Marxist Germany wrote:-snip-
Hereby,
- Defines the following for the purpose of this resolution:
- An "organisation" as an entity that collects data from its users,
and and is not run by the government of the nation which the individual whose data the entity collects is from; - A "minor" as a person under the age of majority not going through a transitional period into adulthood, as determined by the home member-state of the minor;
- A "guardian" as an individual legally responsible for the protection and care of a minor;
- "personal data" as data that can be used to identify an individual;
- A "user" an individual who is not a minor; who uses or has used the services of, or is a member or has been a member of, an organisation;
- Prohibits:
- Organisations from collecting or storing the personal data of any minor without the explicit consent of their guardian except when the guardian cannot be contacted and it is not in the best interests of the minor to do so, such as cases of child abuse, or unless the business is unable to verify the age of the user;
- Organisations from collecting or storing personal data of any non-minor individual without their explicit consent except for crime prevention, such as CCTV cameras, unless the individual cannot consent and the personal data is required for an emergency, or unless the data is used exclusively for journalistic purposes;
- Organisations from using personal data collected from any individual to intentionally and maliciously cause harm or severe distress to the individual the data belongs to;
- Governments of member states from viewing the personal data of a minor, or user without explicit prior consent from both the organisation in possession of the personal data and the guardian of the minor, or user to which the data belongs, unless the user has consented to their personal data being shared with authorities as necessary, as a condition to use the services of the organisation and the personal data collected was for crime prevention, or a judicial order has been issued;
I'm sorry, but I have several issues with this. Firstly, see my strikeout in line 1(a) (Yes, I know I'm not the first one to pick up on this).
Secondly, you seem to use the word 'user' in your first prohibition without regard to the meaning you have set; by definition, a 'user' is not a minor. To prevent data collection on a minor because a user's age cannot be verified (keeping in mind that a user cannot be a minor per your definition) makes little sense to me.
Thirdly, wouldn't 'non-minor individual' simply be a user? I can scarcely see a circumstance wherein a 'non-minor individual' whose data is being collected by an organisation does not fit the definition of a 'user'.
Your last prohibition also seems a tad dicey due to the exception made in the definition of 'organisation' for government-run entities, since it seems as though you are attempting to curtail a government's own ability to record its own data. In particular, for a government-run entity (which isn't an organisation), explicit consent from either the user or guardian is still required. It would be practically impossible to enforce, and hugely inconvenient.
The definitions/language used isn't quite right to achieve the aims of the proposal. I like the idea behind it, though.
I didn't find anything objectionable in the mandate section. I am against this proposal, mainly for the reasons outlined above.