PAe - the new law on the protection of personal data and guarantee of the digital rights
accesskey _ mod _ content

The new law on the protection of personal data and guarantee of the digital rights

12 december 2018

Published in the BOE of 6 december, the organic law 3/2018 responds to the need to have one rule for the adaptation of the spanish system to the General rules of data protection and the goal of providing legal certainty.

The Organic law 3/2018, of 5 december on Personal data protection and guarantee of the digital rights (Opens in new window) seeks to adapt the spanish legal system Regulation (EU) 2016/679 of the european parliament and the council of 27 april 2016, relating to the protection of individuals with regard to the treatment of their personal data and the free movement of these data (Opens in new window) , and to complete its provisions; and ensure the digital rights of citizenship under the terms of reference set out in article 18.4 of the constitution.

This organic law consists of ninety-seven articles structured ten titles, twenty-two additional provisions, six transitional provisions, a provision repeal and sixteen final provisions, and, therefore, it is an extensive text.

From the point of the digital administration, Part X of the digital rights and freedoms of the Internet environment such as net neutrality and universal access or human security and digital education, as well as the rights to oblivion, portability and digital testament, together with the right to digital switch-off within the framework of the right to privacy in the use of digital devices in the workplace and the protection of minors on the Internet; the guarantee of freedom of expression and the right to the clarification of information in digital media.

We highlight below, in particular, two issues: firstly, the first additional provision relating to the safety measures in the area of the public sector is expected that the national security shall include measures to be implemented in case of processing of personal data; that perpetrators listed in article 77.1 applied to the treatment of personal data security measures than those provided for in the above-mentioned National security ; and that when a third party services out, charges or contract management, security measures will be in line with the public administration, and in line with the national security.

Secondly, the final disposition twelfth amending paragraphs 2 and 3 of article 28 of the Law 39/2015, of 1 october, of Common Administrative Procedure of the public authorities (Opens in new window) with nuance that paragraph 2 begins with a formulation in terms of “ individuals have the right not to provide documents that are already in the power of the officiating Administration … ”.

  • Citizen
  • Open government