GDPR – EU & Space Law: GDPR – An Introduction

Part 1 of a multimedia project by Lucia, Bianca, Alec and Dennis

GDPR official logo

This blog will serve as the introduction to a multimedia series about Space Law in the European Union and how it is so closely knit to the guidelines of how digital data is supposed to be handled. This multimedia series will include this blog giving an introduction and explaining what GDPR is, two 15-minute podcasts which are derived from a longer conversation with Bas Jacobs. And finally, a video which will be a summary of everything we touched on.

Our data online is collected and processed by many companies in order to make our digital experience more to their liking. Usually what they will do is collect your data to get to know what subjects get the most engagement from you. Then they will continue to show you content about those subjects to keep you on their platform as long as possible. However, these companies have strict rules about what they can and can’t do with your data. These restrictions and requirements are all thoroughly stated in the GDPR.

What is GDPR and what does it do?

We’ve mentioned this acronym a couple times now but what does it actually mean? GDPR stands for General Data Protection Regulation. The GDPR is a data privacy and security law made and passed by the European Union. However, it effects every company anywhere in the world which deals with data from residents of the EU. It is considered the strictest security law around the world. This makes the legally processing of data a very tricky a precise task, especially for small companies.

GDPR has its existence thanks to the 1950 European Convention on Human Rights. In this it is stated that every person has the right for respect towards their private life. When technology and the internet came to be, user data became relevant to the laws of privacy. In 1995 the EU passed the European Data Protection Directive which enforced vague rules offering the bare minimum of security. Only in 2011, when a user sued Google for snooping in her emails, did the EU recognize it needed more modern and nuanced regulations for data privacy and security. It was in 2016 when the GDPR was passed in parliament and in 2018 it became in effect.

In order to enforce the guidelines or the GDPR, there are significant fines dealt when you don’t follow the rules. These fines are designed to be very substantial for both small and big businesses. There are two tiers of fines; the smaller one of up to 10 million euros or 2% of the companies total annual revenue, or the more severe one of up to 20 million euros or 4% of the firms total annual revenue. The option of fining either a set amount of money or a percentage of the earnings is based on which amount is higher.

GDPR and space?

So how does all this relate back to outer space? Well, a lot of our data is constantly collected in and/or passes through space. This is done by for example, satellites, Space Cloud Computing, Space drones, etc. This means that the regulations relating to the handling of data of the EU also apply in outer space! If you want to know more about the ins and outs of the different ways your data is managed in space and other space laws, stay tuned for the next parts of this series!

Sources used