Interactive learning

This learning resource can be supplemented with knowledge checks and quizzes, and can be integrated with a number of learning management systems (LMS).

If your organisation is a non-profit or educational institution, we normally allow you to embed the interactive infographic into your web pages or intranet pages for free. This is normally a relatively simple process. Email tc@purposeandmeans.io about for more information.

This resource is best viewed on a desktop computer or tablet. Although it can be viewed on a smartphone, the interface may appear cluttered.

European Data Protection and Privacy

Origins, history and evolution

Description of "Origins, history and evolution of European Data Protection and Privacy"

The diagram illustrates a timeline of key events and developments that shaped data protection and privacy in Europe, from early historical roots to modern challenges.

Early Roots: The timeline begins with rudimentary notions of privacy in the 13th century (chimneys enabling privacy, Justices of the Peace Act 1361), followed by early legislative efforts in the 18th and 19th centuries, such as Sweden's 1776 Access to Public Records Act, France banning the publishing of private facts in 1858, and Norway's 1889 Criminal Code prohibiting the dissemination of personal or domestic information.

20th Century Developments: The 20th century saw major catalysts for data protection laws, including:

• Massive privacy abuses under Fascism (1930s, Dehomag D11) and Communism (Stasi in 1950-90, Securitate in 1948-89), as well as WWII atrocities.

• The 1948 UN Universal Declaration of Human Rights established fundamental rights.

• The widespread use and reliance on technology highlighted new vulnerabilities.

• Revelations about global surveillance (e.g., NSA, GCHQ) underscored the need for protection.

Emergence of European Data Protection Frameworks:

• The 1950 CoE European Convention on Human Rights was a foundational step.

• Individual countries began enacting data protection laws, starting with the 1970 Hesse Data Protection Act (Germany) and the 1973 Sweden Data Act.

• The Council of Europe Resolutions 73/22 & 74/29 (1973/74) and the 1978/79 enactment of general data protection laws in seven European countries marked significant progress.

• International guidelines and frameworks emerged with the 1980 OECD Guidelines and the 1981 CoE Convention 108.

• The 1984 UK Data Protection Act and the 1995 EU Data Protection Directive further solidified national and regional legal frameworks.

Challenges and Modern Era: The late 20th and early 21st centuries presented new challenges and legislative responses:

• The emergence of early hacking (phreaking).

• Technological advancements brought phenomena like the Morris worm, the growth of the internet (WWW, Google), and cyber threats like the 'I love you' virus.

• The 2000 EU e-Commerce Directive and the 2000 Charter of Fundamental Rights of the EU adapted laws to the digital age.

• The 2002 EU ePrivacy Directive addressed electronic communications.

• Major terrorist atrocities like 9/11, the London and Madrid bombings and massive personal data breaches heightened concerns.

• Figures like Snowden, Hanff, and Schrems played crucial roles in revealing surveillance and advocating for privacy rights.

• Frameworks like US-EU Safe Harbor and the Privacy Shield Framework attempted to govern transatlantic data transfers.

• The culmination of these efforts led to the 2016 EU GDPR (enforced 2018), a landmark regulation, followed by continued discussions on EC adequacy decisions and the recurring theme of ensuring robust privacy ("Fool me Thrice..." in 2023).

• Significant political events like Brexit and global crises like Covid19 also impacted data protection discourse.

The diagram concludes by emphasising that "What are we protecting? Fundamental rights and freedoms of individuals = human rights," highlighting the core principle underlying all these privacy and data protection efforts.