Data protection and privacy

Data protection and privacy regulation impacts both businesses and citizens.

Within Europe, data protection rules stem from every individual’s right to privacy set out in Article 8 of the European Convention on Human Rights:

“ARTICLE 8 – Right to respect for private and family life

1. Everyone has the right to respect for his private and family life, his home and his correspondence.

2. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic wellbeing of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms.”

This right is explicitly referenced in the recitals to both the:

The 1995 Directive was implemented into UK law by the Data Protection Act 1998, whilst the General Data Protection Regulation will have direct effect from 25 May 2018.

Key regulators are the European Data Protection Supervisor, the ‘Article 29 Working Party‘ and in the UK, the Information Commissioner’s Office.