Privacy: European data protection rules Essay

Rapid technological developments and globalization have brought new challenges for data protection. With social digital traces with every move we make. In this “brave new data world” we need a robust set of rules. The Else’s data protection reform will make sure our rules are future-proof and fit for the digital age. The EX. data protection rules apply when a person can be identified, directly or indirectly, by personal data. 1 The EX. proposal review 1. 1 The proposal elements Every time someone goes online, he shares information about himself, and the more person does online, the more important the protection of personal data becomes. E EX. is proposing changes that will strengthen the online protection, and which are designed to put each user in control of his information and to guarantee the right to personal data protection. Actually, the new proposals defined in January 2012 are addressing the following changes. Topic No can you trust? New Law Could be better informed and your data will be protected, so you’ll be more confident in sharing data. Control over data More control over what happens to {Our data, you have the right to know who’s using your data and Nay and to know if the security of {Our data is at risk. Deter know how data is being used ND when the permission is required, the user will be asked to give it explicitly. Unique, standard and simple protection policy everywhere in EX. and also outside the EX.. EX. rules Nail apply also to companies not established in the EX. but that offer odds or services in the EX. or monitor the online behavior of citizens. Privacy-friendly. Data is protected unless the user decides to change privacy settings himself. Easier to take data back and remove it completely. If users no longer want its data to be processed and there are no legitimate grounds for retaining it, data will be deleted.

Simple, Just remove personal data ND subscribe to another service provider. Data portability eases the transfer of personal data from one service provider to another. Permission Set of rules Privacy and security rhea right to be forgotten orientation between contracting parties Old Law Kook don’t know perfectly how your information is being used and you don’t know whom to trust. rhea consent for data processing is often assumed. Different protection policies and protection only within the EH. It’s not always simple to permanently delete personal shared it. More problematic due to the difficulties in deleting data and lack of portability.

Protection Normalized Lost or stolen Data breaches Companies Authority Individuals Cooperation Administrative burdens Data protection officer Data will be protected worldwide, necessary for cloud computing or N.B.-based emails. If this happens and the consequences are expected to be serious, both you and your country Data Protection Authority Nail have to be told as soon as possible. In case of serious data breaches, companies and organizations will have to notify them within 24 hours Inhere feasible. Companies will only have to deal Ninth a single national data country where they have their main establishment.

Protection Just within ELI. If your data is lost or stolen, may take some time to find out. Plants located in countries different from that of the headquarters, have to report also to their national EDP to confirm they are processing data in accordance with the national laws. Individuals will have the right to refer all cases to their home national data protection authority, even when their personal data is processed outside their home country. Enhanced cooperation between data protection authorities to ensure the consistent application of the rules across the EX..

Unnecessary administrative Many burdens such as burdens will be removed. Notification requirements for companies processing arsenal data. Companies with more than 250 Not all big companies have a employees should be proactive and specific figure responsible of take measures to ensure compliance data protection. Ninth data protection law by appointing a data protection officer. Having identified the main changes from the actual laws to the new one, these differences can be used as a blueprint to compare actual privacy policies in different countries, taking the privacy policy of one of the major companies in each country as model.

The countries we are going to analyses are Italy, France and Germany. 1. 2 Privacy policy review: Germany he company taken as an example of the German privacy policy is BMW, one of the major companies in the automotive industry with Volkswagen and Propose. While describing each item of the policy, we’ll analyze the coherence of each item with the new current law and we’ll make some considerations about which changes should be addressed by the company to adhere completely two the new laws.

BMW Description of items Privacy Policy items Permission Processing and using data for consultation, advertising and market research purposes only takes place with users’ explicit consent. Giving the consent to the Control purposes stated above, the user ever data gives also the permission to the transfer of these data to third parties. Personal data is used in strict accordance with German data protection rules. Cookies from BMW websites do not gather any personal data about the user. The user can disable the use of cookies at any time via the settings in his browser.

Cookies are used for anonymous statistical purposes only during the length of the user section. In case of other uses, permission IS required. Privacy and All user data is stored using a pseudonym so that personal Identification is impossible. User information about how the tracking user interact with the website ND its content. Cookies Coherence Ninth the new Partially agree. Considerations Not coherent. rhea users must have the right to know who is using the data and Nay, and permissions should be asked frequently.

Ninth the introduction of the new directive MAW has to adapt to unique EX. protection policy. Agree with directive 35/46/CE but partially with the incoming proposal of 2012. Totally agree Ninth the existing policy and not modified by the new one. Look at the next topic. Coherent. Data protection In the company exists a Chief Information Officer. Partially coherent Antiradar of consent rhea user can withdraw the consent for future actions at NY time. To do this, the user must contact a toll telephone hotlist. There’s no a specific fugue responsible for data protection POP). He user must have the possibility to Antiradar it using simple means and free of charge :directive 2002/58/CE) Some considerations can be made about the current item in BMW privacy policy: 0 rhea user must have the right to know who is using his data and why, and permissions should be asked frequently; rhea user should have the possibility to withdraw his consent using simple means and free of charge (Directive 2002/58/CE); Ninth the introduction of the new directive, BMW has to adapt to a unique EX. retention policy and not to the German one. In addition, other changes should be addressed by BMW to meet the new directive requirements.

These are not changes of the current items included in the actual policy, but address the introduction of new topics, such as: Introduction of the Data Protection Officer, as in the company there’s not a similar role; rhea policy does not include the possibility of deleting completely data: if this possibility does not exists, it will be necessary to create it; Ninth the introduction of the new policy, it will be necessary to notify the data protection authority within 24 hours when a data breach occurs; he company will have only one data protection authority and various policies in different European countries will be harmonize. . 3 Privacy policy review: France or represent the French companies and an example of the different privacy policies, En choose LIVE (Louis Button Meet Hennessey S. A) one of the most important multinational company dedicated to luxury goods as Watches, Jewelry, Perfumes, Cosmetics, Fashion, Leather Goods, Wines, Spirits and Selective Retailing. This firm has more than 77,000 employees and it’s quoted in CACAO, the French stock market Index.