Source: Institut Montaigne

"Gentlemen don’t read other people’s mail." Actually, they sometimes do, legally or surreptitiously. In the digital age, we constantly emit personal data far beyond traditional exchanges and this data floats in the cyberspace.

The digital age cannot be de-invented, and there can be no individual rights if there is no privacy. How societies deal with this challenge, involving both the positive uses of the digital age, its downside and some terrifying possibilities, is a question for everyone to consider.

On the issues of digital privacy and the protection of personal data, Institut Montaigne provides a concrete understanding of the major regulatory environments. From this comparative approach, we draw policy implications for improving or revising the GDPR.

Privacy is an umbrella term that is intuitively understood by everyone, but that is not easily defined. In legal terms, privacy is mostly understood as data protection, and personal data is the key focus of data protection regulations. The goal of protecting personal data and privacy stands in a regulatory balance with two other goals, that of efficiency or economic gains for individuals and companies, and public interest – from national security to whatever may be considered as a public good. All regulations navigate between these three goals.

The privacy debate has two matrixes. One is clearly the United States. Digital technologies are largely invented there, the giant and not so giant companies that pioneer these have a global influence. America is therefore the mother of all privacy debates, and it has previously enacted important yet diverse pieces of legislation. Europe has increasingly become the other major influencer, with its path-breaking GDPR. However, the GDPR is also a catch-all text that is built on an uneasy equilibrium between opposite objectives.

Read Full Text

This policy paper was originally published by Institut Montaigne.