Many countries have a General Data Protection Law (LGPD).
Data protection is a concept referring to the protection provided to the personal information of each individual . The treatment of said content depends on the country, being regulated by legislation.
Data protection is guaranteed above all through the right to privacy . There are also other related powers and principles, such as the right to privacy and the right to honor . In some nations, the protection of personal data is recognized by the Constitution as a human right .
What is data protection
Data protection is the set of legal and technical resources that are used so that all information related to a person, especially that which allows their identification, is safeguarded. This involves taking care of the image, identity document and address, among other sensitive data.
What is sought with this protection is that the personal data that are registered in files of different types, both private and public, are not available to any subject nor can they be used for purposes other than those intended by the individual themselves.
With the advancement of technology and data storage on the Internet, the problem of online privacy arose. Beyond what is provided by law, data protection requires different measures by companies that collect information from their users in order to avoid cybercrime .
Security awareness is very important for data protection on the Internet.
The AAIP in Argentina
The Agency for Access to Public Information ( AAIP ) of Argentina constitutes a good example of how a State can work to protect the data of its citizens. This body dependent on the Public Prosecutor's Office is responsible for ensuring the security of information .
Regarding personal data, the AAIP recognizes several rights : the right of access (so that the citizen knows if any entity or company has their data), the right to information (linked to the operation of the databases) and the right of update, modification or deletion (to correct or delete data). Another aspect that the AAIP considers is informed consent : the person must approve the processing of their personal data by companies, institutions or professionals.
Data protection and the right to be forgotten
Data protection is also related to the right to be forgotten . This provision allows someone to demand that certain data be blocked, deleted or deindexed from a record when they consider that they are no longer relevant or that they become obsolete due to the passage of time.
There is a jurisdictional action called habeas data that guarantees a subject the right to request and obtain information regarding his person that appears in a database, requesting correction or deletion if he considers it pertinent.
In this framework, the right to be forgotten supports the possibility of demanding that personal data that is erroneous or no longer valid be removed from a publication or file. However, this can sometimes conflict with freedom of expression .
Suppose that a 21-year-old girl poses as an erotic model and that material is published on different Internet sites. Then that woman abandons modeling, becomes a lawyer , obtains a doctorate and forges a solid career in the judicial field. He also gets married and has 3 children. Thus, two decades after taking the aforementioned photos, she wants to make use of the right to be forgotten and asks that the images be removed from all publications since they do not represent her today. However, online magazines refuse to do so, claiming that they have the right to publish them since they were not obtained illegally.
The privacy notice that companies must display when collecting personal information helps protect data.
Internet security
Internet security is a central issue in data protection. Almost constantly, Internet users enter personal information on websites and platforms, in addition to exposing the documents they store on their computer or phone.
Data protection, in this context, requires the use of antivirus and firewall to prevent a ransomware attack, a phishing action or the installation of malware or spyware , for example.
The security of social networks and portals, meanwhile, demands the use of various instruments to protect their users from cybersecurity threats. The use of a security certificate, data encryption or encryption and identity management through access control with password authentication are essential measures to prevent intrusion by criminals.
Privacy management is key: a platform with millions of users stores enormous amounts of personal data that, if exposed, puts many people at risk. Preventing data breaches, therefore, is essential given the catastrophic consequences that an attack could have.