European data protection legislation must respect "human dignity"

GDPR must reflect technological changes, but these cannot override rights, says EU expert

Technology cannot be allowed to take precedence over the fundamental human right to privacy, according to an EU data protection expert.

Speaking to delegates at the annual iSSE security conference today, Wojciech Wiewrowski, assistant European data protection supervisor, said the existing European data protection legislation, written in 1995, has little bearing on the world of today.

"We all know the world of 1995 looked completely different from the point of view of processing all the data, including personal data, than it looks at the moment. Yes, we had email accounts, we used the internet in 1995 ... but that was a different world," he told the audience.

"I don't mean only the fact there were no social networks in this time, I mean also there was no worldwide web at this time, we were encoding and decoding the data ... we were using Gopher [an IP application layer protocol to distribute, search, and retrieve web files]."

Wojciech Wiewrowski speaking at the iSSE security conference 

However, while the world may look different, Wiewrowski said, that doesn't mean values have to change.

"We don't want the technologies to change the values that this society is built on. This society is built on the values that are in the core of human dignity and that simply means that recognising that the world is changing [so] we should adapt ourselves to the situation, but it does not mean that we should forget or we should abandon the rules that we had in the past," he said.

Wiewrowski added that this is central to the General Data Protection Regulation (GDPR) that is currently in the final "trilogue" stages of discussion, where the European Commission, European Parliament and European Commission come together to work out the final draft.

"The centre of the data protection is the data subject, which ... I would like to stress, is not only the data subject, it's a human being. It's a human being with dignity and that's what all this law is built around," he said.

Arguing that in order to enforce this, there needs to be a good balance between ethics and legislation, the supervisor contended that technology needs an emphasis on privacy by design.

"[It] is not enough to think about only the law. It is not enough to talk only about the matter of compliance. Actually, ethics is something that should be in the core of the activity of the ... information managers, information engineers," he said.

"Those who are really the data miners, who are building the logics of the data mining, the only thing that makes them behave well is the ethics and the good penal law."

The final GDPR text is expected to be published by the end of the year.

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Recommended

Microsoft Exchange targeted by China-linked hackers
zero-day exploit

Microsoft Exchange targeted by China-linked hackers

3 Mar 2021
Malicious ‘dependency confusion’ packages are stealing password files
hacking

Malicious ‘dependency confusion’ packages are stealing password files

2 Mar 2021
What is the Computer Misuse Act?
Policy & legislation

What is the Computer Misuse Act?

2 Mar 2021
What is cloud-to-cloud backup?
cloud backup

What is cloud-to-cloud backup?

1 Mar 2021

Most Popular

How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021
Ransomware operators are exploiting VMware ESXi flaws
ransomware

Ransomware operators are exploiting VMware ESXi flaws

1 Mar 2021