Brief history of personal data protection

European Data Protection Directive (1995)

Creation of a common base for all EU countries in terms of personal data protection.

Snowden revelations (2013)

Edward Snowden, reveals that the NSA (National Security Agency) conducted mass surveillance of telephone calls and online exchanges.

Privacy Shield (2016)

The Privacy Shield was a self-certification mechanism for companies established in the United States.

It had been recognized by the European Commission as offering an adequate level of protection for personal data transferred from a European entity to companies established in the United States.

The decision validating the Privacy Shield was annulled by the European Court of Justice in 2020. It no longer constitutes a sufficient legal guarantee to transmit personal data from the European Union to the United States.

Cambridge Analytica (2018)

Christopher Wylie, former Cambridge Analytica employee reveals that his company played a role in the election of President Donald Trump.

Through a quiz on Facebook, Cambridge Analytica siphoned off the personal data of tens of thousands of people without their consent to carry out targeted influence campaigns.

Facebook is deemed complicit since, at the time of the facts, the social network did not prohibit this type of practice.

The GDPR (General Data Protection Regulation) is the European regulation on data protection.

The GDPR came into operation on May 25, 2018 and is since in effect.

Digital Services Act (2022)

The aim of the DSA is to update the EU's legal framework, in particular by modernizing the e-commerce laws. It regulates AI, money and digital platforms to enable players to innovate and develop, and to provide better security for the users.

Brief history of personal data protection ​

European Data Protection Directive (1995) ​

Snowden revelations (2013) ​

Privacy Shield (2016) ​

Cambridge Analytica (2018) ​

GDPR (2018) ​

Digital Services Act (2022) ​