Editor's note
International Internet Magazine. Baltic States news & analytics
Tuesday, 19.03.2024, 03:22
Protecting Personal Data
May 2018 will go into the European history as a “day of personal data protection”: that was the utmost idea of the General Data Protection Regulation initially adopted in on 26 of April 2016.
The scope of the “protection of natural persons” is a complicated issue: suffice it to say that about one-third of the Regulation’s text (with 99 articles) is devoted to the “description of the problem” in 173 (!) points in its preamble.
As the GDPR’s preamble acknowledges “the regulation is intended to contribute to the accomplishment of an area of freedom, security and justice and of an economic union, to economic and social progress, to the strengthening and the convergence of the economies within the internal market, and to the well-being of natural persons.
On top of all this, the GDPR seeks to harmonise the protection of fundamental rights and freedoms of natural persons in respect of processing activities and to ensure the free flow of personal data among the EU states.
Most
important is the preamble’s point 6, which describes the urgency of the EU’s
actions: “Rapid technological
developments and globalisation have brought new challenges for the protection
of personal data. The scale of the collection and sharing of personal data has
increased significantly. Technology allows both private companies and public
authorities to make use of personal data on an unprecedented scale in order to
pursue their activities. Natural persons increasingly make personal information
available publicly and globally. Technology has transformed both the economy
and social life, and should further facilitate the free flow of personal data
within the Union and the transfer to third countries and international
organisations, while ensuring a high level of the protection of personal data.”
A
lot of people are still unaware of the data protection importance, e.g. about
23 per cent of Latvians don’t know anything about it.
The
Regulation’s text can be seen at:
http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679.
Important to mention that the “regulation shall be binding in its entirety and directly applicable in all EU states” (art.99).
In view of the new trends in data protection, regulators of the eight Baltic and Nordic countries signed a memorandum in Riga (24.05.2018) on cooperation in spheres of electronic communications.
Reference: http://www.baltic-course.com/eng/Technology/?doc=140278&ins_print.
Russian
comments on the Personal Data Protection Regulation can be seen at:
http://www.baltic-course.com/rus/good_for_business/?doc=140261&ins_print
Violations and
fines
Particularly
severe violations and consequent fines (GDPR, art. 83, p. 5) can be up to €20
million; in corporate cases up to 4% of their total yearly global turnover.
Less severe violations (art. 83, p. 4) can be fined for up to €10 million; in
corporate cases up to 2% of the yearly turnover. “Globally” is an important
addition: Facebook would like to avoid potentially great fines and sanctions by
“moving legal address” from Europe to California.
The
definition of the “company” can be fined in TFEU, arts. 101-102 as a “unit
which exercises a commercial activity… it can consist of one individual company
as well as of several natural or legal persons; e.g. a whole group can be
treated as one company.
More
in Intersoft Consulting at: https://gdpr-info.eu/issues/fines-penalties/
For
example, from 25.05.2018, for kids under 13 it’s becoming “problematic” to use
Facebook and/or Instagram: they (or their parents) risk of having big fines if
detected.