What is the Data Protection Directive?

The Data Protection Directive is an act of legislature passed by the European Union in 1995 to create a framework for protecting privacy and securing identifying information when collecting, handling, and processing data. Under the directive, members of the European Union were required to implement laws to support the directive by 1998. The purpose of the Data Protection Directive was to address privacy concerns, as well as human rights issues surrounding the use of data, a concern among some EU members where right to privacy is considered an important social and human right.

Known officially as Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data, the Data Protection Directive is designed to standardize and harmonize procedures in place for safeguarding data across the European Union. People are not allowed to process personal data without the consent of the party involved, people have the right to access their own data and correct errors, and data cannot be abused or used without the consent of the person it concerns.

A number of different types of data, including identifications and bank account numbers, are covered under this directive. Protection of private data became an especially large concern with the advent of online systems for activities like payment processing and data submission. Such systems had the potential for abuse and compromise, and creating laws to protect electronic data was an important aspect of protecting the privacy and security of individuals living in the European Union.

In addition to discussing the processing of data within the European Union, the Data Protection Directive also covers disclosure of data to countries outside the region. This is designed to limit the unauthorized dissemination of information about EU citizens and to increase data security. Companies working with people in the European Union must demonstrate that they have adequate protections in place to secure the data and prevent it from being abused. A common situation where this comes up is with airlines, where carriers must protect information about passengers for safety and security.

Like other acts of legislature developed in the European Union, this document creates definitions and sets standards designed to be applied by all European Union members. The Data Protection Directive was developed with input from legislators across the European Union, as well as privacy advocates, attorneys, and other consultants with information about data processing and the associated privacy concerns.