We use cookies to deliver our online services. Details of the cookies we use and instructions on how to disable them are set out in our Cookies Policy. By using this website you agree to our use of cookies. To close this message click close.

20 Years of Data Protection in Spain

César Ortiz-Úrculo

29 January 2013
Yesterday in Spain, the Government Department for Telecommunications and Information Society hosted an event to commemorate the 20th anniversary of the introduction of the first Spanish data protection law and also to recognize EU Data Protection Day.  Information about the event, titled: "20 years of data protection in Spain" is available (in Spanish) here.  The first Spanish data protection law was introduced in 1992 and remained in effect until 14, January 2000, and was titled "the Automated Processing of Personal Data Regulation Act 5/1992, of 29 October 1992."  Since 14, January 2000, the Personal Data Protection Act 15/1999, of 13 December 1999 has been in effect.
20 Years of Data Protection in Spain

At the event, the Spanish Secretary of State for Telecommunications and Information Society, Víctor Calvo-Sotelo, appeared to issue a clear warning to Internet companies with business models based on advertising and the use of cookies when he stated:  "Freedom of information should not be achieved at the expense of a loss of control or a loss of technological freedom. This is a task for the Spanish Data Protection Agency that collides directly with certain multinational companies."  In making the comments, he highlighted the Spanish Data Protection Agency's power to impose penalties.

The event took place in the midst of broader EU consideration of a proposed EU-wide regulation, including the prospect of strict amendments to the proposed regulation.  Spanish Minister of Justice, Alberto Ruiz-Gallardón drew significant press attention by stressing his commitment that any EU regulation be practical and balanced.  In the Minister's own words: "The single market is key to overcome the crisis, but there are certain elements [from the proposed EU regulation] which can be improved. The goal is to avert suffocating the activities of [small and medium size enterprises], and avoid stifling R&D."

Spain has a reputation for having one of the toughest data protection regimes in Europe.  It is yet to be seen whether any new EU regulation will actually result in more uniformity among EU jurisdictions and a softening of, or more strict approach when compared to Spain's current approach.

César Ortiz-Úrculo

Future-Proofing Privacy: New and Stronger Rights

The Regulation aims to strengthen the rights of individuals. It does so by retaining rights that already exist under the Data Protection Directive and introducing the new rights of data...

06 June 2016
Loading data