Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D11.1: Collection of Topics and Clusters of Mobility and Identity – Towards a Taxonomy of Mobility and Identity
Introduction to the European Legal Framework on Data Protection
As Solove et al. have mentioned (2006, p.1) “we live in a world shaped by technology and fuelled by information”. Indeed, as networks become more sophisticated and ubiquitous, the citizens are increasingly using their offered services in several aspects of everyday life such as business, education, information, entertainment etc. However, this growing use of telecommunication networks and technologies has brought the importance of the protection of data, resources and identities to the fore. The deployment of technologies that may cause significant harm to the citizens’ right of privacy – RFID tags, biometrics, GPS and Location Based Services to name a few-, has raised far-reaching questions about the future of the private sphere and the informational self-determination of the users.
Central to this debate is the role of law. Legislative initiatives have already been taken so as to guarantee the right of citizens’ privacy in an era of pervasive technological architectures. In this chapter, we present an overview of the European regulatory framework regarding the protection of privacy. The reader will also be introduced to the relevant legal terminology as well as the basic principles regarding the use of personal identifiable information. A general approach has been favoured instead of a narrowed and case-specific one, so as to facilitate the reader to understand the key concepts of the relevant legislative framework. Although specific references to the use of mobile technology are explicitly made in specific cases such as the use of traffic data or location based services, this chapter shall be rendered as an introduction to the general taxonomy of data protection legislation in the European Union
As a starting point, the fundamental right to privacy is recognised in article 8 of the European Convention of Human Rights and Fundamental Freedoms which stipulates that everyone has the right to respect for his/her private and family life, home and correspondence. With the advent of new technologies however, the notion of correspondence, has acquired a wider perspective, and it has come to contain, in addition to its traditional meaning, any type of point-to-point communication realised through an electronic communications network. It follows that the notion of mobile communications networks is also covered by the scope of the article, being a genus specialis of electronic communications networks.
Important for the completion of the data protection regulatory framework are the initiatives taken by the Council of Europe. On 28.01.1981 the Council of Europe adopted the Convention for the protection of individuals with regard to automatic processing of personal data (Convention nr. 108) and on 08.11.2001 it adopted the Additional Protocol to the aforementioned Convention, regarding supervisory authorities and transborder data flows.
In the field of European Union law, the Charter of Fundamental Rights of the European Union (hereinafter EU Charter) provides for the respect for private and family life (Art.7) and the protection of personal data (Art.8), while two directives have been adopted to guarantee efficient data protection.
The Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter called ‘Data Protection Directive’) pursues two closely linked objectives: to lay down specific rights of the individual on his/her personal data but also to ensure that such data can move freely within the single market created between the Member States of the EU.
A second, sector specific Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (hereinafter called ‘ePrivacy Directive’) translates the data protection principles of the general Data Protection Directive into specific rules for the electronic communications sector, regardless of the medium used. This directive regulates issues, such as confidentiality of communications, status of traffic data, use of location based services, and unsolicited communications and therefore it should be taken into consideration, along with the relevant working documents and opinions of the Data Protection Working Party of Article 29 of the Data Protection Directive.
Denis Royer | 29 / 58 |