Blog

The right to data protection is not an absolute right, it is limited by other fundamental rights and constitutionally protected legal rights (Constitutional Court ruling 292/2000, of 30 November). An essential interest for the life of the data subject or of a third party may therefore prevail over...

This is the second in a series of articles detailing the Agency's participation in other international forums in which data protection also plays an important role. In this case, we are talking about the Organisation for Economic Co-operation and Development (OECD). In this post we briefly explain...

Probabilistic or estimative methods have proven to be powerful tools for processing personal data and are used in many digital services and applications, but they pose dilemmas regarding compliance with the principle of accuracy, because their nature implies possible cases of false negatives, false...

In this post, we discuss the potential implications of treating identity as a service rather than a fundamental right and how the shift towards identity as a service impacts individuals' control over their personal data. The commodification of identity may affect citizens' rights and freedoms...

The Spanish Data Protection Agency (AEPD) has an intense international activity focused especially on the European Union and the bodies in which it has the legal obligation to participate, such as the European Data Protection Board.

1984 is a dystopian political fiction novel written by George Orwell between 1947 and 1948 and published on June 8, 1949.

The Spanish Data Protection Agency will periodically offer in this blog references to cultural elements that have stood out in its analysis of privacy from different points of view.

The GDPR obligates controllers to implement appropriate technical and organisational measures to ensure an appropriate security level to the risk of processing.

In the context of processing with possible automated decision-making, an assessment of the degree of human involvement is required, which involves assessing both the system used and the processing and its context. To this end, it is recommended to assess a person's participation in the decision...