Posted: Mon Oct 28, 2019 4:10 pm
“I meant the second ‘or’, that refers to cases in which it is allowable to not contact a minor’s guardian. Apologies for the ambiguity.”
Because sometimes even national leaders just want to hang out
https://forum.nationstates.net/
'Nevertheless, if national legislation provides a judge can authorize the access to collected data in the scope of an investigation, as long as the collected data is related to the suspected crime and no other right or freedom of the investigated are affected, the above clause 2.d is not applicable'.
'Organisations from retaining personal data, when the user has asked to transfer them to another organisation, for the purpose of obstructing the user's freedom to chose whom contract';
'Organisations to take the reasonable measures to ensure data transfer under user's request is performed within 24 hours, or in a longer term under justified causes'
The Macaronesia wrote:Representative,
first of all, let me congratulate your redaction team for this brilliant proposal. I am sure, in representation of my Nation, that if this proposal becomes a resolution it will improve dramatically customer protection.
- At the last draft I cannot see a clause on judicial investigation for accessing collected data. I mean, the Prohibits #d affects to Governments, which can only access data under consent of the user. But some cases, specially when digital crimes has been commited, where digital footprints can only be founded at ISP's servers. If we take the draft literally, the judge must ask the user to access his digital footprints and, if the user denies it -which is expectable in presence of a crime-, the judge cannot access the data without disobeying this resolution.
Sometimes, celerity in transferring data from one organization to another is necessary to permit the user to switch from one products or services provider to another, and for this reason some providers may delay the transfer of personal data, even under user's order, to difficult the switch and retain the user against his will.
In my opinion, this condition is absolutely necessary to ensure another scope of customers protection, which is freedom of choosing and leaving providers.
So, if you think this amendment can improve your draft, I would suggest two changes:
A new prohibit:'Organisations from retaining personal data, when the user has asked to transfer them to another organisation, for the purpose of obstructing the user's freedom to chose whom contract';
And a new Mandate:'Organisations to take the reasonable measures to ensure data transfer under user's request is performed within 24 hours, or in a longer term under justified causes'
Marxist Germany wrote:[*]Prohibits:
- Organisations from collecting or storing the personal data of any minor without the explicit consent of their guardian except when the guardian cannot be contacted and it is not in the best interests of the minor to do so, as determined by national governments, and the business is unable to verify the age of the user;
- Organisations from collecting or storing personal data from any individual without their explicit consent except for crime prevention, such as CCTV cameras, unless the individual cannot consent and the personal data is required for an emergency, or unless the data is used exclusively for journalistic purposes;
- Organisations from using personal data collected from any individual to intentionally and maliciously cause harm or severe distress to the individual the data belongs to;
- Governments of member states from viewing the personal data of a user without explicit prior consent from both the organisation in possession of the personal data and the user to which the data belongs, unless the user has consented to their personal data being shared with authorities as necessary, as a condition to use the services of the organisation, or a valid warrant has been issued and the personal data was collected for crime prevention;
whom contract;
Desmosthenes and Burke wrote:Marxist Germany wrote:[*]Prohibits:
- Organisations from collecting or storing the personal data of any minor without the explicit consent of their guardian except when the guardian cannot be contacted and it is not in the best interests of the minor to do so, as determined by national governments, and the business is unable to verify the age of the user;
- Organisations from collecting or storing personal data from any individual without their explicit consent except for crime prevention, such as CCTV cameras, unless the individual cannot consent and the personal data is required for an emergency, or unless the data is used exclusively for journalistic purposes;
- Organisations from using personal data collected from any individual to intentionally and maliciously cause harm or severe distress to the individual the data belongs to;
- Governments of member states from viewing the personal data of a user without explicit prior consent from both the organisation in possession of the personal data and the user to which the data belongs, unless the user has consented to their personal data being shared with authorities as necessary, as a condition to use the services of the organisation, or a valid warrant has been issued and the personal data was collected for crime prevention;
whom contract;
Ambassador, we have a few questions in regards to the bolded sections above:
1. Could "valid warrant" be replaced with the phrase "judicial order" or something substantially similar? A warrant is an item that is particular solely to the common law, while those of us who practice according to the civil law tradition have orders issued by "instructing" (investigating) judges and/or have search powers as part of the official judicial act of commencing an investigation into a person. It would also cover administrative state proceedings in front of tribunals where, even at common law, the judge cannot actually issue a warrant. Also, we believe, even at common law, you subpeona a third party for information, not serve it with a search warrant.
2. In regards to the second bolded portion, after a warrant or other official court order has been issued, why is it relevant what the information was originally collected for? One's employer does not (usually?) collect addresses or financial details for the purposes of crime prevention, but the tax bureau may nevertheless try to get that information anyway, and it seems...counter-productive to refuse if the judicial system has agreed.
Kenmoria wrote:“I think clause 3f needs some changing. A user might deem it incorrect that they have been convicted of fraud, even when this is in fact true. I suggest ‘Organisations allow users to edit data stored on them by the organisation if the data stored is incorrect’.”
Marxist Germany wrote:As the saying goes, third time is a charm!Data Protection Accord
Category: Regulation | Area of Effect: Customer Protection | Proposed by:Germany
The World Assembly,
Lauding the previous efforts of this assembly to protect privacy rights through previous legislation such as GA #213 Privacy Protection Act,
Recognising every individual's right to reasonable privacy,
Believing that collecting non-essential data without consent is a violation of the right to privacy,
Noting that most minors are not fully capable of comprehending the risks associated with decisions made on matters of privacy,
Seeking to introduce more restrictions regarding the ability of non-governmental organisations to collect data from their customers without consent,
Hereby,
- Defines the following for the purpose of this resolution:
- An "organisation" as an entity that collects data from its members or users, and isn't primarily run by a government;
- A "minor" as a person under the age of majority not going through a transitional period into adulthood;
- A "guardian" as an individual legally responsible for the protection and care of a minor;
- "personal data" as data that can be used to identify an individual;
- A "user" as an adult, or a child going through a transitional period into adulthood, as determined by national governments; who uses or has used the services of, or is a member or has been a member of, an organisation;
- Prohibits:
- Organisations from collecting or storing the personal data of any minor without the explicit consent of their guardian except when the guardian cannot be contacted and it is not in the best interests of the minor to do so, as determined by national governments, and the business is unable to verify the age of the user;
- Organisations from collecting or storing personal data from any individual without their explicit consent except for crime prevention, such as CCTV cameras, unless the individual cannot consent and the personal data is required for an emergency, or unless the data is used exclusively for journalistic purposes;
- Organisations from using personal data collected from any individual to intentionally and maliciously cause harm or severe distress to the individual the data belongs to;
- Organisations from storing received personal data from other organisations without the prior explicit consent of the user the data belongs to;
- Organisations from sharing the personal data of a user without their prior explicit consent;
- Organisations from retaining personal data, when the user has asked to transfer them to another organisation, for the purpose of obstructing the user's freedom of contractual choice;
- Governments of member states from viewing the personal data of a user without explicit prior consent from both the organisation in possession of the personal data and the user to which the data belongs, unless the user has consented to their personal data being shared with authorities as necessary, as a condition to use the services of the organisation and the personal data collected was for crime prevention, or a judicial order has been issued;
- Mandates that:
- Organisations provide fully detailed information on how they will use or share a user's personal data to the user explicitly when they interact with the organisation for this first time and when a major change to the data collection or usage policy has been made;
- Organisations enable individuals to view the personal data that the organisation holds on them unless the release of the personal data would compromise the privacy or well-being of others;
- Personal data processed or stored be removed from the database of the organisation if the data is no longer relevant to the services used by the user, or if the user ceases to use the services of or ceases to be a member of, the organisation; unless the user, consents to that explicitly and clearly, or unless there is a clear and compelling safety or disciplinary reason to do otherwise such as loans, transactions, or disciplinary records;
- Organisations allow individuals to request the removal of their personal data, and act upon these requests, unless it falls under an exception mentioned in clause 3c above;
- Organisations remove personal data of a user if the organisation is informed of the user's death, subject to exceptions in clause 3c;
- Organisations allow users to edit data stored on them by the organisation if the data stored is incorrect;
- Organisations take reasonable measures to ensure the personal data being stored by the organisation is not accessed by unauthorised persons;
- Organisations take reasonable measures to ensure the transfer of personal data under a user's request is performed in a reasonable time frame, subject to national legislation;
- Declares that an organisation can prohibit a person from using the services of or joining the organisation if the individual does not consent to the personal data collection policy of the organisation, or if the user provides falsified personal data.
Co-authored by Kenmoria
Marxist Germany wrote:Believing that collecting non-essential data without consent is a violation of the right to privacy,
Araraukar wrote:Marxist Germany wrote:Believing that collecting non-essential data without consent is a violation of the right to privacy,
OOC: Shouldn't this read "essential data" instead? I mean, my favourite food is non-essential data for most businesses' purposes, so it would be one and same if my bank had maksalaatikko in a file for me. But my favourite pizza would be quite a bit more essential to my nearest pizzeria, and I might object to them filing that info away without asking me. Same, my insurance company likely wouldn't get anything out of knowing my favourite author, but if I had some Madventures style hobby, it might be essential to them as they might raise the price I pay for my accidents insurance.
The JELLEAIN Republic wrote:What is the jatificarion for 2 be, couldn’t a better way of saying g so thing like that is they can do so on their property for a reasonable expectation of privacy or so thing like that .. ?
Separatist Peoples wrote:The JELLEAIN Republic wrote:What is the jatificarion for 2 be, couldn’t a better way of saying g so thing like that is they can do so on their property for a reasonable expectation of privacy or so thing like that .. ?
You can put all four of those posts into one post. You should do so moving forward. If you post multiple times in a row, you could be spamming.