å®å ¬åºã«ãšã£ãŠãGDPRã®éµå®ã¯éèŠãªèª²é¡ã§ããGDPRã¯ãEUåå ã®å人ããŒã¿ä¿è·ã«é¢ããå æ¬çãªæ³èŠå¶ã§ãããå®å ¬åºãå«ããã¹ãŠã®çµç¹ã«é©çšãããŸããæ¬èšäºã§ã¯ãå®å ¬åºãGDPRãç解ããéµå®ããããã®éèŠãªãã€ã³ãã10åã§è§£èª¬ããŸãããŸããGDPRã®åºæ¬æŠå¿µãšããŠããã®ç®çãé©çšç¯å²ãå人ããŒã¿ã®å®çŸ©ãšåãæ±ãã®ååã«ã€ããŠèª¬æããŸãã次ã«ãå®å ¬åºãGDPRãéµå®ããããã«å¿ èŠãªãããŒã¿ä¿è·è²¬ä»»è ã®ä»»åœãããŒã¿ä¿è·åœ±é¿è©äŸ¡ã®å®æœãå®å šç®¡çæªçœ®ã®å®è£ ã«ã€ããŠè¿°ã¹ãŸããæåŸã«ãGDPRã«éåããå Žåã®ãªã¹ã¯ãšå¯ŸçãšããŠãå¶è£ã眰éãããŒã¿äŸµå®³çºçæã®å¯Ÿå¿ãç¶ç¶çãªã³ã³ãã©ã€ã¢ã³ã¹æ¹åã®éèŠæ§ã解説ããŸããGDPRã®ç解ãšéµå®ã¯ãå®å ¬åºãåœæ°ã®ä¿¡é ŒãåŸãããã®ç¬¬äžæ©ã§ãããçµç¹å šäœã§åãçµãã¹ãéèŠãªè²¬åã§ãã
GDPRãšã¯äœã – å®å ¬åºãç解ãã¹ãåºæ¬æŠå¿µ
GDPRïŒEUäžè¬ããŒã¿ä¿è·èŠåïŒã¯ã欧å·é£åïŒEUïŒåå ã®å人ããŒã¿ä¿è·ã«é¢ããå æ¬çãªæ³èŠå¶ã§ããå®å ¬åºãå«ããã¹ãŠã®çµç¹ã«é©çšãããå人ããŒã¿ã®é©åãªåãæ±ããšä¿è·ã矩åä»ããŠããŸããæ¬èšäºã§ã¯ãå®å ¬åºãGDPRãç解ããããã«å¿ èŠãªåºæ¬æŠå¿µã«ã€ããŠè§£èª¬ããŸãã
GDPRã®ç®çãšé©çšç¯å²
GDPRã®äž»ãªç®çã¯ã以äžã®3ç¹ã§ãã
- å人ããŒã¿ã®ä¿è·ãšé©åãªåãæ±ãã®ä¿é²
- å人ã®ãã©ã€ãã·ãŒæš©ã®åŒ·å
- EUåå ã®ããŒã¿ä¿è·æ³å¶ã®çµ±äžå
GDPRã¯ãEUåå ã§äºæ¥ãè¡ããã¹ãŠã®çµç¹ã«é©çšãããå®å ¬åºããã®å¯Ÿè±¡ãšãªããŸãããŸããEUåå€ã®çµç¹ã§ãã£ãŠããEUåžæ°ã®å人ããŒã¿ãåãæ±ãå Žåã¯GDPRã®é©çšå¯Ÿè±¡ãšãªããŸãã
å人ããŒã¿ã®å®çŸ©ãšåãæ±ãã®åå
GDPRã«ãããå人ããŒã¿ãšã¯ãèå¥ãããããŸãã¯èå¥å¯èœãªèªç¶äººã«é¢ããããããæ å ±ãæããŸããããã«ã¯ãæ°åãäœæãã¡ãŒã«ã¢ãã¬ã¹ãIPã¢ãã¬ã¹ãªã©ãå«ãŸããŸããå®å ¬åºã¯ãå人ããŒã¿ãåãæ±ãéã«ä»¥äžã®ååãéµå®ããå¿ èŠããããŸãã
åå | å 容 |
---|---|
é©æ³æ§ãå ¬æ£æ§ãéææ§ | å人ããŒã¿ã®åãæ±ãã¯ãé©æ³ãå ¬æ£ãéæã§ãªããã°ãªããªã |
ç®çå¶é | å人ããŒã¿ã¯ãç¹å®ã®æ£åœãªç®çã®ããã«ã®ã¿åéã»åŠçãããã¹ãã§ãã |
ããŒã¿æå°å | åéã»åŠçããå人ããŒã¿ã¯ãç®çéæã«å¿ èŠãªç¯å²ã«éå®ãããã¹ãã§ãã |
æ£ç¢ºæ§ | å人ããŒã¿ã¯æ£ç¢ºãã€ææ°ã®ç¶æ ã«ä¿ãããã¹ãã§ãã |
ä¿åå¶é | å人ããŒã¿ã¯ãç®çéæã«å¿ èŠãªæéã®ã¿ä¿åãããã¹ãã§ãã |
å®å šæ§ãšæ©å¯æ§ | å人ããŒã¿ã¯ãäžæ£ã¢ã¯ã»ã¹ãæŒæŽ©ããä¿è·ãããã¹ãã§ãã |
å®å ¬åºã«ãããGDPRã®éèŠæ§
å®å ¬åºã¯ãæ¥åã®æ§è³ªäžã倧éã®å人ããŒã¿ãåãæ±ãããšãå€ããããGDPRã®éµå®ã¯ç¹ã«éèŠã§ãã以äžã¯ãå®å ¬åºãGDPRãéµå®ããå¿ èŠæ§ã瀺ãäž»ãªçç±ã§ãã
- æ³ç矩åã®å±¥è¡ïŒGDPRã¯æ³çææåã®ããèŠåã§ãããéåããå Žåã«ã¯å€é¡ã®å¶è£éã課ãããå¯èœæ§ãããã
- åœæ°ã®ä¿¡é Œã®ç¢ºä¿ïŒå人ããŒã¿ã®é©åãªä¿è·ã¯ãåœæ°ã®ä¿¡é ŒãåŸãããã«äžå¯æ¬ ã§ããã
- éææ§ãšèª¬æ責任ã®åäžïŒGDPRã®éµå®ã«ãããå®å ¬åºã®æ¥åã«ãããéææ§ãšèª¬æ責任ãåäžããã
- ããŒã¿ã»ãã¥ãªãã£ã®åŒ·åïŒGDPRã«åºã¥ãã»ãã¥ãªãã£å¯Ÿçã®å®æœã«ããããµã€ããŒæ»æãããŒã¿æŒæŽ©ã®ãªã¹ã¯ã軜æžã§ããã
- æ¥åå¹çã®æ¹åïŒå人ããŒã¿ã®é©åãªç®¡çã¯ãæ¥åã®å¹çåã«ãã€ãªããã
å®å ¬åºã¯ãGDPRã®èŠä»¶ãç解ããé©åãªå¯Ÿçãè¬ããããšã§ãå人ããŒã¿ã®ä¿è·ãšãã©ã€ãã·ãŒå°éã®å§¿å¢ã瀺ãããšãã§ããŸããããã¯ãåœæ°ããã®ä¿¡é ŒãåŸããšãšãã«ãè¡æ¿ãµãŒãã¹ã®è³ªã®åäžã«ãã€ãªãããŸãã
GDPRãéµå®ããããã«ã¯ãå人ããŒã¿ã®åãæ±ãã«é¢ããæ¹éã®çå®ãããŒã¿ä¿è·è²¬ä»»è ïŒDPOïŒã®ä»»åœãããŒã¿ä¿è·åœ±é¿è©äŸ¡ïŒDPIAïŒã®å®æœãã»ãã¥ãªãã£å¯Ÿçã®åŒ·åãè·å¡ãžã®æè²ã»åçºãªã©ãçµç¹çãªåãçµã¿ãå¿ èŠã§ããå®å ¬åºã¯ããããã®åãçµã¿ãéããŠãå人ããŒã¿ã®ä¿è·ãšãã©ã€ãã·ãŒå°éã®å§¿å¢ã瀺ããåœæ°ã®ä¿¡é ŒãåŸãããšãã§ããã§ãããã
GDPRã¯ãå®å ¬åºã«ãšã£ãŠåãªãæ³ä»€éµå®ã®åé¡ã§ã¯ãªããåœæ°ãšã®ä¿¡é Œé¢ä¿ãç¯ãäžã§éèŠãªåœ¹å²ãæãããŸããå人ããŒã¿ã®é©åãªä¿è·ãšåãæ±ãã¯ãå®å ¬åºã®è²¬åã§ãããGDPRã®ç解ãšéµå®ã¯ããã®è²¬åãæããããã®ç¬¬äžæ©ãšãããŸãã
å®å ¬åºãGDPRãéµå®ããããã®éèŠãªãã€ã³ã
GDPRã®éµå®ã¯ãå®å ¬åºã«ãšã£ãŠéåžžã«éèŠãªèª²é¡ã§ããå人ããŒã¿ã®é©åãªä¿è·ãšç®¡çãå®çŸããããã«ã¯ãçµç¹å šäœã§äœç³»çãªåãçµã¿ãå¿ èŠãšãªããŸããããã§ã¯ãå®å ¬åºãGDPRãéµå®ããããã®éèŠãªãã€ã³ãã3ã€çŽ¹ä»ããŸãã
ããŒã¿ä¿è·è²¬ä»»è ïŒDPOïŒã®ä»»åœãšåœ¹å²
GDPRã§ã¯ãå ¬çæ©é¢ã倧èŠæš¡ãªããŒã¿åŠçãè¡ãçµç¹ã«å¯ŸããŠãããŒã¿ä¿è·è²¬ä»»è ïŒDPOïŒã®ä»»åœã矩åä»ããŠããŸããDPOã¯ãçµç¹å ã®ããŒã¿ä¿è·ã«é¢ããç£ç£ãå©èšãåŸæ¥å¡ã®æè²ãªã©ãæ åœããGDPRã®éµå®ãæšé²ããéèŠãªåœ¹å²ãæãããŸããå®å ¬åºã¯ãDPOãä»»åœãããã®åœ¹å²ãæ確ã«å®çŸ©ããããšã§ãããŒã¿ä¿è·äœå¶ã®åŒ·åã«ã€ãªããããšãã§ããŸãã
DPOã®äž»ãªè²¬åã¯ä»¥äžã®éãã§ãã
- ããŒã¿ä¿è·ã«é¢ããæ¹éãæé ã®çå®ãšå®æœã®ç£ç£
- ããŒã¿ä¿è·åœ±é¿è©äŸ¡ïŒDPIAïŒã®å®æœã®æ¯æŽ
- ããŒã¿ä¿è·ã«é¢ããåŸæ¥å¡ãžã®æè²ã»åçºæŽ»åã®å®æœ
- ç£ç£åœå±ãšã®é£çµ¡çªå£ãšããŠã®åœ¹å²
- å人ããŒã¿ã®åãæ±ãã«é¢ããèŠæ ãåãåãããžã®å¯Ÿå¿
DPOã¯ãçµç¹å ã®ããŒã¿ä¿è·ã®äžå¿çãªååšãšããŠãGDPRã®éµå®ãšå人ããŒã¿ã®é©åãªä¿è·ãæšé²ããŠãããŸãã
ããŒã¿ä¿è·åœ±é¿è©äŸ¡ïŒDPIAïŒã®å®æœ
ããŒã¿ä¿è·åœ±é¿è©äŸ¡ïŒDPIAïŒã¯ãå人ããŒã¿ã®åãæ±ãã«äŒŽããªã¹ã¯ãç¹å®ãããããã®ãªã¹ã¯ã軜æžããããã®æªçœ®ãè¬ããããã»ã¹ã§ããGDPRã§ã¯ãé«ãªã¹ã¯ãªå人ããŒã¿ã®åãæ±ããè¡ãå ŽåãDPIAã®å®æœã矩åä»ããããŠããŸããå®å ¬åºã¯ãDPIAãå®æœããããšã§ãå人ããŒã¿ã®åãæ±ãã«äŒŽããªã¹ã¯ãææ¡ããé©åãªå¯Ÿçãè¬ããããšãã§ããŸãã
DPIAãå®æœããéã®äž»ãªã¹ãããã¯ä»¥äžã®éãã§ãã
- å人ããŒã¿ã®åãæ±ãã«äŒŽããªã¹ã¯ã®ç¹å®
- ãªã¹ã¯ã®è©äŸ¡ãšåªå é äœä»ã
- ãªã¹ã¯è»œæžæªçœ®ã®æ€èšãšå®æœ
- æ®çãªã¹ã¯ã®è©äŸ¡ãšå容å¯èœæ§ã®å€æ
- å®æçãªã¬ãã¥ãŒãšæŽæ°
DPIAãéããŠãå®å ¬åºã¯å人ããŒã¿ã®åãæ±ãã«äŒŽããªã¹ã¯ãé©åã«ç®¡çããGDPRã®éµå®ãšå人ããŒã¿ã®ä¿è·ãå®çŸããããšãã§ããŸãã
å人ããŒã¿ã®å®å šç®¡çæªçœ®ã®å®è£
GDPRã§ã¯ãå人ããŒã¿ã®æ©å¯æ§ãå®å šæ§ãå¯çšæ§ã確ä¿ããããã®é©åãªæè¡çã»çµç¹çãªå®å šç®¡çæªçœ®ã®å®è£ ãæ±ããŠããŸããå®å ¬åºã¯ãå人ããŒã¿ã®åãæ±ãã«äŒŽããªã¹ã¯ã«å¿ããŠãé©åãªå®å šç®¡çæªçœ®ãè¬ããå¿ èŠããããŸãã
å人ããŒã¿ã®å®å šç®¡çæªçœ®ã®äŸã¯ä»¥äžã®éãã§ãã
åé¡ | å ·äœçãªæªçœ® |
---|---|
æè¡çæªçœ® |
|
çµç¹çæªçœ® |
|
å®å ¬åºã¯ããããã®å®å šç®¡çæªçœ®ãé©åã«å®è£ ããç¶ç¶çã«æ¹åããŠããããšã§ãå人ããŒã¿ã®ä¿è·ãšGDPRã®éµå®ãå®çŸããããšãã§ããŸãã
å®å ¬åºãGDPRãéµå®ããããã«ã¯ãããŒã¿ä¿è·è²¬ä»»è ã®ä»»åœãããŒã¿ä¿è·åœ±é¿è©äŸ¡ã®å®æœãå人ããŒã¿ã®å®å šç®¡çæªçœ®ã®å®è£ ãéèŠãªãã€ã³ããšãªããŸãããããã®åãçµã¿ãéããŠãå®å ¬åºã¯å人ããŒã¿ã®é©åãªä¿è·ãšç®¡çãå®çŸããåœæ°ããã®ä¿¡é ŒãåŸãããšãã§ããã§ããããGDPRã®éµå®ã¯ãå®å ¬åºã«ãšã£ãŠéèŠãªè²¬åã§ãããçµç¹å šäœã§ç¶ç¶çã«åãçµãã§ããå¿ èŠããããŸãã
GDPRã«éåããå Žåã®ãªã¹ã¯ãšå¯Ÿç
GDPRã«éåããå Žåãå®å ¬åºã¯æ·±å»ãªãªã¹ã¯ã«çŽé¢ããå¯èœæ§ããããŸããå¶è£ã眰éãªã©ã®æ³ç責任ã«å ããåœæ°ããã®ä¿¡é Œã倱ãããšã«ãã€ãªãããããŸãããããã§ã¯ãGDPRã«éåããå Žåã®ãªã¹ã¯ãšå¯Ÿçã«ã€ããŠè©³ãã解説ããŸãã
GDPRã®éåã«å¯Ÿããå¶è£ãšçœ°é
GDPRã«éåããå Žåãç£ç£åœå±ããå³ããå¶è£ãå€é¡ã®çœ°éã課ãããå¯èœæ§ããããŸãã眰éã®äžéã¯ãéåã®å 容ãçšåºŠã«ãã£ãŠç°ãªããŸãããæ倧ã§å šäžç幎é売äžé«ã®4ïŒ ãŸãã¯2,000äžãŠãŒãïŒçŽ24ååïŒã®ããããé«ãæ¹ãšãªã£ãŠããŸããå®å ¬åºã«ãšã£ãŠããã®ãããªå€é¡ã®çœ°éã¯è²¡æ¿ã«å€§ããªåœ±é¿ãäžããå¯èœæ§ããããŸãã
å¶è£ã眰éãé¿ããããã«ã¯ã以äžã®ãããªå¯ŸçãéèŠã§ãã
- GDPRã®èŠä»¶ãååã«ç解ããçµç¹å ã§åšç¥åŸ¹åºãã
- å人ããŒã¿ã®åãæ±ãã«é¢ããæ¹éãæé ãæŽåããéµå®ãã
- ããŒã¿ä¿è·è²¬ä»»è ïŒDPOïŒãä»»åœããããŒã¿ä¿è·äœå¶ã匷åãã
- å®æçãªç£æ»ãã¬ãã¥ãŒãå®æœããã³ã³ãã©ã€ã¢ã³ã¹ç¶æ³ã確èªãã
- éåãçºçããå Žåãè¿ éãã€é©åã«å¯Ÿå¿ããç£ç£åœå±ã«å ±åãã
ããŒã¿äŸµå®³çºçæã®éç¥çŸ©åãšå¯Ÿå¿æé
GDPRã§ã¯ãå人ããŒã¿ã®æŒæŽ©ãäžæ£ã¢ã¯ã»ã¹ãªã©ã®ããŒã¿äŸµå®³ãçºçããå Žåãç£ç£åœå±ãžã®éç¥ã矩åä»ããããŠããŸããéç¥ã¯ãããŒã¿äŸµå®³ãèªèããŠãã72æé以å ã«è¡ãå¿ èŠããããŸãããŸããããŒã¿äŸµå®³ã«ãã£ãŠå人ã®æš©å©ãèªç±ã«é«ããªã¹ã¯ãããå Žåã¯ã圱é¿ãåããå人ã«ãéç¥ããªããã°ãªããŸããã
ããŒã¿äŸµå®³çºçæã®é©åãªå¯Ÿå¿ã®ããã«ã¯ã以äžã®ãããªæé ãæŽåããŠããããšãéèŠã§ãã
- ããŒã¿äŸµå®³ã®æ€ç¥ãšããã®ç¯å²ã圱é¿ã®ç¹å®
- ç£ç£åœå±ãžã®éç¥ã®å€æãšãéç¥å 容ã®æºå
- 圱é¿ãåããå人ãžã®éç¥ã®å€æãšãéç¥æ¹æ³ã®æ€èš
- ããŒã¿äŸµå®³ã®åå 究æãšãåçºé²æ¢çã®å®æœ
- é¢ä¿è ãžã®èª¬æãšãä¿¡é Œå埩ã«åããåãçµã¿ã®å®æœ
ããŒã¿äŸµå®³çºçæã®é©åãªå¯Ÿå¿ã¯ãGDPRã®éµå®ã ãã§ãªããåœæ°ããã®ä¿¡é Œãç¶æããããã«ãäžå¯æ¬ ã§ãã
å®å ¬åºã«ãããGDPRã³ã³ãã©ã€ã¢ã³ã¹ã®ç¶ç¶çæ¹å
GDPRã®éµå®ã¯ãäžåºŠéæããã°çµããã§ã¯ãããŸãããå®å ¬åºã¯ãç¶ç¶çã«GDPRã³ã³ãã©ã€ã¢ã³ã¹ãæ¹åããå人ããŒã¿ã®ä¿è·ãšç®¡çã匷åããŠããå¿ èŠããããŸãããã®ããã«ã¯ã以äžã®ãããªåãçµã¿ãéèŠã§ãã
- å人ããŒã¿ã®åãæ±ãã«é¢ããæ¹éãæé ã®å®æçãªèŠçŽããšæŽæ°
- åŸæ¥å¡ãžã®ç¶ç¶çãªæè²ã»åçºã®å®æœ
- æ°ããªæè¡ããµãŒãã¹ã®å°å ¥æã«ãããããŒã¿ä¿è·åœ±é¿è©äŸ¡ïŒDPIAïŒã®å®æœ
- å®æçãªç£æ»ãã¬ãã¥ãŒã«ããã³ã³ãã©ã€ã¢ã³ã¹ç¶æ³ã®ç¢ºèªãšæ¹å
- ä»ã®å®å ¬åºãé¢é£çµç¹ãšã®æ å ±å ±æãšé£æºåŒ·å
å®å ¬åºã«ãããGDPRã³ã³ãã©ã€ã¢ã³ã¹ã®ç¶ç¶çæ¹åã¯ãå人ããŒã¿ã®ä¿è·ãšåœæ°ããã®ä¿¡é Œã®ç¶æã«äžå¯æ¬ ã§ããçµç¹å šäœã§åãçµã¿ãé²ããPDCAãµã€ã¯ã«ãåããŠããããšãæ±ããããŸãã
GDPRã«éåããå Žåã®ãªã¹ã¯ã¯ãå®å ¬åºã«ãšã£ãŠéåžžã«å€§ããªãã®ãšãªããŸããå¶è£ã眰éãšãã£ãæ³ç責任ã ãã§ãªããåœæ°ããã®ä¿¡é Œã倱ãããšã¯ãå®å ¬åºã®ååšæ矩ãã®ãã®ãæºããããããŸãããããŒã¿äŸµå®³çºçæã®é©åãªå¯Ÿå¿ãšãç¶ç¶çãªGDPRã³ã³ãã©ã€ã¢ã³ã¹ã®æ¹åã«ããããããã®ãªã¹ã¯ãæå°éã«æããããšãéèŠã§ããå®å ¬åºã¯ãGDPRã®éµå®ãéããŠãå人ããŒã¿ã®ä¿è·ãšãã©ã€ãã·ãŒå°éã®å§¿å¢ã瀺ããåœæ°ã«ä¿¡é Œãããçµç¹ã§ããç¶ããªããã°ãªããŸããã
ãŸãšã
å®å ¬åºã«ãšã£ãŠãGDPRã®éµå®ã¯å人ããŒã¿ã®é©åãªä¿è·ãšãã©ã€ãã·ãŒå°éã®èŠ³ç¹ããéåžžã«éèŠã§ããGDPRã®åºæ¬æŠå¿µãç解ããããŒã¿ä¿è·è²¬ä»»è ã®ä»»åœãããŒã¿ä¿è·åœ±é¿è©äŸ¡ã®å®æœãå®å šç®¡çæªçœ®ã®å®è£ ãªã©ãçµç¹çãªåãçµã¿ãé²ããããšãæ±ããããŸããéåããå Žåã«ã¯å¶è£ã眰éãšãã£ãæ³çãªã¹ã¯ãããã ãã§ãªããåœæ°ããã®ä¿¡é Œã倱ãããšã«ãã€ãªãããããŸãããããŒã¿äŸµå®³çºçæã®é©åãªå¯Ÿå¿ãšç¶ç¶çãªã³ã³ãã©ã€ã¢ã³ã¹æ¹åã«ããããããã®ãªã¹ã¯ãæå°éã«æããå人ããŒã¿ã®ä¿è·ãšåœæ°ã®ä¿¡é Œç¶æãå®çŸããããšãå®å ¬åºã®è²¬åãšãããã§ãããã