GDPR Philosophy: Why Is Privacy Regulatory Compliance Necessary?

When we are born we are immediately associated with a given: the name! Immediately afterwards we are given a surname, since it affirms belonging to a family. We all learn to celebrate the date of birth and know the place where we were born or where we live with others, a place that ends up identifying a community. Over time, this same community is enriched and stands out thanks to the data that tell the relationship between its members. Data describe who we are as words describe our being, all of this over time builds our identity and personality for us and for anyone who wants to relate to us. Many seemingly common data, which variously correlated make up information, describe ourselves, who we are, what we think, what we like and what we love. Many bricks which together define our identity, our being and which give us belonging.

Every time we meet a stranger we need not only data such as skin colour, height, smells, but also those "common" data that allow us to process the information useful for identifying him, for defining his membership, … in short, to know him.

And so, brick by brick, fact after fact, correlation after correlation, we build up the set of information that makes us knowable, allows us to have relationships with others. Even if we were on a desert island, we would still need to construct this data to maintain a balance, our own identity.

The set of data is therefore a unicum with ourselves.

Their protection, their defense and respect for those of others becomes the protection of the right to be ourselves, an inalienable right and the laws of men cannot fail to protect it because it would be like ignoring who we are and our very existence in life .

Today this identity of ours is threatened on various fronts, both by those who want to know its secrets to find our weaknesses and perhaps use them or sell them to others who want to offer us, without our being aware of it, a product, an idea, a creed or other.

Today, for those who want to know who else we can be associated with, it is of great value to know our data. Whoever manages to get them can then turn to these aggregates with healthy or not healthy ideas. Technology and the ease of communicating by showing many bricks and data that belong to us leads to us being known and recognized by those who perhaps we would have had difficulty meeting, communicating with those who share a passion, an artistic activity, a sport or even a political affiliation. In doing so, every time we place a part of ourselves in the hands of others, a part that belongs to us inextricably and that others, by combining such data incorrectly, could make a use of it we do not like or worse, use it to change our identity, steal one piece at a time and limit our right to be and to exist.

The concept of confidentiality

Recently there has been a lot of talk about the GDPR or about Privacy, forgetting that in the Italian language there is a term that correctly expresses the sense of the right that these rules intend to protect: it is the Italian term "confidentiality" that is much more appropriate to describes what you want to protect.

The term "privacy" comes from American jurisprudence when towards the end of the 1800s the concept of privacy was introduced as the "right to be left alone" or the right to be left alone (or in peace) in order to limit interference in a person's private life by other people. In the Anglo-Saxon world this concept is easily rooted in popular culture and is now inherent in many professions, think eg. forensic or medical ones.

Furthermore, privacy should not be confused with the right to secrecy or to the "protection" of personal data, but if anything, the latter is a consequence of it. Perhaps the most correct formulation in terms of law was that of the late Rodotà when he noted, with foresight, that by now we had moved towards a society in which thanks to technology it was possible to know everything about everyone, therefore it was necessary to introduce basic concepts to protection of this right. Basically Rodotà did not prohibit the use of personal data but regulated their availability and use only, and only if, there had been a lawful, concrete and justified reason for processing such data and, consequently, an individual's personal information. He had correctly extended these aspects also to the so-called legal persons and the reason and why we should get there, or at least go back to protecting even these figures, is that now even in law the existence of compound entities that relate as unique and as such they can act and interact, be recognized and identified.

The classification of the degree of confidentiality of these data and of the information that can be inferred from them, in a more or less explicit way, is a subsequent and consequent fact of this statement.

Even before modern legislators, I always like to point out that there is a reality that has been working for more than 2000 years and which, in its time, addressed the problem of protecting the right of the person in its entirety. This reality is the Catholic Church which in Canon Law has inserted the "right to good reputation and privacy" ("normae in bonam famam atque intimitatem tuendam") connected with human nature as ius nativum. The canonical legislator announces this right in can. 220 of the Codex extending it to "anyone", even if not Catholic or baptized, and places it in the context of a regulation included in cann. 208-223 which outlines the relationships within an ecclesial reality seen as a communion of persons.

Already the use of the term "good reputation" and its concept introduces a list of relationships with others, for this reason the information that in any capacity and in any way can harm must be excluded and removed because this would prevent understanding and communion with each other.

They are strong concepts, different from a summary translation into English of "good reputation", much more substantial than the bovine and limited use of the term "privacy"; these concepts are the key to better understanding that what identifies us and the information concerning us is made up of data correlation. Hence the importance of the protection and correct use of data which, even if limited, can indirectly generate information about us which can be the cause of damage or be used to produce it and thus undermine our "good reputation and our confidentiality". When you hear “I don't have personal data” say, reflect on the fact that this is not possible because each of us has even “trivial” data which, however, put in relation, builds that good or bad reputation mentioned above. So once you understand that people and not numbers are handled, it is easier to understand the need to always take care of one's identity and our contacts.