The History of cyber security in Europe as well as the rest of the world is fairly limited as the topic of cyber security and most relevant laws, legislation and regulations for it would all be from the last 15 years at least. So instead of focusing strictly on the history of legislation of the topic, this section will mostly be focused on the formation of regulatory agencies and task forces and their responses to significant cyber security events of recent years.
Granted, there will still be some actual history as it pertains to privacy laws and such. When looking at EU privacy and data protection laws, it is important to remember that the European Union is not a federal system, but “it is based on the EU principle of ‘subsidiarity’ – home state rule – with the consequence that data protection laws in the EU still vary widely among member states.
Like the U.S. Privacy Act of 1974 EU data privacy statutes are constructed around FIPPS.
The 1890 essay ‘The Right to Privacy’ also shaped the privacy debate in Europe with the German Federal Constitutional Court as recently as 1995 referencing Das Recht allein gelassen zu werden (the right to be left alone).”(Gady2014) The 1981 Council of Europe Convention on Personal Data Processing outlined general data protection commitments that apply to all types of personal data processing by both government and private sectors. The convention has been influential in developing national data protection laws across Europe. In addition, article 8 of the European Convention on Human Rights (ECHR) outlines respect for a citizen’s private and family life.
Currently all EU member states but one have ratified and are abiding by the convention.
Unlike the U.S. 1974 Privacy Act however, The Charter of Fundamental Rights of the European Union, which came into force December 2009 following the Lisbon Treaty, “requires data protection for everyone – not just EU citizens. There is, however, a restriction on the right to privacy, and public authorities may interfere if it is ‘necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedom of others.” (Gady2014) 18 Also, unlike in the United States where ownership belongs to the company or service that assembled the data, every individual has ownership of his data under European law.19 The key EU legal document in this regard is the Data Protection Directive (Directive 95/46/EC), adopted in 1995′ establishing common rules and processes for data privacy in the European Union.
EU directives are ‘harmonizing’ instruments and not immediately binding. Member states of the European Union are required to pass national legislation that reflects their principles. The Data Protection Directive specifically outlines procedures for the collection, storage, use and disclosure of all personal data and places obligations on data controllers and confers rights on data subjects. The EU and national governments influence data regulations through co -regulation, where a data protection authority (DPA), established in every member state, formulates binding corporate rules (BCRs) for companies. The Data Protection Directive has led to the establishment of omnibus privacy laws, which according to Berkeley Law professor Paul M. Schwartz, ‘establishes regulatory standards with a broad scope. Under the omnibus approach, sectoral laws are a backup used to increase the specificity of regulatory norms stemming from the initial statutory framework.” (Schwartz174)
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
