A brief history of data protection: How did it all start?

01.06.2018

With the GDPR being enforced on 25th of May, we decided to take a glimpse back into the history of data privacy and traced it's first precursors as originating more than 100 years ago.

Let's have a look into the history of GDPR:

1890

Two United States lawyers, Samuel D. Warren and Louis Brandeis, write The Right to Privacy, an article that argues the "right to be left alone", using the phrase as a definition of privacy.

1948

The Universal Declaration of Human Rights is adopted, including the 12th fundamental right, i.e. the Right to Privacy.

1950

The EU Convention on Human Rights sequence of fundamental rights is amended, with articles now appearing in a different order. 

1967

The Freedom of Information Act (FOIA) comes into effect in the US and gives everyone the right to request access to documents from state agencies. Other countries follow suit.

1980

OECD issues guidelines on data protection, reflecting the increasing use of computers to process business transactions.

1981

The Council of Europe adopts the Data Protection Convention (Treaty 108), rendering the right to privacy a legal imperative.

1983

The Federal Constitutional Court of Germany reaches a fundamental decision regarding the census judgment. The verdict is considered a milestone of data protection.

1993

PC Brown is charged with the UK Data Protection Act 1984 offence of using personal data or a purpose other than that described in the Data Protection Register - ruling is overturned.

1995

The European Data Protection Directive is created, reflecting technological advances and introducing new terms including processing, sensitive personal data and consent, among others.

2002

The EU adopts the Directive on Privacy and Electronic Communications.

2006

The EU Directive on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks is adopted. Declared invalid by a Court of Justice ruling in 2014 for violating fundamental rights.

2009

Evolution of the EU Electronic Communications Regulations in response to email addresses and mobile numbers becoming prime currency in conducting marketing and sales campaigns.

2010

The international non-profit organisation Wikileaks publishes secret information, news leaks, and classified media provided by anonymous sources.

2013

European Commission adopts the Regulation 611/2013 on the measures applicable to the notification of personal data breaches under Directive 2002/58/EC.

2014

A ruling by the Court of Justice of the EU finds that European law gives people the right to ask search engines like Google to remove results for queries that include their name. The concept becomes known as “the right to be forgotten”.

2016

The General Data Protection Regulation (GDPR) is approved by the EU parliament after 4 years of discussions.

2018

GDPR is being enforced, replacing the Data Protection Act.

2018+

Responsible management of personal data through mature IT governance, transparent processes and modern applications.

What is the INPLP?

INPLP is a not-for-profit international network of qualified professionals providing expert counsel on legal and compliance issues relating to data privacy and associated matters. INPLP provides targeted and concise guidance, multi-jurisdictional views and practical information to address the ever-increasing and intensifying field of data protection challenges. INPLP fulfils its mission by sharing know-how, conducting joint research into data processing practices and engaging proactively in international cooperation in both the private and public sectors.