Data Protection Day: the Most Important Facts About Data Protection in Europe and in Lithuania in 2014

Posted by: raminta 9 years, 9 months ago

(0 comments)

Every January 28th, Europe marks the Data Protection Day which aims to raise awareness about the importance of protecting personal data.

Last year was very important for the data protection in Europe, hence, on this occasion, I and the Human Rights Monitoring Institute have prepared a short review of ten of the most important facts.

1. The European Parliament has agreed on the Data Protection Reform

On March 12th, after two years of discussions, the European Parliament voted for the Data Protection Reform proposed by the European Commission in the early 2012. Currently the Council of the EU is negotiating on this proposal and it is expected that the agreement will be reached and the reform will be confirmed before the end of this year or before the begining of 2016. More info

2. The EU Data Retention Directive declared to be invalid

On April 8th, the European Court of Justice (ECJ) in the case Digital Rights Ireland v. Ireland ruled that the Data Retention Directive is not compliant with the EU law. According to the court, this directive interferes in a particularly serious manner with the fundamental rights to respect for private life and to the protection of personal data and infringes the principle of proportionality. More info

3. The ECJ confirmed the right to be forgotten on the Internet

On May 13th, the ECJ in the case Google v. Spain declared that data subjects have the right to request and to obtain the de-listing of links to web pages, published by third parties and containing information relating to them, from the list of results displayed following a search made on the basis of a person’s name. Search engine operators are data contollers and their activities have to be compliant with the EU law even when they are not established in the EU. The Article 29 Data Protection Working Party released the Guidelines explaining the implementation of this ruling.

4. The European Parliament expressed doubts about the collection of data by the NSA

On March 12th, the European Parliament agreed on the Resolution condemning the vast and systemic blanket collection of the personal data of Europeans that the NSA has performed. Therefore, the Parliament urged the European Commission to amend the Safe Harbour agreement with the U.S. The Commission has drafted 13 recomendations amending ths agreement which are currently being negotiated with the U.S.

5. The case Europe v. Facebook has reached European courts

The largest privacy class action in Europe, led by the Austrian lawyer and activist Max Schrems, was initiated before Austrian courts on the 31st of July. Max Schrems together with 60.000 Facebook users are claiming for 500 € each for the damages which appeared because of data protection violations. On April 9, the Vienna Regional Court is set to deal with the admissibility of the case in a first hearing. More info

6. The Article 29 Working Party published the Opinion on the Recent Developments on the Internet of Things

This Opinion explains how the EU data protection rules should be applicable to the Internet of Things. According to the Party, users should have a complete possibility to control their data and the manufacturers of devices should get the consent and inform the users about processing, transition and storage of their data.

7. Google was fined for data protection violations in Italy and France

The Italian DPA, Garante della Privacy, imposed a fine of 1,000,000 € to Google for the data protection violations committed in 2010 when the Google Street View cars were driving throughout Italy without being recognizable. Whilst the French DPA, CNIL, fined Google a sum of 150,000 € because of the new privacy policy allowing Google to track users when they were using such Google services as Search, Gmail and YouTube since 2012. More info

8. The Cyber Security Law was adopted in Lithuania

On December 11th the Lithuanian Parliament, Seimas, adopted the Law on Cyber Security. The Article 12 allows the police to collect, analyse and evaluate information about possible cyber security crimes and to oblige the service providers to retain data about users for up to 90 days.

9. It was proposed to allow the State Tax Inspectorate to acquire more data about tax payers without a court order

The Lithuanian Government drafted an amendment to the Law on the Administration of Taxes which would oblige financial institutions (banks, credit companies, etc.) to give access to the whole information about their customers. Currently only the information about opened closed accounts is accessible to the Inspectorate without the court order.

10. The Ministry of Justice proposed to change the personal number into a sequence of random numbers

The Ministry of Justice drafted the Law on Residents' Register which would change the way in which the personal number is created: it should consist of eleven random numbers. Currently the personal number consists of numbers identifying the gender and the date of birth.

This article has been prepared and published in cooperation with the Human Rights Monitoring Institute, a Lithuanian NGO defending human rights. It was also published on the website of the Lithuanian Data Protection Authority.

Image courtesy of rosefirerising, Flickr.com

• ← 10 svarbiausių įvykių duomenų apsaugos srityje 2014 metais: Europa ir Lietuva
• Kol „Didysis brolis“ mus stebi, kas saugo mūsų duomenis? →