Privacy and privacy protection
Data protection is a type of privacy protection manifesting in special legal regulation. Data protection right ensures a person the right of disposal over all data in connection with his personality. This way it serves to sustain the protection of privacy in a world where the possibility of collecting, storing and conciliation of large pools of data is widely available.
Earlier, due to the lack of highly developed data-processing technologies no threat was imposed by a situation in which these data became public and known to others, while today processing, conciliation and association of data or creating new data relying on the old ones might result in the infringement to the right of privacy. The underlying notion behind the codification of data protection law is the insufficiency of secrecy protection: within the new context protection should apply to all data: “data protection should be differentiated from the interpretation of privacy as intimacy.
The aim of data protection law is the protection of privacy. The protection of personal data within the new circumstances can offer the protection of privacy. These statements are true, however, they say little about what privacy is and why it needs protection.
Definitions that have been proposed for “privacy”
According to Schoeman it has been regarded –
- as a claim, entitlement or right of an individual to determine what information about himself (or herself) may be communicated to others;
- as the measure of control an individual has over information about himself,
intimacies of personal identity, or who has sensory access to him;
- as a state or condition of limited access to a person, information about him, intimacies of personal identity.
With the establishment of general personality right protection, the protection of “secrecy sphere” is included in European laws,while in the United Stated the right to privacy first becomes a right underlying the protection of portrait rights replacing its interpretation as proprietary right, and later it becomes the framework for personal right protection, corresponding to the European idea of “general personality right.”
Warren and Brandeis in their famous article published in 1890 connect the necessity of the recognition of the right to privacy in common law with the effects of the new inventions of the age and the spreading of “business methods” unknown up to that point: an example for the former is the contemporary development of photography, while for the latter the growing impact of press – first of all yellow press.
The other change is the significant development in photography technology, which makes it possible to take a picture of someone against his or her will – earlier one had to sit still for a portrait. This is stressed in the legal argument of Warren and Brandeis as well, since earlier if one would be “sitting” for the portrait, “the law of contract or of trust might afford the prudent man sufficient safeguards against the improper circulation of his portrait.” In the new situation, however, protection must be provided by a more stable legal background. After an overview of the practice of common law courts of justice, Warren and Brandeis come to the conclusion that the rights protected “are not rights arising from contract or from special trust, but are rights as against the world” (in other words they are absolute rights), but “the principle which has been applied to protect these rights is in reality not the principle of private property, unless that word be used in an extended and unusual use.” According to Warren and Brandeis the right solution is a new interpretation of the “right to privacy”, a right that has already been acknowledged by judges. In common law this right was used earlier by judges when judging the publicizing of “thoughts, feelings and emotions trough writing or arts” in diaries, letters and similar media,but according to the authors’ opinion, this is only one element of the right, “the law has no new principle to formulate when it extends this protection to the personal appearance, sayings, acts, and to the personal relation, domestic or otherwise.”
– Warren and Brandeis have thus supported the need for the acknowledgement of the “right to privacy” with the change in the structure of publicityand the appearance of new technologies of the age. The protection of the individual gained a new background replacing proprietary rights: privacy means the protection not only of privacy, but the protection of autonomy in its wide sense, including not only the protection of proprietary autonomy. During the history of privacy its meaning kept widening, it has reached the right of general freedom of action,while according to Sólyom it is characterized by “alarming generality,” “magniloquence” and “philosophic imprecision.
-The protection of an individual’s “secrecy sphere” appears within the scope of general personality right, and is recognized partly within its frameworks. As Elemér Balás P. puts it, “the point in secrecy sphere is that the importance of personality is so predominant concerning certain facts that, from a legal point of view, these facts and their embodiments do not count as objects of the external world, but have to be understood as functions of personality. The formation of secrecy sphere is the manifestation of the life process of a personality via his will. Certain facts belonging to the outer world are such that, from the personality’s point of view, they cannot be regarded as parts or as tools of the personality’s life process.”Protection, however, at this point of its history applied merely to secrecy sphere.
-General personality right, after a temporary decline during the Second World War, became the focus of legal thinking again. Data protection is born with the first generation data protection laws, which gave a response to the development of computer technology and the appearance of the possibility of creating mass databases and matching of data: although still indirect, the legal protection of the facts (data) of an individual outside the sphere of secrecy protection appears. As a next step – based on the provision of the Constitution (Grundgesetz) declaring general personality rights – the German constitutional court formulates the right of informational self-determination (informational autonomy). The new right ensures right of disposal over all data that can be associated with a person (no matter whether the data are part of the secrecy sphere or not).
2. The notion of data protection
The notion of data protection (Datenschutz) became widespread beginning with the 1970s, signifying a new type of protection compared to earlier personality rights. This new protection, according to data protection regulations, applies to (usually) natural persons not only regarding specified types of data (portrait, sound recording), and it is usually not restricted to “sensitive” data, nor does it have to be matched with the consequences of data abuse.
The concept of data protection is often treated as part of privacy protection, or quite as its contrary, opposing it, as a specifically European (legal) solution to a problem which contributed to the appearance of the “right for private life” in American constitutional law. In my view several – legal and extra-legal – tools, methods of privacy protection may be distinguished, and the notion itself may be applied to a far wider category of phenomena than data protection – data protection might be understood only within the framework of privacy protection as a legal tool of privacy protection, born within a given social and technical context. We should also not disregard the fact that the notion of privacy is used today in a much broader sense in American legal thinking – as I have referred to it above, as a result of the development it has gone through since the end of last century, by now it can be interpreted as the equivalent of general personality right.
The right of informational self-determination is “the right of the individual to have a basic decision over the rendition and use of his personal data. In literature data protection is very frequently identified with rules ensuring the right of informational self-determination
Data protection cannot be identified with the right of informational self-determination, since the early data protection laws did not ensure an individual any disposal over his personal data. Although the appearance of the right of informational autonomy is a significant milestone in the history of data protection, it is still wrong to claim that the development of data protection cannot go beyond the basic principles of the right of informational self-determination
While data protection is a tool of privacy protection, and as such, is aimed necessarily at the individual, the object of data security is data themselves. Data security means the protection of the integrity and confidentiality of data, irrespective of the information content and legal qualification of data.
Data security is served by technical and organizational measures, which might be stipulated both by legal and extra legal norms. Data security regulations are applied by several legal norms, such an example is the legal formulation of data security regulations concerning qualified data (secrets of state and intelligence).
There is a complex network of connections between data protection and data security. The two most important elements of this network are the following:
a) In the different phases of its development, data protection regulations – although to a variable extent – usually contain data security rules serving data protection (which give specifications of the technical, organizational or other measures that are to be followed by the addressee of the norm when treating personal data). Therefore, regarding personal data, data security is the object of data protection regulations.
b) It is a new development that among the tools of privacy protection the role of data security technologies is increasing. With the development of computer technology, modern data processing technologies are available at a low price, almost for everyone. At the same time the appearance of international computer networks opened the road for globalization of data processing as well. In this situation data protection regulations of the 1970s require a necessary reform, and their role in the protection of privacy might decrease in the future. The effective protection of privacy in an open network environment might be provided primarily by technological tools (for example with the so-called “strong” encryption). These tools do not offer legal protection, but in several cases they become objects of legal regulation themselves – exactly because their use has become widespread in the protection of privacy, or because of the consequences of such use. (The use of “strong” encryption, for example, might hinder legitimate data collection carried out for reasons of national security or criminal investigation. In such cases the legislator might have to intervene in order to strike a balance between the interest of national security on the one hand, and the protection of privacy on the other.) Still, such regulation cannot be considered as legal regulation of data protection, although it is relevant regarding privacy, since it can hinder or facilitate the use of technologies enhancing privacy.
Apart from technologies enhancing data protection there are such that serve specifically privacy protection: these are privacy enhancing technologies, PETs. Privacy enhancing technologies may be technologies enhancing data security as well, but the aim of these solutions is not a general protection of data content, but the protection of privacy with technological and organizational solutions. The notion of privacy enhancing technologies in this article follows the definition of Burkert, according to which the phrase “refers to technical and organizational concepts that aim at protecting personal identity”.
The legal framework of the technological protection of privacy is frequently influenced by legal regulation of tools and methods which cannot be considered exclusively privacy enhancing technologies (such is, for example, “strong” encryption which might be used for encrypting any data content).
5. Freedom of Information (FOI) means that the so-called data of public interest (which are defined differently in different national legislations), namely data in possession of government bodies or bodies carrying out pubic tasks, qualify as public data, as data available to everybody, with the exception of specific instances. Data protection and freedom of information, the legal regulation of data concerning individuals and the efforts targeting the public availability of government data have been linked historically.
6. Based on the above, the notion of data protection in the present study is understood in a general way, according to which it is a legal protection which aims at the protection of the privacy of individuals via regulating the processing of data that may be associated with them (personal data), while the collection of legislative provisions regarding such regulations are considered as data protection law.
7. The right to data protection, especially in Hungary, is treated in literature frequently as the right of access to data of public interest, that is, as the twin-right of freedom of information: data protection and the freedom of information are the two basic “information rights”. In Hungary the common codification of data protection rights and the right of the freedom of information was successful, and the competence of several other European data protection commissioners now includes enforcement-related issues concerning the right of the freedom of information.
Freedom of information is an extension of freedom of speech, a fundamental human right recognized in international law, which is today understood more generally as freedom of expression in any medium, be it orally, in writing, print, through the Internet or through art forms. This means that the protection of freedom of speech as a right includes not only the content, but also the means of expression. Freedom of information may also refer to the right to privacy in the context of the Internet and information technology. As with the right to freedom of expression, the right to privacy is a recognized human right and freedom of information acts as an extension to this right.
- Freelancing tips for beginnersHow to start freelancing with no experience is a very challenging experience. Online Freelancing is a new way to make money from home and on your own terms. Everyone working online must know these 7 tips aimed at beginners.
- Software Test Metrics and MeasurementsSoftware Test Metrics and Measurements In software projects, it is most important to measure the quality, cost and effectiveness of the project and the processes. Without measuring these, project can’t be completed successfully. This uses Software Test Metrics and Measurements to measure.
- Distributed system Communication techniquesCommunication techniques in Communication techniques distributed system
- Distributed systems in computer ScienceOverview of distributed systems in computer Science Basic Algorithms Various characteristics of distributed systems in computer Science Design issues of distributed systems in computer Science