Essay on European Data Protection Directive

914 Words Mar 17th, 2012 4 Pages
Running head: European Data Protection Directive
European Data Protection Directive
Piera Hosinski
SECURE MANAGEMENT ( MGT 580 Winter 2012)
Instructor: Christopher Sobota

Abstract
“The Data Protection Directive (officially Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data) is a European Union directive which regulates the processing of personal data within the European Union. It is an important component of EU privacy and human rights law.”(Wikipedia, 2012)
The right to privacy is highly developed in Europe. The data protection directive provides a right to respect for one's "private and family life, his home and his correspondence," and is
…show more content…
If a company processes the data they have to register with the government. Employers are not allowed to read an employee’s email, and personal information cannot be shared by companies or go across borders. If at a store a checkout clerk is not allowed to ask for a person’s phone number. 2) What are the concerns with transferring data from the European Union office in Germany to the United States? (Your company is NOT part of Safe Harbor and there are no binding corporate rules in place). EU Member States' privacy laws implementing the EU Data Protection Directive (95/46/EC) require that international data transfers pass a two-step test. a) The data exporter must ensure that all processing requirements under local law are met. At this stage the intended data transfer is analyzed in light of the FDPA as if it took place solely in Germany. In other words, the data transfer itself must be legitimate. (Schmidl & Krone, 2010) b) According to the EU Data Protection Directive — and correspondingly the FDPA — it is unlawful to transfer personal data to non-EU/EEA countries that do not meet the EU “adequacy” standards for data protection. Such transfers may be legalized on a case-by-case basis, even if the fact that the data importer does not provide for an adequate level of data protection remains unchanged. (Schmidl &
Open Document