Data protection, i.e. the protection of personal data, secures the fundamental right of individuals to informational self-determination. This gives people the freedom to determine how their data is handled. Personal rights and privacy are to be preserved.
What is data protection?
Data protection does not protect the data itself, but rather the freedom of people to determine for themselves how their data is handled and who may receive what information. Data protection laws regulate the collection, use, storage, and disclosure of personal data. The regulations are based on the fundamental right to informational self-determination.
The collection of personal data by government institutions or commercial enterprises can jeopardize this right and violate personal rights. Depending on the organization that collects, stores, processes or publishes data, different data protection regulations may apply. For example, churches, religious communities, the press, or the healthcare sector have their own or additional regulations.
The importance of data protection due to the progressive development of IT
The progressive development of information technology and digital technology has changed and increased the importance of data protection. Modern IT makes it possible to collect, analyze and store more and more data with increasing ease.
Data collection can be automated and extended to many areas of daily life. For example, technologies such as the Internet, mobile telephony, video surveillance, cashless payment procedures, electronic customer cards, or electronic toll procedures support and simplify data collection. Based on the collected data, personal data can be analyzed and behavioral patterns can be derived, which can be used for various purposes.
While companies use the data, for example, for marketing purposes, to determine the ability to pay or for price differentiation, government institutions use the available information to detect tax offenses, to fight crime, or for statistical surveys.
Problem of lack of awareness of the need to protect personal data
Due to the mass use of the Internet and the spread of social networks, there is a lack of awareness of the protection of personal data among many people, despite the increasing collection of data on the Net. Often, people even voluntarily make this data available to a large number of users. Once data has been published on the Internet, it is almost impossible to withdraw it from the network again afterward.
For this reason, modern data protection regulations generally include a right to be forgotten, which stipulates that electronically stored data can be given an expiration date or deleted permanently.
Legal anchoring of data protection
Different regulations and laws apply to data privacy depending on the country and continent. In Germany, data protection is already anchored in the Basic Law and is defined in more detail by the Federal Data Protection Act (BDSG) through corresponding individual laws. Among other things, the terms “personal data,” “processing,” “use” and “collection” of data are described and regulated by law.
Within the BDSG, different legal regulations apply in some cases to public and non-public bodies. Additional state data protection laws and ordinances exist in the federal states. In order to create a uniform approach to data protection and data security throughout Europe, the so-called General Data Protection Regulation of the European Union was adopted. It comes into force in 2018 and ensures the protection of personal data on the one hand and the free movement of data within Europe on the other.
The European regulations are defined in the General Data Protection Regulation (GDPR), which is known in German as the EU Data Protection Regulation (EU-DSGVO).