatible with the speed of technologic developments. Besides, in face of new realities, it naturally hesitates in the pursuit of the value path (therefore, normative) to follow. We must give (its) time to law, without disregarding the growth of homo digitalis.

2. Well, today (25 May 2018) the enforcement of Regulation 2016/679 (GDPR) begins. Since 25 January 2012 (date of the presentation of the proposal for the Regulation) until now the problems with respect to the protection of fundamental rights – in particular the guarantee of personal data security (Article 8 CFREU) – have been progressively clearer as a result of the increase in the digital dimension of our lives. Definitely, the personal data became of economic importance that recently publicized media cases (for example, “Facebook vs. Cambridge Analytics”) underline. Its reuse for purposes other than those justifying its treatment, transaction and crossing, together with the development of the use of algorithms (so-called “artificial intelligence” techniques) have made it necessary to reinforce the uniform guarantees of citizens, owners of personal data, increasingly digitized.
Continue reading “The first steps of a revolution with a set date (25 May 2018): the “new” General Data Protection regime”

Editorial of June 2016

 

6914441342_775b4ab9a7_o

by João Marques, Lawyer and member of the 
Portuguese Data Protection National Commission

The right to be remembered – Directive 95/46/CE begins its twilight and makes way for the new General Data Protection Regulation (GDPR)

It was on May the 4th that the EU paradigm regarding personal data protection started to write its chapter in the common book of legal unification. As the Regulation (EU) 2016/679 [together with Directive (EU) 2016/680] finally got published in the Official Journal of the EU, a new era is jumpstarted. The first “victim” of the new paradigm is the old Directive 95/46/CE, which for the past 20 years has served European citizens honourably.

Although it faced a challenging task, Directive 95/46/EC was generally capable of protecting EU citizens against the predatory instincts of our world regarding their personal data. A suitable testament in this regard is the fact that the principles enshrined in Chapter 2 of the Directive have been, for the most part, kept almost unchanged. Lawful processing, purpose specification and limitation, data quality, fair processing and accountability remain as the bedrock of data protection under the new legal framework.

As ever, the CJEU case-law has been of paramount importance in the consolidation of a European perspective in which the citizen’s fundamental rights are at the forefront of the Union’s responsibilities, with the recent case C-362/14 (Schrems V. Data Protection Commissioner and Digital Rights Ireland Ltd) being yet another example of the approach for which the court is well known.

Continue reading “Editorial of June 2016”