Pride month is celebrated throughout the world in June to mark the events of the Stonewall Riots (1969). The events were catalysed by the violation of privacy rights of the LGBTQ+ community in New York; galvanised forces joined to fight for greater protection within the community. However, data privacy conflicts were already amidst an evolution across the Atlantic, where the conflicts had started two decades prior.

Data privacy in Europe

Europe is a region now known to have some of the strictest data privacy regulations in the world, with GDPR specifically protecting data rights. The right to privacy enacted within Article 8, ECHR (1953) (Human Rights Act 1998 in the UK) also constitutes the backbone of fundamental rights to own your personal information.

These core constitutions protect your rights to privacy regarding personal information and, in particular, sensitive information, including:

  • Race
  • Political beliefs
  • Health data
  • Religion
  • Sexual life
  • Criminal records

In the EU, data privacy laws have now been developed to protect individuals against any personal information being freshly released into the public domain without good reason.

How did Europe come to have such strict data privacy rules?

The formation of privacy regulations came in response to the invasions of privacy individuals suffered during World War Two and the tumultuous period that followed. In 1930s Germany, the personal data recorded by census workers became a tool for persecution by the Nazi regime. Following the end of the Second World War, German citizens underwent a new wave of intrusion by police surveillance in the Eastern state.

The first ideas of a European data protection law were born in West Germany, in response to these violations. In 1977 these ideas were finally consolidated into the Federal Data Protection Act. German data privacy laws formalised these constitutional principles in 1990, and these later spread across the European Union with the 1995 Privacy Directive. In 2016, the European Union generalised the data privacy laws with the General Data Protection Regulation, starting a conversation about data privacy for the digital generation.

What about now?

The GDPR brought digital privacy to the forefront of the conversation about privacy law and sensitive data. In December 2021, Grindr (an online dating app for LGBTQ+ men) was fined $7 million after the app was found to be in violation of data protection regulations by sharing personal information with AdTech.

In EU member states, the collection of LGBTQ+ data must be in accordance with the EU’s Data Protection Directive. Additionally, Article 8(1) ECHR prohibits the processing of personal data in relation to certain special categories, including ‘health or sex life’.

Data privacy law and its regulators can be a force for continuing positive change. A study by the European Commission has made key recommendations that alongside the lawful collection of such personal data, actors such as employers and schools should collect data on homophobia and transphobic discrimination and harassment so that they may build comprehensive strategies to combat discrimination.

If you want to discuss this topic, or anything else data protection and privacy-related, please contact us at dpo@hewardmills.com.