Privacy refers to the appropriate use of data relating an individual to a context and, to an expectation of privacy from data subjects. The EU’s updated data protection framework (GDPR) includes more privacy-enhancing measures such as ‘the right to be forgotten’ and ‘the right to access’; the latter, ensures that data subjects are able to obtain confirmation as to whether or not personal data concerning them is being processed, where and for what purpose. GDPR also makes privacy by design, – namely, the concept that the inclusion of data protection needs to be considered from the onset of the designing of systems, rather than as a later addition – a legal requirement.
Privacy and data protection are often used as interchangeable terms. However it is noteworthy that, unlike other major human rights documents, the EU Charter of Fundamental Rights treats the protection of personal data as a distinct fundamental right (Article 8) rather than an extension of the right to privacy (Article 7)
- Protect data collection from an unauthorised access
- Store participant data securely
- Be aware of the different implications of the law, algorithms that manage the law, and persons that interpret the law.
- State clearly the intentions for what privacy provides and to what effect.