The 28thof January has been consistently dedicated to data protection. Even before the inception of the General Data Protection Regulation (GDPR), protecting the privacy of individuals was high on the agenda. With the emergence of new technologies, data protection continues to be of high importance across Europe. The theme this year relates to a ‘A new mandate’; an apt theme for the ever-changing data and technology landscape.
A new mandate
The Council of Europe notes that this year’s Data Protection Day has arrived at an interesting point in the EU context, with a recently elected European Parliament and anew European Commission, as well as the new mandate for the European Data Protection Supervisor. This year also coincides with new technology becoming ever more prominent, such as Artificial Intelligence, which naturally raises some implications for data protection.
This year an event organized jointly by the Council of Europe, CPDP conferences and the European Data Protection Supervisor focuses on exploring the current and future landscape of data protection. The specific date chosen, the 28th day of January, marks the anniversary of the opening for signature of the first legally binding instrument to protect privacy in the digital age dating back to1981.
The purpose of this day is to create awareness for users, to ensure protection online by promoting responsible data handling practices and highlight simple practices to ensure safety of data online, as well as draw the attention to threats from cyber criminals attempting to obtain personal data of users online. According to the EU Cyber skills Survey, there is a general consensus amongst companies (71%) that cybersecurity is a high priority, but taking action appears to be the main challenge. The survey highlights that 74% of the companies omitted any training or raising of awareness among their employees. Conversely, 68% of companies believe no training or awareness about cybersecurity is actually needed. A minority of 16% are simply unaware of relevant training opportunities, whilst 8% mention budget constraints as a reason.
As cyber incidents are on the rise, awareness is paramount for all individuals who interact with some form of online platform. Awareness may also benefit organisations processing data by emphasizing the importance of having in place security practices such as secure data storage methods, encryption methods and double-factor authentication functionalities.
Recent Data Fines
Awareness on data protection is paramount for both individuals and businesses. Whilst individuals are entitled to specific rights on their personal data and therefore have remedies to enforce those rights, organisations processing personal data have specific obligations to ensure such protection to data.
In fact, 2024 saw some significant fines by data protection authorities for breaches of data protection principles. Popular streaming platform Netflix was likely to be fined €475million by the Dutch data protection authority for failing to provide transparency and quick responses to users’ requests to access their personal data. Similar, business platform LinkedIn was also faced with a €310million fine for deficiencies in the legal basis for which data was being processed. These fines demonstrate that businesses can be severely reprimanded for failure to adhere with any aspect of data protection.
How we can help
We understand how essential it is for privacy and data protection to be respected and how fundamental the right to maintaining an unblemished reputation is for all individuals. Our Privacy lawyers are IT law and tech savvy lawyers with a passion for unravelling the nuances of technology and privacy law to protection fundamental rights, and over the years have garnered noteworthy results in these areas of law.
