The responsibility of the user in the publications he makes in social networks is a subject regulated by the Organic Law on Protection of Personal Data, also known as LOPD.
For this reason, Every time you want to publish a personal data, on a social platform, you must not violate the obligations established by current regulations. If you want to know how this right works, you will have to continue reading this article.
You will also find information about what type of posted message is considered personal data and what are the duties and responsibilities that fall on a person. Check out.
How does the right to data protection work on social networks?
Social networks are web portals that have become a widely used computer tool around the world. This is due to the ease it offers people to communicate with each other and share their ideas, social life, and of course, their personal data. For this reason, This group of information that belongs to the last element mentioned is available to any user who browses the Internet.
From this a great complication arises and it is to establish the rights and obligations that people have to protect their own data and that of third parties in the RRSS. In order to establish a legal framework, the constitution of our country was taken as a reference. But this is not all, although the 1978 constitution in its article 18 establishes parameters of defense to the honor and privacy of people, it is the Organic Law on Protection of Personal Data (LOPD-GDD).
The one established by current regulations to regulate publication activity on social platforms. The LOPD is governed and monitored by Spanish Agency for Data Protection. The question that would follow this is How does data protection work in non-Spanish territory? The answer is given in Article 2 of the LOPD. This article establishes that if the person responsible for the publication must comply with or be judged by Spanish law, that law must be applied.
Otherwise, European regulations will be assigned under the tutelage of the Court of Justice of the EU that he is declared as a member of the application of the Organic Law. But What are these laws really concerned with regulating? The answer would be that they intervene in the management of data provided by social networks and that are used by bodies authorized by law, but that they should not infringe on people’s privacy, especially the minors.
What type of published information is considered personal data?
The first thing to classify is what is personal data. According to the Regulations of the LOPD-GDD all information that can be used to know the identity of a person, when ever it is physical and that is live.
From this it follows that the companies and organizations are not part of the personal data, unless these entities are the same person as your legal representative. You must bear in mind that if personal data is divided to generate anonymity, it is not considered as personal data. But you must bear in mind, although it is a topic for another article, that by means of artificial intelligence it is possible to reconstruct those atomized parts to recreate the identity of the person.
A wide variety of personal data can be found. Among them, whenever it is possible to provide the identity of the person, are:
- General data, This group includes names, ages, dates of birth, addresses, emails, and private phone numbers.
- Numerical information, its name says it all are those data in which passport numbers and CIF, among others, are provided.
- Financial records, It is possible to find in this group information related to bank accounts, credit card numbers, credit information and amounts available in financial placements.
- Virtual information, perhaps this is the easiest to obtain and work to identify a person. It is about the IP address, the geographical location through GPS and the data obtained through the installed cookies.
- Asset valuation, It is also possible to handle private data related to the level of acquisition that a person has. Property, cars and own companies enter this group.
- Academic data, University degrees, job references and certifications obtained can be included in this group.
- Personal information in general, Sex, hair color and hair type are important elements that can be considered as personal data if used on social networks.
- Any other element should also be included that allow to identify, directly or not, a person.
What are the duties of users on social platforms?
In order not to be subject to sanction, in accordance with current regulations, each time it is required to use personal data of third parties on social platforms The consent of the owner or person responsible for them must be requested (in the case of children under 14 years of age). With this special permission, previously authorized, it will only be possible to publish and use personal data.
But this is not all, the law also obliges companies and different organizations that handle private data to protect them, taking into account the following principles:
- In order to use and save the data of any person you need the express consent, as it happens with minors.
- Its use should be limited, This means that private data cannot be handled for any type of activity, but the information must be collected to work with specific objectives.
- When the data are not necessary because they have already fulfilled their function, these must be eliminated and not keep them in custody.
- All entities that are dedicated to storing information must have supporting documentation and accounts a day. This is done so that the interested party or the controlling body can request a report and have it delivered immediately.
- By last, confidentiality is an important parameter that must be met by organizations that handle private data. This means that they cannot share people’s information with any third party that is not authorized by law.
What responsibilities can fall on the user in case of incurring in the violation of the rights of another?
In the event that the owner or those responsible for handling private data have turned to the owner of the publication or of the social network and have not obtained a favorable response, they will have to contact the Spanish Agency for Data Protection. This is necessary so that, through your faculties, apply an economic sanction and corrective measures.
It should be noted that the fine can be between 40 thousand to 300 thousand Euros, depending on the degree of occurrence of the offense. On the other hand, if the companies are the ones that violate the law, the fine will be applied according to the type of sanction, and which can be mild, serious or very serious. The amount of the fine will be 900 to 40 thousand Euros, until 300 thousand Euros or up to a maximum limit of 600 thousand Eurosrespectively for each level of infringement.