History
The European Union is a block of 27 member states (earlier 28 but with Brexit it is now 27) comprising countries located on the European continent. The European Union was mainly formed as a means to improve the trade relations and economic and social well being of the people by eliminating trade barriers and encouraging free movement of people.
Since its very formation, the European Union has been very particular about matters of privacy. The European Convention on Human Rights dating back to 1950 has stated the following: “Everyone has the right to respect for his private and family life, his home and his correspondence.” Over the decades, the European Union has issued directives concerning privacy of its citizens and how their personal data is processed.
Due to the internet boom and easy access to computers and smartphones, there was a need to overhaul the existing privacy policy regime. The European Union had issued the 1995 Data Protection Directive but that was not replicated word by word in all the Member States. Each Member State had their own laws and regulations by which they were managing privacy concerns of its citizens. Due to this, there was no uniformity across the European Union when it came to matters of privacy.
In order to safeguard the right to privacy of each European citizen, the need of the hour was to have one regulation which would be applicable across the European Union. This led to the formation of the General Data Protection Regulation which came into effect on May 25, 2018.
General Data Protection Regulation
The General Data Protection Regulation (GDPR) was introduced to ensure that the fundamental rights of the citizens related to privacy are protected in an age where everyone’s data is readily available on the internet. The wide ranging access and reach of the internet made it imperative for the European Union to intervene and enforce stringent laws so that nobody’s data could be breached or compromised.
In order to get an in-depth look at GDPR, we shall be analysing each of its provisions:
Article 1
Article 1 of the GDPR talks about the subject matter and the objectives of the Regulation which are as follows:
- “This Regulation lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.
- This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data.
- The free movement of personal data within the Union shall be neither restricted nor prohibited for reasons connected with the protection of natural persons with regard to the processing of personal data.”
As mentioned above, GDPR has been introduced to protect the fundamental rights of the citizens. Data protection has been recognised as a fundamental right under Article 8(1) of the Charter of Fundamental Rights of the European Union (the ‘Charter’) and Article 16(1) of the Treaty on the Functioning of the European Union (TFEU).
Every person has a right to protect their personal data and the way that it is processed. In today’s hyper connected world where data moves freely across the borders, it is all the more necessary that there are rules in place regulating the movement of data and at the same time, facilitating the free movement of data so that businesses and governments all over the world are not hindered in carrying out their operations and providing the best user experience to the customers that may be based in any corner of the world.
With this objective, the GDPR has come into effect thereby having a dual purpose of reinforcing the fundamental right of data protection and also providing a roadmap to organizations and governments to secure the data of its users and customers.
Reference: