Would you have known?

The first data protection law worldwide is passed by the German state of Hesse on 30 September 1970 and comes into force on 13.10.1970 (Source).

First page of the Hessian Data Protection Act of 1970 (Screenshot)

Modern data protection in Europe

The core element of European integration was the simplification of exchanges and the standardisation of regulations in the member states. People and goods should be able to cross borders unhindered and so there should also be standardised European regulations for data protection.

On 24 October 1995, the member states adopted the Data Protection Directive95/46/EC. This stipulated that the collection and processing of sensitive personal data of a natural person is generally not permitted, or is only permitted within narrow limits. The directive also stipulates that the purpose of processing must be transparent, data must be deleted once the purpose has been fulfilled and all data subjects have the right to obtain information about who is processing which data and for what purpose.

All member states have undertaken to transpose the directive into national legislation.

Charter of Fundamental Rights of the European Union

On 1 December 2009, the topic of data protection will be included in the Charter of Fundamental Rights of the EU. The Charter of Fundamental Rights of the European Union describes the rights and freedoms of people living in the EU

Article 8 of the Charter of Fundamental Rights describes the right to the protection of personal data. Personal data may only be processed for specified purposes and with the consent of the data subject or on another legally regulated basis.

* * *

Article 8
Protection of personal data

(1)   Everyone has the right to the protection of personal data concerning him or her..
(2)   Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified.
(3)   Compliance with these rules shall be subject to control by an independent authority.