CIPP/E - Ch. 1 Latest Update with Verified Solutions

CIPP/E - Ch. 1 Latest Update with Verified Solutions Article 12 The right to a private life outlined in this Human Rights Declaration article - No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks. "Universal Declaration of Human Rights (Human Rights Declaration)" "- Adopted in December 1948 by General Assembly of the United Nations after atrocities of WWII - Acknowledges 'the inherent dignity and the equal and inalienable rights of all members of the human race in the foundation of freedom, justice, and peace in the world' - provided the basis for subsequent European data protection laws and standards" Article 19 The right to freedom of expression outlined in this Human Rights Declaration article - Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers. Article 29(2) Human Rights Declaration Article which states that states that individual rights are not absolute and that there will be instances where a balance must be struck: In the exercise of his rights and freedoms, everyone shall be subject only to such limitations as are determined by law solely for the purpose of securing due recognition and respect for the rights and freedoms of others and of meeting the just requirements of morality, public order and the general welfare in a democratic society. European Court of Human Rights System of enforcement established in Strasbourg for the ECHR - Examines alleged breaches of the ECHR and ensures that states comply with their obligations under the ECHR - Rulings are binding on the states concerned and can lead to an amendment of legislation or a change in practice by national governments -May also give advisory opinions that concern the interpretation of the ECHR and the protocols Article 8 ECHR Article that protects the rights of individuals for their personal information to remain private, but again, is not an absolute right and necessity, and proportionality may justify breaching an individual's privacy rights in the public interest (echoes Art. 12 of Human Rights Declaration): Everyone has the right to respect for his private and family life, his home and his correspondence. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others. Article 10 ECHR Article that protects the right of freedom of expression and the right to share information and ideas across national boundaries: Everyone has the right to freedom of expression. This right shall include freedom to hold opinions and to receive and impart information and ideas without interference by public authority and regardless of frontiers. Restrictions to this article are set out by section (2) of the same article. Spain, Portugal, Austria European countries that incorporated data protection as a fundamental right in their constitutions. Recommendation 509 on human rights and modern scientific and technological developments In light of the trend of European countries implementing legislation aimed at controlling the use of personal information by government agencies and large companies, the Council of Europe. - This was the result of concern that, in the context of emerging technology, national legislation did not adequately protect the 'right to respect for his private and family life, his home and his correspondence' under Article 8 of the ECHR. - This concern led in 1968 to the publication of this item Resolutions 73/22 and 74/29 - In 1973 and 1974 Council of Europe established principles for the protection of personal data in automated databanks in the private and public sectors, respectively, the objective being to set in motion the development of national legislation based on these resolutions - was regarded as an urgent requirement because of the already-existing divergence between the laws of the member states in this area 1980 Year OECD developed Guideline on the Protection of Privacy and Transborder Glows of Personal Data 1973 and 1974 Year the Council of Europe built Resolutions 73/22 and 74/29 - which established principles for the protection of personal data in automated data banks in the private and public sectors. 1960s to 1980s Time frame number of countries, mostly in Europe, to the lead in implementing legislation aimed at controller the use of personal information by govmt agencies and large companies 1953 Year European Convention of Human Rights (ECHR) was entered into force. 1948 Year the Universal Declaration of Human Rights (Human Rights Declaration) was adopted by the General Assembly of the United Nations. OECD Guidelines 1. Collection Limitation Principle 2. Data Quality Principle 3. Purpose Specification Principle 4. Use Limitation Principle 5. Security Safeguards Principle 6. Openness Principle 7. individual Participation Principle 8. Accountability Principle False (T/F) OECD Guidelines are legally binding and are not intended to be flexible to serve as either as a basis of legislation in countries that have no data protection legsilation or as a set of principles that may be built in existing legislation. Council of Europe Convention for the Protection of Individuals with regard to Automated Processing of Personal Data The OECD Guidelines was created with distinct similarities to which European guidelines? False (T/F) The aim of the OECD Guideline is to strike a balance between protecting the privacy and the rights and freedoms of individuals while creating barriers to trade and allowing interrupted flow of personal data across national borders. 1985 and 1998 The OECD reaffirmed its commitment to the Guidelines in which years? OECD Considerations for Trans-Border Data Flows Between Members Member countries should/can: - Consider implication for other member countries of domestic processing and re-export of personal data - Ensure that trans-border flows of personal data are uninterrupted and secure - ensure that trans-border data flows are maintained within member countries where Guidelines are being observed - Restrict transfer information for categories of personal data in which special domestic regulations exist and do not have have equivalent protection in member countries - Avoid developing laws, policies and practices in the name of privacy that would create obstacles of trans-border data flows beyond what is required for that protection (most important) 1981 Year the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data was adopted by the Council of Europe (Convention 108) Convention 108 Consolidates and reaffirms the content of the 1973 and 1974 resolutions and was the first legally binding international instrument in the area of data protection. False (T/F) Convention 108 is similar to the Guidelines in that it does not require signatories to take the necessary steps in their domestic legislation to apply the principles it lays down with regard to processing personal information. True (T/F) Convention 108 was the first binding international instrument to set standards for the protection of individual's personal data whilst also seeking to balance those safeguards against the need to maintain the free flow of personal data for the purposes of internal trade. Three Main Parts of Convention 108 Chapter II - Substantive Law Provisions Chapter III - Trans-border Data Flows Chapter IV - Mutual Assistance Chapter IV - Mutual Assistance Which part of Convention 108 requires that parties designate supervisory authority to oversee compliance with data protection laws and to liaise with supervisory authorities in other jurisdiction for purposes of consultation and mutual assistance regarding implementation. - these requirements were further reinforced by the 'Additional Protocol' Chapter III - Trans-border Data Flow Which part of Convention 108 provides that where transfer of personal information are between signatories, those countries shall not impose any prohibitions or require any special authorization for the purpose of the protection of privacy before such transfers can take place. Additional Protocol Addressed holes in the Convention 108 that did not address transfers of data to countries that were not signatories. Introduced the concept of "adequate" rather than an equivalent level of protection of personal data. Additional Protocol to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data Long version of "Additional Protocol"