DIGITAL SOCIETY BLOG

Wissen über unsere vernetzte Welt

DIGITAL SOCIETY BLOG

Wissen über unsere vernetzte Welt

hannah-wei-84051

Warum Privacy ≠ Datenschutz ist (und wie sie sich überschneiden)

04 Mai 2016

Es wurde viel geschrieben über die Themen Privacy und Datenschutz und der Literaturbestand wächst weiter an. Und doch werden in diversen aktuellen Debatten über z.B. Überwachung, Informationsmonopole und Tracking im Internet die Begriffe „Privacy“ und „Datenschutz“ synonym verwendet. Obwohl es Überschneidungen gibt, existieren auch Unterschiede zwischen den Rechtsansprüchen. In diesem Beitrag wird dargestellt, warum Privacy und Datenschutz nicht gleich sind. Zu diesem Zweck folgt eine Übersicht der Unterschiede zwischen den entsprechenden Gesetzen in Europa gemäß der Interpretation des Europäischen Gerichtshofes für Menschenrechte sowie des Gerichtshofes der Europäischen Union (EuGH).

To begin with, privacy is a fundamental right with a long history, whereas data protection first appeared in international principles and secondary legislation, and has only recently acquired fundamental rights status in the EU. And whereas privacy was originally meant to protect the individual against the state, principles and rights related to data protection have always been intended to also bind private parties.

Broadly speaking, privacy refers to a personal sphere, whereas data protection refers to control over or protection of personal information. The prime difference between privacy and data protection therefore lies in its subject matter. Privacy is broader than data protection because it not only concerns information; it can also be about for example physical spaces or certain choices people make. But at the same time privacy is narrower, because data protection applies irrespective of whether there is an interference with the personal sphere. For example, unwanted physical contact falls under privacy but not under data protection. Alternatively, when someone gives her adress to a hotel for billing purposes data protection rules apply, but it will generally not be a privacy matter.

Personal data can be covered by the right to privacy, but privacy does not cover personal data per se. To determine whether privacy is at stake, it is not solely the identifying character of the data that is decisive: the context in which the data are are collected or processed also matters. It is difficult to explain exactly where the boundary lies between instances in which personal data is within and beyond the scope of privacy. However, based on the case law of the European Court of Human Rights, circumstances that influence whether or not the right to privacy is triggered are amongst others how much data is processed, whether the data is systematically collected and stored, whether the individual has a reasonable expectation of privacy, how sensitive the data are and/or what impact the data can have on the private life of the individual. It is, however, a fallacy that public data can never fall under the right to privacy.

Data protection applies when personal data are processed, without any privacy requirement. Personal data is a broad concept that can cover, for example, names and addresses, but also search behaviour, location data or photographic material. Privacy functions amongst others as a shield against interferences with the personal sphere, while data protection’s nature is more enabling; it is more centered on channeling others’ behaviour and controlling the flow of personal information. Detailed rules and principles on data protection can be found in secondary EU legislation (e.g. the Data Protection Directive and the upcoming General Data Protection Regulation) and national laws.

Privacy and data protection each have situations in which they apply individually, but as explained above, they are not mutually exclusive. Often both apply at the same time: a situation can give rise to both privacy and data protection issues, like in the Google Spain case. Part of the explanation for why this is so often the case is that one of the purposes of data protection is the protection of privacy. When this function interfered with, both privacy and data protection apply. In addition the amount of digital data keeps growing, and the private life of individuals is increasingly taking place online. Consequently, situations that trigger privacy will more and more involve a data protection component. This is very visible in the case law of the Court of Justice of the European Union, where the two concepts keep coming closer together in the form of references to the “right to privacy with respect to personal data”. Still, privacy and data protection are not the same, and should not be used interchangeably.

Foto: User: Dennis Skley / FlickrCC BY-ND 2.0

Dieser Beitrag spiegelt die Meinung der Autorinnen und Autoren und weder notwendigerweise noch ausschließlich die Meinung des Institutes wider. Für mehr Informationen zu den Inhalten dieser Beiträge und den assoziierten Forschungsprojekten kontaktieren Sie bitte info@hiig.de

Manon Oostveen

Former Fellow: Internet and Media Regulation

Bleiben Sie in Kontakt

und melden Sie sich für unseren monatlichen Newsletter mit den neusten Blogartikeln an.

JOURNALS DES HIIG

Weitere Artikel

ai imaginaries

„Ich vermisse Visionen, die KI als öffentliches Gut präsentieren“

Christian Katzenbach arbeitet mit seinem Kollegen Jascha Bareis an einem Projekt, das die nationalen KI-Strategien verschiedener Länder wie Frankreich, den USA oder China vergleicht, und identifiziert die unterschiedlichen Ansätze zwischen...

autonomous cars

Killerautos? Autonome Fahrzeuge und strafrechtliche Verantwortung

Wer trägt die strafrechtliche Verantwortung, wenn ein autonomes Fahrzeug in einen Unfall verwickelt ist, wie dem in Arizona letzten Jahres? Zu den potentiellen Verdächtigen gehören: die NutzerInnen, das Softwareunternehmen, die...

demystifying ai

Ein Autopilot für Online-Marketing

Online-Marketing ist für viele Unternehmen ein wichtiger Vertriebskanal. Um jedoch Kampagnen effizient zu gestalten, müssen oft große Datenmengen analysiert werden. KI-basierte Lösungen wie die Software Adspert der Bidmanagement GmbH in...

Hinterlassen Sie einen Kommentar