As we have seen, the European Union has encoded in law since 1995 very strong personal data privacy protections. The EU Data Privacy Regulations define what counts as personal and sensitive information: “personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs; trade-union membership; genetic data, biometric data processed solely to identify a human being; [and] health-related data.”3 The GDPR further requires that individuals be notified when such information is collected about them; individuals then have the right to review and, if necessary, correct information held about them. As Dan Burk emphasizes, individuals have the right to consent – they must agree to the collection and processing of their personal information. And, as we have seen, recent legislation makes these rights to consent – to “opt in” to, for example, data collection as you browse a website – even stronger. Finally, the Regulations insist that the transfer of personal information to third parties outside the EU can occur only if the recipient countries provide the same level of privacy protection as that encoded in the EU directives. As Burk further explains, this last requirement has meant that the EU approach to privacy began to spread more quickly around the world than its US counterpar. As we will see, this requirement made especially dramatic impacts in Asia – but only to be overshadowed by more recent developments.
Don't use plagiarized sources. Get Your Custom Essay on
Racial or Ethnic Origin
Just from $13/Page