Data controllers handle and protect personal data that is generated through consumer transactions to protect the privacy of consumers.
Most countries have a general right to privacy written into their national law or constitutions.
Different industries have their own data privacy laws.
Confidentiality of medical data is enforced in the United States by the Health Insurance Portability and Accountability Act. In Turkey, patient privacy is guaranteed in Articles 78 and 100 of Legal Code 5510. In Canada, medical confidentiality is protected at federal and provincial level. In Australia, it is protected under the Personally Controlled Electronic Health Records Act 2012 and the Privacy Act 1988.
Financial institutions also have implied privacy unless required to disclose transactional information to law enforcement.
UNGCP 2016 and OECD Privacy Guidelines 2013 mention recognition of right to privacy as a major element of consumer protection.
LEGO’s website, which connects children through games, has no third party cookies or connections to social media accounts, and advises users to use pseudonyms.
The same data is treated differently across industries and national borders, weakening how people perceive the right.
Challenges in identifying, defining and quantifying risks, as well as enforcing the right.
Individual services comply, but, in the aggregate, companies breach intent of privacy.