What is LawBrain?
It's a living legal community making laws accessible and interactive. Click Here to get Started »

Europe Privacy Law

From lawbrain.com

European privacy law is concerned with the protection and preservation of the privacy rights of its citizens, especially the exhange of citizen data with other countries.

  • This LawBrain entry is a stub. Please help us expand it! Click the 'Edit' tab above to add to this page.



In Europe, there is a division between those countries that are members of the European Union (EU) and those that are not. European privacy and data protection laws are affected by this division. EU members must follow an overarching data protection law that specifies minimum data protection requirements and requires each member country to enact their own law that meets these minimum requirements. Non-EU members can decide individually whether or not to have privacy and data protection laws and what requirements should be in place.

EU Countries

EU privacy laws are based on the Organisation for Economic Co-Operation and Development (OECD) Guidelines on the Protection of Privacy and Transborder Flows of Personal Data.[1]  The EU Commission develops and endacts directives that EU members must follow.  Compliance is reached when these member countries develop their own laws that meet the minimum requirements stated in the directives.

Non-EU Countries

Those European countries not part of the EU also have privacy and data protection laws in place.  Unlike the EU, however, there is not an overarching law that these countries must follow.  Each is free to create their own privacy laws.  However, it is likely that most laws were based on the Organisation for Economic Co-Operation and Development (OECD) Guidelines on the Protection of Privacy and Transborder Flows of Personal Data[2] or some set of fair information practice principles.


  • Law on the Protection of Personal Data (1999)[3]

This law is to guarantee protection and legitimate use of personal data, and their treatment by public authorities.

  • Law on the Right to Information Over the Official Documents[4]

This law is to guarantee the right to information on official documents.


  • Qualified Law 15/2003 of personal data protection (2003)

Oversight: Agència Andorrana de Protecció de Dades (APDA)[5]


  • Law on the Information, Informatization, and Protection of Information (1998)[6]

This law is to regulate relations arising at formation of information resources based on creation, collection, processing, accumulation, keeping, search, dissemination of information, at establishment and use of information systems, technology and means for their ensurance and at protection of information. The law also establishes rights of subjects involved in information processes.


  • Opinion concerning Data Protection Aspects of the Concept of the Draft Law on Population Register of the Republic of Belarus[7]

Oversight: Ministry of Communications and Informatization[8]

Bosnia and Herzegovina

  • Law on the Protection of Personal Data (2001)[9]

This law is to secure for every individual his right to privacy, especially with regard to the processing of personal data relating to him.

  • Freedom of Access to Information Act for the Republica Srpska (2001)[10]

This law is to establish that every person has a right to access, amend and comment on his personal information that is by public authorities

  • Freedom of Access to Information Act (2000)[11]

This law is to establish that every person has a right to access, amend and comment on his personal information that is by public authorities


  • Constitution, Article 71[13]
Everyone shall enjoy freedom from interference with privacy, home, and family life.
Bodily or personal search or a search of a person's premises or possessions may only be conducted in accordance with a judicial decision or a statutory law provision. This shall also apply to the examination of documents and mail, communications by telephone and other means, and to any other comparable interference with a person's right to privacy.
Notwithstanding the provisions of the first paragraph above, freedom from interference with privacy, home and family life may be otherwise limited by statutory provisions if this is urgently necessary for the protection of the rights of others.
  • Information Act (1996)[14]

This law requires governmental authorities to grant the public access to available material on specific matters when requested.

  • Data Protection Act (2000)[15]

This law is to promote the practice of personal data processing in accordance with fundamental principles and rules regarding data protection and privacy, and to ensure the reliability and integrity of such data and their free flow within the internal market of the European Economic Area.

  • National Archives Act (1985)[16]

This act allows the National Archives of Iceland to acquire and preserve records of the public offices and institutions.

Oversight: Icelandic Data Protection Authority[17]


  • Data Protection Act (2002)[18]

This law is in regards to the protection of individuals with regard to the processing of personal data and the free movement of such data.

Oversight: Data Protection Commission[19]


  • Law on Access to Information (2000)[20]

This law is in regards to the collection and access to private information (personal data) and its protection.

  • Law on State Secrets (1994)[21]

This law stipulates the way of distributing, applying, revealing and protecting the information that represents state secret for the sake of state security.

Oversight: National Center for Personal Data Protection[22]


  • Act 1.165 on Data Protection (1993)

Oversight: Data Protection Authority[23]


  • Law on Personal Data Protection (2008)


  • Constitution, Article 102[25]
  • Personal Data Act (2000)[26]
  • Security Act (1998)[27]
  • Act relating to Public Access to Documents in the Public Administration (1970)[28]

Oversight: The Data Inspectorate;[29]  Consumer Ombudsman[30]


  • Constitution, Articles 23 & 24[32]
23.  (1). Everyone shall have the right to the inviolability of private life, personal and family secrets, the protection of honour and good name. (2). Everyone shall have the right to privacy of correspondence, of telephone conversations, postal, telegraph and other messages. Limitations of this right shall be allowed only by court decision.
24.  (1). The collection, keeping, use and dissemination of information about the private life of a person shall not be allowed without his or her consent. (2). The bodies of state authority and local self-government, their officials shall ensure for everyone the possibility of acquainting with the documents and materials directly affecting his or her rights and freedoms, unless otherwise provided for by law.
  • Federal Law  N 152-FZ on Personal Data (2006)[33]

This law regulates the processing of personal data by federal, state, and municipal authorities, legal entities and individuals.

  • Federal Law on Information, Informatization, and the Protection of Information No. 24-FZ (1995)[34]

This law regulates the process of creation, collection, accumulation, storage, search, and dissemination and presentation of an individual's documented information.

Oversight: Roscomnadzor (Data Protection Authority)[35]

San Marino[36]

  • Regulating the Computerized Collection of Personal Data, Law No. 70 (1995)


  • Constitution[37]
  • Law on Personal Data Protection (2009)[38]
  • Law on Free Access to Information of Public Importance[39]

Oversight: Commissioner for Information of Public Importance and Personal Data Protection[40]


  • Constitution, Article 13
  • Federal Act on Data Protection (FADP)(1992)[42]
  • Ordinance of Federal Act on Data Protection (OFADP)(1993)[43]
  • Federal Act on the Principle of Freedom of Information in Public Administration (Freedom of Information Act)(FIA)[44]
  • Ordinance on the Principle of Freedom of Information in Public Administration (Freedom of Information Ordinance)(FIO)[45]
  • Biometric Data[46]
  • Access to SWIFT Transaction Data[47]
  • Data protection issues relating to the use of radio frequency identification (RFID)technology[48]
  • e-Commerce and data protection[49]

Oversight: The Federal Data Protection and Information Commissioner (FDPIC)[50]

Cross-Border Data Flow:

U.S. - Switzerland Safe Harbor Framework[51]

The Department of Commerce and the Federal Data Protection and Information Commission of Switzerland established a data protection framework in order for Switzerland to transfer data to the U.S.  Self-certification with regard to the U.S.-Swiss Safe Harbor Framework is identical to those steps taken in the U.S.-EU Safe Harbor Framework.


  • Constitution, Articles 30, 31 & 32[53]
  • Law on the Protection of Personal Data (2010)
  • Law on Information (1992)[54]
  • Law on State Secrets (1994)[55]
  • Law of Ukraine № 1280-IV On Telecommunications (2003)[56]

Oversight: National Regulatory Commission for Communications[57]


  1. http://www.oecd.org/document/18/0,3343,en_2649_34255_1815186_1_1_1_1,00.html
  2. http://www.oecd.org/document/18/0,3343,en_2649_34255_1815186_1_1_1_1,00.html
  3. http://www.legislationline.org/documents/action/popup/id/6493
  4. http://www.legislationline.org/documents/action/popup/id/6492
  5. https://www.apda.ad/
  6. http://www.legislationline.org/documents/action/popup/id/6959
  7. http://www.legislationline.org/download/action/download/id/770/file/77393382eccaeee941c2b036b355.pdf
  8. http://www.mpt.gov.by/new/en/modules/about/
  9. http://www.legislationline.org/documents/action/popup/id/8511
  10. http://www.legislationline.org/documents/action/popup/id/8512
  11. http://www.legislationline.org/documents/action/popup/id/6402
  12. http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-559530
  13. http://government.is/media/Skjol/constitution_of_iceland.doc
  14. http://eng.forsaetisraduneyti.is/acts-of-law//nr/15
  15. http://www.legislationline.org/documents/action/popup/id/6443
  16. http://www.legislationline.org/documents/action/popup/id/6442
  17. http://www.personuvernd.is/information-in-english/
  18. http://www.legislationline.org/download/action/download/id/1237/file/8c13233ee6a07086be814b6be695.pdf
  19. http://www.llv.li/home.htm
  20. http://www.legislationline.org/documents/action/popup/id/6394
  21. http://www.legislationline.org/documents/action/popup/id/5341
  22. http://www.datepersonale.md/en/start/
  23. http://www.ccin.mc/
  24. http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-559510
  25. http://www.constitution.org/cons/norway/dok-bn.html
  26. http://www.legislationline.org/download/action/download/id/1102/file/2e3d6bb37cf550acba8549d9759d.pdf
  27. http://www.legislationline.org/documents/action/popup/id/5473
  28. http://www.legislationline.org/documents/action/popup/id/6949
  29. http://www.datatilsynet.no/templates/Page____194.aspx
  30. http://www.forbrukerombudet.no/index.gan?id=490&subid=0
  31. http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-559497
  32. http://www.constitution.ru/en/10003000-01.htm
  33. http://www.mofo.com/docs/mofoprivacy/Federal%20Law%20of%2027%20July%202006%20N152-FZ%20on%20Personal%20Data%20%20%28English%29.pdf
  34. http://www.mofo.com/docs/mofoprivacy/Russia%201995%20law.doc
  35. http://pd.rsoc.ru/
  36. http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-559496
  37. http://www.parlament.gov.rs/content/eng/akta/ustav/ustav_1.asp
  38. http://www.mpravde.gov.rs/images/Data%20Protection%20Law-FINAL.pdf
  39. http://www.legislationline.org/download/action/download/id/1324/file/21e6e5e21807f38641dbcf250f0f.pdf
  40. http://www.poverenik.org.rs/index.php/en/2008-11-23-18-01-57
  41. http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-559486
  42. http://www.admin.ch/ch/e/rs/c235_1.html
  43. http://www.admin.ch/ch/e/rs/c235_11.html
  44. http://www.edoeb.admin.ch/org/00828/index.html?lang=en&download=M3wBPgDB/8ull6Du36WenojQ1NTTjaXZnqWfVp3Uhmfhnapmmc7Zi6rZnqCkkIN1f3d+bKbXrZ6lhuDZz8mMps2gpKfo
  45. http://www.edoeb.admin.ch/org/00828/index.html?lang=en&download=M3wBPgDB/8ull6Du36WenojQ1NTTjaXZnqWfVp3Uhmfhnapmmc7Zi6rZnqCkkIN1f3eAbKbXrZ6lhuDZz8mMps2gpKfo
  46. http://www.edoeb.admin.ch/themen/00794/00798/index.html?lang=en
  47. http://www.edoeb.admin.ch/themen/00794/01066/index.html?lang=en
  48. http://www.edoeb.admin.ch/themen/00794/00795/index.html?lang=en
  49. http://www.edoeb.admin.ch/themen/00794/00819/01069/index.html?lang=en
  50. http://www.edoeb.admin.ch/index.html?lang=en
  51. http://www.export.gov/safeharbor/swiss/eg_main_018498.asp
  52. http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-559481
  53. http://alpha.rada.kiev.ua/const/conengl.htm
  54. http://www.legislationline.org/documents/action/popup/id/6420
  55. http://www.legislationline.org/documents/action/popup/id/6953
  56. http://zakon.rada.gov.ua/cgi-bin/laws/anot.cgi?nreg=1280-15
  57. http://www.nkrz.gov.ua/uk/

Related Blogs on FindLaw

Failed to load RSS feed from http://search.yahooapis.com/WebSearchService/rss/webSearch.xml?appid=yahoosearchwebrss&query=european+privacy%20site:blogs.findlaw.com!

                                                                            Web Services by Yahoo!

External Links

See Also


FindLaw Michelle, FindLaw Nira