Why was the GDPR invented?
Although there is an already existing personal data protection system, the purpose of this new GDPR stays the same as the Data Protection Directive 95/46/EC, that is to say to protect the individuals from privacy and data breaches, and to guarantee their rights.
However, as we know, the previous system was established in 1995 and regarding the current data-driven world in which we live, it is obvious that there is a need of modernization of the current system if we want to keep it efficient.
What is the philosophy behind the GDPR?
Many principles are behind the General Data Protection Regulation:
Collection Limitation Principle
Personal data should not be collected without limits, it should be collected in accordance with the law and when needed, with the consent of the individual concerned.
Data Quality Principle
Personal data should be accurate and relevant to the purposes they are used for, they also ought to be complete and kept up-to-date.
Purpose Specification Principle
When data are collected, the purpose for which they are going to be used should be specified.
Use Limitation Principle
Data should not be used for any other intention than the original one without notifying the data subject.
Security Safeguard Principle
Personal data should be protected against any risk of loss, unauthorized access, destruction, use, modification or disclosure of data by the relevant security safeguards.
A general policy of openness regarding developments, practices and policies should be implemented respecting personal data.