Mark Zuckerberg, the CEO of Facebook, sitting in front of the American Senate, answering over 600 questions for 10 hours, was surely a notable moment in the history of technology and the internet. A notable moment that took place after the famous ‘Cambridge Analytica scandal’ where the user data of over 87 million users was compromised. The entirety of this event brought the importance of Data Privacy to the forefront of Internet Regulations. The first part of this blog will take one through the basic terminologies related to data privacy, and the importance of the whole issue.
Definition of Data
While there is no universally accepted definition of the same, Data can be defined as any kind of fact or a piece of information stored in any kind of format, which can later be used for any kind of analysis, mapping or mining. In the context of an end-user of various services on the Internet, Data can be the information provided by the user, their preferences, and collections of interactions done with a platform that might help the platform in providing better services.
Universally accepted terminologies
GDPR: the General Data Protection Regulation, bought in to effect in 2018, it is considered a standard law where Data Privacy and Security Is concerned. While the regulation was passed by the European Union, every ‘body corporate’/organization which wishes to operate in the European Union and falls in the ambit of regulation, needs to comply with same.
Data subject: A Data Subject Is a natural person or any individual that can be identified through their physical, physiological, genetic, mental, economic, cultural or social identification features.
Data Controller and Processor: An individual/organisation, which decides the means and purposes of collection of personal data, can be termed as a Data Controller. The individual/organisation that processes the personal data on behalf of such a controller can be termed as a Data Processor.
Personal data: any kind of information or data that can be used to, directly or indirectly, identify an individual(or a data subject).
Special categories of personal data: Also termed as the Sensitive Personal Data, it is a subcategory of personal data which includes the following kinds of data.
- Biometric data
- Health data
- Data relating to political or religious opinions
- Data relating to Unique Identification of individual
- Financial Data
- Sexual orientation
- Sexual preference
Importance of these terminologies and data privacy laws
The Data Privacy Laws impose mandatory compliances & requirements on all kinds of Organisations and Individuals, which collect user data. This makes it compulsory for the organisations to have adequate data security measures, data encryption mechanisms and various other legal requirements which protect the valuable information of the end-user. These data security laws become very useful in times in governing liabilities, in the scenarios where an Individual’s Personal Data was breached to take advantage of. While there are several other nuanced advantages of having such laws, however broadly they protect an Individual’s Privacy and Information in the Virtual Space.