Difference between Privacy & Data Protection

Privacy is something I’ve always intuitively gravitated towards. Perhaps without fully understanding it. As I’ve begun to study the subject more deeply, I’ve also wondered whether that inclination towards privacy is somehow an outgrowth of being an introvert. Of being possessive towards and guarded about my inner world, which to me is full of riches.

In the outer world, societal ideas around Privacy are complex, to say the least. The United States has kind of a hodge-podge of laws around ‘privacy’ at varying levels and sectors, but seems to have no coherent conception of what it all means, or how it fits together. In short, it seems like an extrovert’s idea of “privacy,” which I think is typified in the common American reaction to the extreme levels of surveillance the country is subject to, namely: That if I have nothing to hide, why should it matter if anyone is looking?

I’m not going to bother trying to argue against that with the introvert’s logical inversion: why does anyone need to look, in the first place, if I’m not doing anything wrong? I know the extroverts won’t listen.

Each conception places the burden in a different location. Of who is responsible for what, and what is expected, and what is to be considered wrong-doing.

Europe’s General Data Protection Regulation seems to me to be an introverted expression of clear fundamental principles and rigorous practices associated with protecting one’s Right to Privacy. The US Constitution doesn’t explicitly enshrine that right. The EU Charter does.

Tbh, I’m completely confused about all the overlapping EU documents and charters and what have you, so I’ll link to this one specifically as reference:

2012/C 326/02

It’s kind of breath-taking as a document in its simplicity and directness.

Anyway, here are Articles 7 & 8:

Article 7
Respect for private and family life
Everyone has the right to respect for his or her private and family life, home and communications.
Article 8
Protection of personal data
1. Everyone has the right to the protection of personal data concerning him or her.
2. Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified.
3. Compliance with these rules shall be subject to control by an independent authority.

So we could go on and on analyzing “what this means,” but it’s the best explanation I’ve found so far as to what the difference between privacy and data protection actually is.

In simpler terms:

Privacy is socially-agreed-on respect for private & family life, home and correspondence. Data protection is a system of data processing practices of personally identifiable or identifying data for the protection of privacy.

Easy, right?