Striving for efficient and accessible protection against data protection violation

Jan 28, 2014 by Emma Rayner
Striving for efficient and accessible protection against data protection violation

Obstacles to accessing data protection remedies have been revealed, thanks to new research conducted by The University of Nottingham's Human Rights Law Centre (HRLC).

This research contributes to the findings of a new European Union report that considers the actual experiences of victims and those dealing with violations to identify areas for improvement.

A new European Union Report on Access to Data Protection Remedies by the EU Fundamental Rights Agency (FRA), published on the eve of EU Data Protection Day (28 January 2014), reveals serious flaws in procedures to address data protection violations.

Tackling personal data violations

The report gives an overview of the current legal framework and procedures that people can currently use to redress violations. And it recommends new initiatives to improve individuals' access to data protection remedies in EU member states.

Data protection law exists to controls how people's personal information is used by organisations, businesses or the government. The University of Nottingham research—investigating the situation in the UK—suggests that most data protection violations arise from internet-based activities, direct marketing, financial violations such as credit card fraud and video surveillance.

The majority of problems encountered related to the processing of personal data, such as the unjustified transfer of personal data to third parties, improper and excessive collection and storage, storage or inaccurate information and unlawful disclosure. Other violations were connected to the rights of the data subject to access their personal data including refusal to access or to correct .

The desk and fieldwork research by HRLC examined the existing procedures and the legal consequences concerning data protection violations in the UK. Professor David Harris, HRLC Co-Director and Professor Emeritus, said:

"More and more information is being stored about individuals both by government and privately. This project revealed the great harm that the recording of inaccurate information can cause individuals and the need for them to have accessible and effective remedies when this happens."

Victims 'not motivated' by money

The interviews conducted by HRLC identified the following key findings from the perspective of access to data protection remedies in the UK:

  • Victims are less likely to pursue their case in the courts as it is often time consuming, costly and difficult to provide evidence of a data protection violation; instead, most victims complain to the Information Commissioner's Office (the national data protection authority);
  • When seeking redress victims of data protection violations are not motivated by financial gain but rather wish to prevent the recurrence of similar data protection violations in the future due to their experiences of psychological and social distress;
  • There is a lack of legal expertise in the area of data protection and a lack of resources allocated to organisations who do specialise in the area of data protection;
  • The civil society organisations are crucial to the individual by providing advice, legal assistance and representation, as well as playing a part in publicising and raising awareness around data protection issues.

The findings are also consistent with the overall conclusions of the FRA report that explain why the available redress mechanisms are not widely used by capturing the experiences and views of key stakeholders involved in the enforcement and use of redress mechanisms. This includes the national data protection authority, leading legal practitioners on data protection, consumer protection organisations, governmental departments and other non-governmental organisations.

The report recommends the following initiatives to improve individual's access to data protection remedies in EU Member States:

  • Raising public awareness of complaint mechanisms, including the existence and role of national data protection authorities;
  • Strengthening the independence and resources of data protection authorities;
  • Data protection training for legal professionals so they can offer more informed advice.

Explore further: Uber discloses data breach, theft of license numbers

More information: Read the full report:… ies-eu-member-states

add to favorites email to friend print save as pdf

Related Stories

Data violations unpunished in EU: rights agency

May 07, 2010

Data protection in many European countries suffers from a lack of funds, staff, independence and most importantly, a lack of sanctions for violators, the EU's rights agency reported Friday.

EU lays down steps US must take to protect data

Nov 27, 2013

The EU on Wednesday laid down steps Washington must take to restore trust after a huge spying scandal, including giving EU citizens the right to US legal redress to protect personal data.

'Surveillance minimization' needed to restore trust

Jan 22, 2014

Surveillance minimisation - where surveillance is the exception, not the rule - could help rebuild public trust following revelations about the collection of personal data, according to a law academic from the University ...

Germany fines Google for privacy violations

Apr 22, 2013

German authorities said on Monday they had fined Google for illegally collecting massive amounts of personal data including emails, passwords and photos while setting up its disputed Street View service.

Recommended for you

Survey reveals sorry state of European cybersecurity

Feb 27, 2015

The European Commission's annual Eurobarometer Cyber Security Survey, the third edition of which was recently released, is a substantial survey of more than 27,000 respondents from 28 countries. It contains intere ...

US spymaster warns over low-level cyber attacks

Feb 27, 2015

A steady stream of low-level cyber attacks poses the most likely danger to the United States rather than a potential digital "armageddon," US intelligence director James Clapper said on Thursday.

Cyber thugs taking data hostage

Feb 26, 2015

Marriage therapist Valerie Goss turned on her computer one day and found that all of her data was being held hostage.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.