Data Protection explained for laymen

A growing risk attached to internet proliferation is misuse of data.
The vast amounts of data collected and stored, largely by people who have no reason to hold this data is a huge problem of itself as it is frequently stolen and or sold or misused, but the natural borders between trading blocks such as China, USA and Europe as an example amplifies the problem much further.

Given that most of the major internet services outside of China such as search and social media are owned and run in the US, this is a huge problem for citizens of these other nations whose own law has no jurisdiction.  This means that citizens can not be protected from exploitation by not just busienss and foreign governments but from crooks either. For this reason trading agreements are being agreed and major amounts of international trade will rely on the agreements being adhered to.  The GDPR is a beacon of light showing the world the right direction, but more will undoubtedly be needed.

If you are trading outside the EU trading block and you want to collect data form customers within the block you will need to be fully compliant with GDRP and failure could result in millions of euros in fines,

Even before the Internet, large companies and governments were strictly regulated in what they could do about collecting , managing and using personal data about individuals.
In the UK the Data Protection act 1998 has governed this area. In the USA you have further Information Privacy law  and in Europe you have major reforms on the way in the form of GDPR to the Current legal framework

 

On 4 May 2016, the official texts of the Regulation and the Directive have been published in the EU Official Journal in all the official languages. While the Regulation will enter into force on 24 May 2016, it shall apply from 25 May 2018. The Directive enters into force on 5 May 2016 and EU Member States have to transpose it into their national law by6 May 2018.

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) 

Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA

Factsheets

Mythbuster: The Court of Justice of the EU and the “Right to be Forgotten”pdf(3 MB)

Choose translations of the previous link

Commission Proposals on the data protection reform: legislative texts

Public consultationPublic opinion surveys

The “Explained series” is planned to build into a trustworthy collection of explanations and commentaries that can be trusted to tell the story straight without any bias and attempt to make the subjects accessible to the layman. The latter is not always easy as some of these terms refer to genuinely complex subject matter, while others are simply too vague to pin down (there’s another word for that).
If you want an answer on something and you can’t find it easily, please use the comments section to just ask and I will appreciate not having to research the next topic.

About the author