Hanover, September 2017 | Personal data are protected by law and must not be used without specific reason. Data protection in Europe is still regulated by national law and the relevant EU directive has left much space for national interpretation. Now, the EU has released its General Data Protection Regulation that has direct effect and harmonizes the law in Europe. Constantin Herfurth explained the goal of data protection and the most important definitions. The main purpose was to highlight the difference between personal information and anonymous information. For the understanding of the system of data protection he presented seven golden rules: No processing without legal basis, purpose limitation, data minimization, transparency, rights to adjust, data security and control.
In the USA no general data protection law exists today, but various rules under the laws of the states (with the strictest system in California), explained Uzunma Bergmann, US-attorney at Herfurth & Partner. But the USA tries to achieve a general level through the intended Consumer Privacy Bill of Rights.