Your rights matter- Data protection and privacy - Fundamental Rights Survey
advertisement
FUNDAMENTAL RIGHTS SURVEY YOUR RIGHTS MATTER: DATA PROTECTION AND PRIVACY ― This publication was originally published in 2020 as part of the FRA Fundamental Rights Report 2020 (Annual report), available at: https://fra.europa.eu/en/publication/2020/fundamental-rights-report-2020 © European Union Agency for Fundamental Rights, 2020 Reproduction is authorised provided the source is acknowledged. For any use or reproduction of photos or other material that is not under the European Union Agency for Fundamental Rights copyright, permission must be sought directly from the copyright holders. Neither the European Union Agency for Fundamental Rights nor any person acting on behalf of the Agency is responsible for the use that might be made of the following information. Luxembourg: Publications Office of the European Union, 2020 Print ISBN 978-92-9474-970-3 doi:10.2811/031862 TK-02-20-383-EN-C PDF ISBN 978-92-9474-969-7 doi:10.2811/292617 TK-02-20-383-EN-N Photos credits: Cover page, page 4, page 14: © iStock/metamorworks Page 1: © iStock/tadamichi Page 3: © iStock/Jirsak Page 6: © iStock/scanrail Page 9: © iStock/marchmeena29 Page 11: © iStock/akinbostanci II About the survey The Fundamental Rights Survey provides, for the first time, a comprehensive set of comparable data on people’s experiences and opinions concerning their fundamental rights. The survey focuses on everyday situations in areas including data protection, equal treatment, access to justice, consumer rights, crime victimisation, good administration and the importance of protecting rights. This document only covers selected results related to data protection and technology. FRA will publish results on other areas in other reports and products. This document presents data from the FRA Fundamental Rights Survey. It includes data on opinions and experiences of people in the European Union (EU) linked to data protection and technology. The European Commission requested the European Union Agency for Fundamental Rights (FRA) to prepare this document for their report on the application of the General Data Protection Regulation (GDPR, see Article 97 of the GDPR). This document focuses on two main aspects: the way and willingness of people to share data about themselves, and their awareness about the EU data protection legal framework. Each section includes a short overview of relevant GDPR provisions, followed by the survey results. This document should be cited as European Union Agency for Fundamental Rights (FRA) (2020), Your rights matter: Data protection and privacy, Fundamental Rights Survey. The Fundamental Rights Survey interviewed just under 35,000 people aged 16 years and older in all EU Member States, North Macedonia and the United Kingdom. The survey design involves a combination of faceto-face and online data collection, as appropriate in each country, to reach a representative sample of the total population. Fieldwork took place from January 2019 to October 2019. Data collection was carried out by Ipsos MORI on behalf of FRA, and in cooperation with Statistics Netherlands (CBS) in the Netherlands, the Centre des Technologies de l’Information de l’Etat (CTIE) in Luxembourg and Statistics Austria in Austria. Table 1 in the Annex provides an overview of the methodology used in each country. 1 Contents SHARING DATA ONLINE........................................................................................................................................ 3 WHAT DOES THE GDPR SAY?................................................................................................................................... 3 WILLINGNESS TO SHARE DATA ONLINE AND ACTUAL PRACTICES.................................................................... 3 DEGREE OF CONCERN................................................................................................................................................ 5 PRACTICES AND EXPERIENCES WITH SHARING PERSONAL DATA ONLINE.......................................................... 6 WHAT DOES THE GDPR SAY?................................................................................................................................... 6 AWARENESS OF PRIVACY AND LOCATION SETTINGS ON SMARTPHONES....................................................... 6 CONSENT TO DATA PROCESSING............................................................................................................................. 9 AWARENESS OF THE GDPR, DATA PROTECTION LAWS AND AUTHORITIES.......................................................... 11 WHAT DOES THE GDPR SAY?................................................................................................................................... 11 AWARENESS OF THE GDPR ..................................................................................................................................... 12 AWARENESS OF THE RIGHT TO ACCESS PERSONAL DATA.................................................................................. 12 AWARENESS OF DATA PROTECTION AUTHORITIES.............................................................................................. 14 ANNEX .................................................................................................................................................................15 2 SHARING DATA ONLINE This section includes data on people’s willingness to share different types of personal data with public authorities and private companies. It also covers people’s concerns about possible misuse of their data. WHAT DOES THE GDPR SAY? Lawfulness - Public administration and private companies must rely on legal grounds to collect personal data. The GDPR provides for six possible legal grounds for processing personal data. One of these legal grounds is consent. Individuals must indicate their willingness to share their personal data (Article 6 of the GDPR). Where special categories of data are processed – such as political views, religious beliefs, sexual orientation or biometric data for the purpose of uniquely identifying a natural person – additional conditions apply for the processing of such data (Article 9 of the GDPR). WILLINGNESS TO SHARE DATA ONLINE AND ACTUAL PRACTICES The Fundamental Rights Survey asked respondents about their willingness to share personal data with public administration and with private companies. The data covered in the survey include the respondent’s home address, citizenship, date of birth, sexual orientation, religion or belief, political views, fingerprints and facial images. Question: “Which of the following types of personal information would you be willing to provide to use a service offered by a (1) private company or (2) public administration?” Multiple responses allowed: 1 Your home address, 2 Your citizenship, 3 Your date of birth, 4 Whether you’re straight, gay, lesbian or bisexual, 5 Your religion or belief, 6 Your political views, 7 A scan of your fingerprints for identity purposes, 8 Your facial image for identity purposes, 9 I would not be willing to provide any of the above. Results: In the EU-27, more than one in five respondents (23 %) do not want to share any of these data with public administration, and 41 % do not want to share these data with private companies. More than half of respondents would be willing to share basic personal data with public administration, including their home address (63 %), date of birth (62 %) and citizenship (58 %). This is considerably lower for private companies, where only slightly more than one third would be willing to share such data (date of birth 38 %, citizenship 37 % and home address 36 %). People are much less willing to share other data. People are least willing to share their political views (7 %) with public administration. Only about 3 one in 20 is willing to share their facial images (6 % - see Figure 1), political views (5 %) or fingerprint scan (4 %) with private companies. The results vary strongly across countries. Figure 1 shows the percentages of people willing to share their facial images across the EU-27 countries, the United Kingdom and North Macedonia. FIGURE 1: WILLINGNESS TO SHARE FACIAL IMAGES FOR IDENTITY WITH PUBLIC AUTHORITIES AND PRIVATE COMPANIES, BY COUNTRY 100 90 80 70 65 60 50 50 41 40 30 20 17 6 EU-27 _2019 33 33 30 30 27 33 10 0 36 3 12 13 10 9 3 CY MT BE DK FR EL FI 7 10 24 7 24 24 22 22 21 20 19 6 6 9 5 LU SK HU NL LV EE SI Public administrations 7 8 8 19 6 16 4 15 14 7 Private companies Source: FRA, Fundamental Rights Survey 2019 [Data collection in cooperation with CBS (NL), CTIE (LU) and Statistics Austria (AT)] The percentage of people willing to share different types of personal data indicates how comfortable people generally are when sharing their data. Even though some people are not willing to share some of their personal data, they might still do so for various reasons. 90 80 70 60 50 4 40 30 6 5 12 10 3 2 PT IE HR AT CZ ES BG SE LT IT Notes: Question: Which of the following types of personal information would you be willing to provide to use a service offered by a (1) private company or (2) public administration? Your facial image; N = 26,045. 100 13 15 9 9 4 3 13 9 6 DE PL RO 6 9 UK MK DEGREE OF CONCERN The Fundamental Rights Survey asked respondents, who use the internet, how concerned they are about third parties accessing personal information shared online. Question: How concerned are you, if at all, that some of the information you share on the internet – including social media – might be accessed by any of the following without your knowledge or permission? (1) Your employers or any potential employers, (2) advertisers, (3) government, (4) law enforcement agencies, (5) criminals or fraudsters, (6) your country’s secret services / intelligence services, and (7) foreign governments. Respondents could indicate their degree of concern on a scale from 1 to 7, where 1 meant ‘Not at all concerned’ and 7 ‘Very concerned’. Results: In the EU-27, most people who use the internet are concerned that criminals or fraudsters might access the personal information they share on the internet without their knowledge (55 %). 30 % are either not strongly concerned or not concerned at all. 14 % are not concerned about criminals accessing their data. People also tend to be concerned about access to information without knowledge or permission by advertisers and businesses (31 %), foreign governments (30 %) and their country’s intelligence services (26 %). Fewer people are concerned by law enforcement agencies (17 %) or employers (17 %) using their data (Figure 2). FIGURE 2: DEGREE OF CONCERN ABOUT THIRD PARTIES ACCESSING PERSONAL INFORMATION SHARED ONLINE, EU-27 55 30 14 Criminals/ fraudsters 31 42 26 Advertisers/ businesses Foreign goverments 35 Your countries secret services/ Intelligence services 37 Government 39 30 33 26 36 20 41 Law enforcement agencies 45 36 17 Your employer/Any potential 46 36 17 0 10 20 Not concerned 30 40 Neither/nor 50 60 Concerned 70 80 90 100 Refused/don't know Notes: Only respondents who use the internet; measured on a seven point scale: “Not concerned” includes respondents selecting the values 1 or 2, “Neither/nor” includes the values 3, 4 and 5 and “Concerned” the values 6 and 7; N = 19,612 Source: FRA, Fundamental Rights Survey 2019 [Data collection in cooperation with CBS (NL), CTIE (LU) and Statistics Austria (AT)] 5 PRACTICES AND EXPERIENCES WITH SHARING PERSONAL DATA ONLINE The Fundamental Rights Survey asked respondents about their awareness of privacy online and how they manage it. The survey asked respondents who own a smartphone with internet access about their awareness of its privacy and location settings, if they read and understand the terms and conditions of online services, and whether they find it easy or hard to consent to terms and conditions when using online services. WHAT DOES THE GDPR SAY? Transparency – awareness of what is being done with personal data enables individuals to exercise their rights. Information about the intended processing should therefore be provided in a “concise, transparent, intelligible and easily accessible form” (Article 12 of the GDPR). Right to be informed – not only the purposes and the legal basis for the processing should be communicated to individuals, but also a large range of information allowing them to fully understand the processing at stake and implement their rights. This includes being told about: the identity and contacts of the entity collecting their data; how long their data will be kept; the recipients or categories of recipients of the personal data; and whether the personal data will be transferred to a non-EU country or international organisation (Articles 13 and 14 of the GDPR). Consent - Consent must be freely given, specific, informed and provide an unambiguous indication of an individual’s wishes signifying agreement to the processing of their personal data. Individuals have the right to change their mind and withdraw their consent, at any time. The GDPR clarifies that the request for consent shall be presented in “an intelligible and easily accessible form, using clear and plain language” (Article 7 of the GDPR). Data protection by design and by default: technical and organisational measures should be implemented to ensure data protection by design and by default. Notably, by default settings should ensure that personal data are not made accessible without the individual’s intervention to an indefinite number of persons (Article 25 of the GDPR). AWARENESS OF PRIVACY AND LOCATION SETTINGS ON SMARTPHONES Questions: [Only those respondents who have a smartphone that allows them to access the internet or social media]: Do you know how to check the privacy settings when using different apps on your smartphone? (1) Yes, on all apps, (2) Yes, on some apps, (3) No, (4) I don’t know what privacy settings are. [Only those respondents who have a smartphone that allows them to access the internet or social media]: Do you know how to turn off the location settings on your smartphone? (1) Yes, (2) No, (3) I don’t know what location settings are. 6 Results: The majority of people in the EU-27 (72 %) know about the privacy settings on their smartphones. However, less than half of the respondents (41 %) know the privacy settings on all their apps and 31 % only for some apps. Slightly more people know where to turn off the location settings (77 %). There is a gender gap in the knowledge about the use of privacy and location settings. 21 % of men do not know how to check privacy settings, compared to 27 % of women. 23 % of women do not know how to turn off location settings, compared to 16 % of men. FIGURE 3: AWARENESS OF PRIVACY AND LOCATION SETTINGS AMONG SMARTPHONE USERS, BY GENDER, EU-27 (%) Privacy settings 60 50 40 46 36 32 30 27 30 21 20 10 4 4 0 Yes, on all apps Yes, on some apps No Women Men Don't know Total Location settings 100 90 80 81 74 70 60 50 40 30 23 16 20 10 4 3 0 Yes No Women Men Don't know Total Notes: Only respondents who have a smartphone; N = 17,918 Source: FRA, Fundamental Rights Survey 2019 [Data collection in cooperation with CBS (NL), CTIE (LU) and Statistics Austria (AT)] 7 FIGURE 4: AWARENESS OF PRIVACY AND LOCATION SETTINGS AMONG SMARTPHONE USERS BY COUNTRY (%) Privacy settings 100 90 80 24 23 19 16 16 21 16 26 27 23 24 19 19 19 23 22 32 20 14 22 23 22 16 22 18 19 32 70 60 31 31 50 42 35 42 42 49 46 47 42 44 40 34 24 38 33 39 35 39 23 29 28 31 28 29 25 22 14 19 21 29 18 27 20 32 40 30 20 41 42 10 45 47 48 41 41 41 42 42 43 44 36 36 37 37 30 30 32 32 32 32 32 33 34 53 54 54 59 46 46 EU-28 EU-27_2019 0 CY DK FI SE LU CZ LT EE FR AT DE LV NL BE ES SI PT IT BG RO EL PL IE HU HR SK MT Yes, on all apps Yes, on some apps No MK UK Don't know Location settings 100 90 19 19 80 26 16 27 25 15 12 13 12 12 11 11 10 19 16 13 15 16 14 13 25 25 19 22 18 17 14 18 20 15 70 60 50 40 77 78 30 87 82 82 83 83 83 84 85 85 86 86 86 77 77 78 79 81 81 72 73 74 75 76 76 71 70 66 74 RO LV IT DK ES CY LT CZ MT PL SE BE EE IE PT HR SI FI LU FR SK DE NL AT HU EL BG MK UK 83 20 10 EU-28 EU-27_2019 0 Yes No Don't know Notes: Only respondents who have a smartphone; N = 18,515 Source: FRA, Fundamental Rights Survey 2019 [Data collection in cooperation with CBS (NL), CTIE (LU) and Statistics Austria (AT)] 8 CONSENT TO DATA PROCESSING Questions: [Only those respondents who use the internet]: You may have been asked to approve or consent to your data being processed when using online services, websites or apps. Do you read these terms and conditions? (1) Yes, always, (2) Yes, sometimes, (3) No [Only those respondents who at least sometimes read terms and conditions]: Would you say you understand the terms and conditions when you approve or consent to your data being used? (1) Yes, (2) No [Only those respondents who use the internet]: Do you feel you can easily choose not to approve or consent to your data being used when using online services, websites or apps? (1) Yes, (2) No Results: Overall, only one in five respondents in the EU says they always read the terms and conditions when using online services (22 %). 44 % read them sometimes and 33 % do not read the terms and conditions (1 % don’t know). The percentage of those not reading terms and conditions is especially high in Belgium and Cyprus (each 47 %) as well as in the United Kingdom (48 %). In contrast, in Estonia 22 % of people do not read the terms and conditions. Among those who read the terms and conditions, at least sometimes, 27 % do not understand them. Half of the respondents do not find it easy to consent to personal data usage through online services (49 %). Overall, there are no major gender differences for these questions for the EU-27. FIGURE 5: READING TERMS AND CONDITIONS WHEN USING ONLINE SERVICES BY COUNTRY (%) 100 90 80 33 34 43 39 43 45 47 45 24 31 37 44 47 70 36 25 41 31 27 25 36 29 32 28 22 25 24 32 60 50 40 44 44 49 30 20 10 22 21 8 EU-28 EU-27_2019 0 SE 51 47 44 42 44 51 60 56 49 39 39 45 35 42 49 48 38 43 41 42 49 46 46 24 24 37 34 35 34 34 41 29 29 30 30 32 23 24 24 25 27 27 18 21 22 16 15 14 13 9 10 10 11 12 12 39 40 NL LU DK CY AT FI BE FR DE IE PT MT ES LT SI LV HR RO IT SK EE CZ PL HU EL BG Yes, always 48 Yes, sometimes No 27 10 MK UK Don't know Notes: Only respondents who use the internet; N = 20,279 Source: FRA, Fundamental Rights Survey 2019 [Data collection in cooperation with CBS (NL), CTIE (LU) and Statistics Austria (AT)] 9 Public administrations Private companies FIGURE 6: UNDERSTANDING TERMS AND CONDITIONS WHEN USING ONLINE SERVICES, BY COUNTRY (%) 100 90 80 27 28 52 44 70 18 17 16 16 23 23 20 21 21 19 19 30 30 26 30 34 32 35 42 40 40 39 38 14 12 23 44 60 50 40 30 72 71 47 20 86 87 78 79 79 79 81 81 82 82 73 76 76 77 70 69 69 64 66 66 59 61 62 54 57 58 73 55 10 EU-28 EU-27_2019 0 AT SE FI DK LU FR NL CY DE BE LV ES IE Yes No IT HU RO LT CZ SK EE HR SI PT MT BG EL PL MK UK Don't know Notes: Only respondents who read terms and conditions sometimes or always; N = 13,206 Source: FRA, Fundamental Rights Survey 2019 [Data collection in cooperation with CBS (NL), CTIE (LU) and Statistics Austria (AT)] FIGURE 7: FINDING IT EASY TO CONSENT TO PERSONAL DATA USAGE THROUGH ONLINE SERVICES BY COUNTRY (%) 100 90 24 27 80 70 49 50 30 30 31 32 32 34 36 36 37 40 41 41 41 45 47 49 52 53 60 61 61 61 62 63 46 57 72 77 50 40 75 30 20 49 48 67 63 67 65 63 61 62 59 63 61 58 53 56 48 52 50 47 47 45 10 38 39 38 36 34 51 42 27 23 EU-28 EU-27_2019 0 EE PT MT SK SI BG LV EL CY CZ PL RO HR HU LT IE IT Yes No ES FI SE BE DE NL LU DK AT FR Don't know Notes: Only respondents who use the internet; N = 20,279 Source: FRA, Fundamental Rights Survey 2019 [Data collection in cooperation with CBS (NL), CTIE (LU) and Statistics Austria (AT)] 10 MK UK AWARENESS OF THE GDPR, DATA PROTECTION LAWS AND AUTHORITIES WHAT DOES THE GDPR SAY? Awareness – each Member State must provide for one or more independent public authorities responsible for monitoring the GDPR’s application, and for promoting “public awareness and understanding of the risks, rules, safeguards and rights in relation to processing” (Article 57 of the GDPR). Right of access – the rights of individuals depend on their capacity to know which data are being collected, who collects the data, how the data will be processed, and for how long. Public administration and private entities are required to communicate this information to any individuals requesting it (Article 15 of the GDPR). 11 AWARENESS OF THE GDPR Question: Have you heard of the General Data Protection Regulation – GDPR? (1) Yes, (2) No Results: Overall, 69 % of people in the EU-27 have heard about the General Data Protection Regulation (GDPR). Men are slightly more aware of the GDPR (71 %), compared to women (67 %). FIGURE 8: AWARENESS OF THE GDPR BY COUNTRY (%) 100 90 80 31 30 70 62 59 53 48 45 43 42 41 24 24 24 23 27 27 27 25 26 25 35 33 34 30 28 17 14 13 4 21 70 60 50 40 30 69 70 20 38 39 46 56 57 59 51 55 74 74 75 76 76 77 69 71 72 72 73 65 66 66 69 83 86 86 95 79 29 10 EU-28 EU-27_2019 0 EE LT BE IT FR HU FI DK CY RO LU EL BG LV HR NL MT ES PT SK SE SI DE IE AT CZ PL Yes No Don't know/prefer not to say Notes: N = 25,018 Source: FRA, Fundamental Rights Survey 2019 [Data collection in cooperation with CBS (NL), CTIE (LU) and Statistics Austria (AT)] AWARENESS OF THE RIGHT TO ACCESS PERSONAL DATA Question: Your personal data includes information about you such as your address or date of birth. Are you aware of any laws in [COUNTRY] that allow you to check what personal data has been collected about you by the following organisations? (a) Public administration – including local authorities, (b) A private company: (1) Yes, there is such a law, (2) No, there is no such law Results: 60 % of respondents in the EU-27 are aware of a law that allows them to access their personal data held by public administrations. However, this decreases to 51 % for private companies. This means that only one in two people in the EU-27 are aware that they can access their data held by companies. There is a gender gap in the awareness of data protection laws. Women are less aware compared to men. For both areas, public administration and private companies, women are less aware about their right to access their personal data. Figure 9 shows the awareness of the right to access personal data with respect to public administration and private companies. 12 MK UK FIGURE 9: AWARENESS OF THE RIGHT TO ACCESS PERSONAL DATA AT PUBLIC ADMINISTRATION AND PRIVATE COMPANIES BY GENDER IN THE EU-27 (%) 100 90 80 70 64 57 60 55 48 50 40 30 20 10 0 Public administration Private company Women Men Total Notes: N = 24,354 Source: FRA, Fundamental Rights Survey 2019 [Data collection in cooperation with CBS (NL), CTIE (LU) and Statistics Austria (AT)] FIGURE 10: AWARENESS OF THE RIGHT TO ACCESS PERSONAL DATA AT PUBLIC ADMINISTRATION AND PRIVATE COMPANIES BY COUNTRY (%) 100 90 80 70 60 50 40 87 87 87 82 60 62 60 45 46 53 51 36 30 34 20 49 49 51 46 46 44 36 64 64 64 65 65 66 38 71 55 53 49 52 79 72 69 64 65 54 54 52 53 52 52 39 42 62 69 71 72 73 68 71 57 56 51 41 42 40 41 39 30 29 10 EU-28 EU-27_2019 0 CY RO PT HR HU EL ES SI BG LT LV BE IT IE EE MT CZ PL AT DE FR LU SK DK NL FI SE Public administration MK UK Private company Notes: Respondents answering ‘Yes, there is such a law’; N = 25,018 Source: FRA, Fundamental Rights Survey 2019 [Data collection in cooperation with CBS (NL), CTIE (LU) and Statistics Austria (AT)] 100 90 82 80 70 60 50 60 62 51 60 54 54 52 53 53 45 46 51 49 49 46 46 44 62 64 64 64 65 65 66 52 52 53 55 49 52 69 71 71 64 65 72 57 56 51 87 87 87 69 79 72 68 73 71 13 AWARENESS OF DATA PROTECTION AUTHORITIES Question: Have you ever heard of any of the following? Please respond with the first thing that comes into your head. [NAME OF NATIONAL SUPERVISORY AUTHORITY FOR DATA PROTECTION – BASED ON ART. 51 OF REGULATION (EU) 2016/679]. In the survey, the name of the respective authority was used in each country (see Annex Table 2). Results: 71 % of people in the EU-27 have heard about their national supervisory authority for data protection (DPA). Most respondents in Czechia have heard about their DPA (90 %). In Belgium, few people have heard about their DPA (44 %) and even fewer in the United Kingdom (35 %). FIGURE 11: AWARENESS OF DATA PROTECTION AUTHORITIES BY COUNTRY (%) 100 90 80 71 70 68 58 60 67 67 68 68 69 64 66 71 71 74 77 77 85 85 86 87 87 82 84 79 80 80 81 90 61 52 50 44 40 35 30 20 10 BE HU RO DE CY MT PL IT PT EL FI LU LT NL LV SI BG FR SK ES IE DK HR EE SE AT CZ EU-28 EU-27_2019 0 MK UK Notes: N = 25,018 Source: FRA, Fundamental Rights Survey 2019 [Data collection in cooperation 100with CBS (NL), CTIE (LU) and Statistics Austria (AT)] 90 80 71 70 68 58 60 67 67 68 68 69 64 66 71 71 74 77 77 85 85 86 87 87 82 84 79 80 80 81 90 61 52 50 44 35 40 30 20 10 0 EU-28 EU-27_2019 14 BE HU RO DE CY MT PL IT PT EL FI LU LT NL LV SI BG FR SK ES IE DK HR EE SE AT CZ MK UK ANNEX TABLE 1: METHODOLOGY BY COUNTRY Country Sampling approach Mode of interview Fieldwork dates Number of interviews Austria Random probability Online 09/04/19 – 09/05/19 1,233 Belgium Random probability Face to face 15/06/19 – 21/10/19 1,058 Bulgaria Random probability Face to face 15/02/19 – 23/04/19 1,016 Croatia Random probability Face to face 18/03/19 – 04/07/19 1,019 Cyprus Random probability Face to face 06/02/19 – 22/06/19 1,005 Czechia Random probability Face to face 22/03/19 – 06/06/19 1,074 Denmark Random probability Online 14/03/19 – 07/05/19 1,173 Estonia Random probability Online 25/03/19 – 21/05/19 1,067 Finland Random probability Online 14/05/19 – 03/09/19 1,048 France Quota Online 21/06/19 – 27/08/19 2,987 Germany Quota Online 21/06/19 – 27/08/19 2,972 Greece Random probability Face to face 30/03/19 – 12/06/19 1,001 Hungary Random probability Face to face 29/03/19 – 02/07/19 993 Ireland Random probability Face to face 14/03/19 – 01/08/19 1,006 Italy Random probability Face to face 22/03/19 – 21/10/19 1,051 Latvia Random probability Face to face 07/05/19 – 02/08/19 1,034 Lithuania Random probability Face to face 23/04/19 – 08/08/19 1,008 Luxembourg Random probability Online 13/05/19 – 30/09/19 966 Malta Random probability Face to face 18/01/19 – 28/07/19 1,004 Netherlands Random probability Online 16/01/19 – 23/03/19 1,626 North Macedonia Random probability Face to face 15/03/19 – 15/05/19 1,027 Poland Random probability Face to face 19/02/19 – 08/06/19 1,000 Portugal Random probability Face to face 25/02/19 – 27/05/19 1,001 Romania Random probability Face to face 11/02/19 – 21/06/19 999 Slovakia Random probability Face to face 04/02/19 – 29/08/19 1,081 Slovenia Random probability Face to face 03/05/19 – 28/06/19 1,007 Spain Random probability Face to face 06/03/19 – 07/07/19 1,002 Sweden Random probability Online 18/04/19 – 13/06/19 1,155 United Kingdom Random probability Online 26/03/19 – 23/05/19 1,384 15 TABLE 2: LIST OF DATA PROTECTION AUTHORITIES RESPONDENTS WERE ASKED ABOUT: 16 Country NATIONAL DATA PROTECTION SUPERVISOR Austria Datenschutzbehörde Belgium Commission de la protection de la vie privée (CPVP) (FR) / Commissie voor de bescherming van de persoonlijke levenssfeer (CBPL) (NL) Bulgaria Комисията за защита на личните данни Croatia Hrvatska Agencija za zaštitu osobnih podataka Cyprus Γραφείο Επιτρόπου Προστασίας Δεδομένων Προσωπικού Χαρακτήρα Czechia Úřad pro ochranu osobních údajů Denmark Datatilsynet Estonia Andmekaitse Inspektsioon (ET) / Инспекция по защите данных (RU) Finland Tietosuojavaltuutetun toimisto (FI)/ Dataombudsmannens byrå (SE) France Commission Nationale de l’Informatique et des Libertés - CNIL Germany Die Bundesbeauftragte für den Datenschutz und die Informationsfreiheit Greece Αρχή Προστασίας Δεδομένων Προσωπικού Χαρακτήρα Hungary Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH) Ireland Data Protection Commissioner / An Coimisinéir Cosanta Sonraí Italy Garante per la protezione dei dati personali Latvia Datu valsts inspekcija (LV) / Государственная инспекция данных (RU) Lithuania Valstybinė duomenų apsaugos inspekcija Luxembourg Commission Nationale pour la Protection des Données (FR) / Nationale Kommission für den Datenschutz (DE) Malta Office of the Data Protection Commissioner Netherlands Autoriteit Persoonsgegevens North Macedonia Дирекција за заштита на личните податоци / Oficerët për mbrojtjen e të dhënave personale Poland Generalny Inspektor Ochrony Danych Osobowych (GIODO) Portugal Comissão Nacional de Protecção de Dados (CNPD) Romania Autoritatea Naţională de Supraveghere a Prelucrării Datelor cu Caracter Personal Slovakia Úrad na ochranu osobných údajov Slovenskej republiky Slovenia Informacijski pooblaščenec Spain Agencia de Protección de Datos (ES) / l’Agència Espanyola de Protecció de Dades (CA) Sweden Datainspektionen United Kingdom Information Commissioner’s Office Both FRA’s Fundamental Rights Report 2020 and its opinions, available as a separate publication in the 24 EU official languages, can be accessed on the FRA website at: FUNDAMENTAL RIGHTS REPORT ― 2020 FUNDAMENTAL RIGHTS REPORT ― 2020 — https://fra.europa.eu/en/ publication/2020/fundamentalrights-report-2020 The year 2019 brought both progress and FRA’s Fundamental Rights Report 2020 reviews major developments in the field, identifying both achievements and remaining areas of concern. This publication presents FRA’s opinions on the main developments in the thematic areas covered, and a synopsis of the evidence supporting these opinions. In so doing, it provides a compact but informative overview of the main fundamental rights challenges REPORT confronting the EU and its Member States. 1 [FOCUS] Ten years on: unlocking the Charter’s full potential 4 Equality and non-discrimination 7 BASELINE TO ADD 9 Roma integration 11 Asylum, visas, migration, borders and integration — https://fra.europa.eu/en/ publication/2020/fundamentalrights-report-2020-fra-opinions FRA OPINIONS setbacks in terms of fundamental rights protection. 13 Information society, privacy and data protection 15 Rights of the Child 17 Access to justice 19 Developments in the implementation of the Convention on the Rights of Persons with Disabilities Racism, xenophobia and related intolerance Getting in touch with the EU In person All over the European Union there are hundreds of Europe Direct information centres. You can find the address of the centre nearest you at: https://europa.eu/european-union/contact_en On the phone or by email Europe Direct is a service that answers your questions about the European Union. You can contact this service: y freephone: 00 800 6 7 8 9 10 11 —b (certain operators may charge for these calls), — at the following standard number: +32 22999696 or — by email via: https://europa.eu/european-union/contact_en Finding information about the EU Online Information about the European Union in all the official languages of the EU is available on the Europa website at: https:// europa.eu/european-union/index_en EU publications You can download or order free and priced EU publications at: https://op.europa.eu/en/publications Multiple copies of free publications may be obtained by contacting Europe Direct or your local information centre (see https:// europa.eu/european-union/contact_en). EU law and related documents For access to legal information from the EU, including all EU law since 1952 in all the official language versions, go to EUR- Lex at: http://eur-lex.europa.eu Open data from the EU The EU Open Data Portal (http://data.europa.eu/euodp/en) provides access to datasets from the EU. Data can be downloaded and reused for free, for both commercial and non-commercial purposes. III PROMOTING AND PROTECTING YOUR FUNDAMENTAL RIGHTS ACROSS THE EU ― This paper shows people’s views on sharing personal data online as well as their concerns about possible misuse of their data. It also shows people’s awareness of EU data protection rules – the General Data Protection Regulation (GDPR). FRA’s Fundamental Rights Survey asked people about their awareness of privacy online and how they manage it. It also asked if people read the terms and conditions of online services, and whether they find it easy or hard to consent to these when using online services. Hate crime Hate speech Equality Non-discrimination FRA – EUROPEAN UNION AGENCY FOR FUNDAMENTAL RIGHTS Schwarzenbergplatz 11 – 1040 Vienna – Austria T +43 158030-0 – F +43 158030-699 fra.europa.eu facebook.com/fundamentalrights twitter.com/EURightsAgency linkedin.com/company/eu-fundamental-rights-agency
