è¿å¹Žãå人æ å ±ä¿è·ã®éèŠæ§ãé«ãŸãäžã欧å·é£åïŒEUïŒã§ã¯GDPRïŒEUäžè¬ããŒã¿ä¿è·èŠåïŒãæœè¡ãããå人ããŒã¿ã®åãæ±ãã«é¢ããèŠå¶ã匷åãããŠããŸããåœå å€ã§ã°ããŒãã«ã«äºæ¥ãå±éããç·åå瀟ã«ãšã£ãŠãGDPRãžã®å¯Ÿå¿ã¯éåžžã«éèŠãªèª²é¡ãšãªã£ãŠããŸããæ¬èšäºã§ã¯ãGDPRã®åºæ¬æŠèŠãããç·åå瀟ãGDPRã«å¯Ÿå¿ããæ矩ãšéèŠæ§ããããŠå®è·µçãªãã€ã³ããŸã§ãåå¿è åãã«10åã§è§£èª¬ããŸããGDPRãæ£ããç解ããé©åãªå¯Ÿå¿ãé²ããããšããç·åå瀟ã®ä¿¡é Œåäžãšããžãã¹ãã£ã³ã¹ã®æ¡å€§ã«ã€ãªããã§ãããã
GDPRãšã¯ïŒç·åå瀟ãç¥ã£ãŠããã¹ãåºæ¬æŠèŠ
è¿å¹Žãå人æ å ±ä¿è·ã®éèŠæ§ãé«ãŸãäžã欧å·é£åïŒEUïŒã§ã¯2018幎5æ25æ¥ãããEUäžè¬ããŒã¿ä¿è·èŠåãïŒGDPRïŒGeneral Data Protection RegulationïŒãæœè¡ãããŸãããGDPRã¯ãEUåå ã®å人ããŒã¿ä¿è·ãšããã®åãæ±ãã«ã€ããŠè©³çŽ°ã«å®ããããæ³ä»€ã§ããåœå å€ã§äºæ¥ãå±éããç·åå瀟ã«ãšã£ãŠãGDPRãžã®å¯Ÿå¿ã¯éåžžã«éèŠãªèª²é¡ãšãªã£ãŠããŸããæ¬èšäºã§ã¯ãGDPRã®åºæ¬æŠèŠã«ã€ããŠãç·åå瀟ã®èŠç¹ãã解説ããŸãã
GDPRã®ç®çãšé©çšç¯å²
GDPRã®äž»ãªç®çã¯ã以äžã®3ç¹ã§ãã
- EUåå ã®å人ããŒã¿ä¿è·ã®åŒ·å
- EUåå ã®ããŒã¿ä¿è·æ³å¶ã®çµ±äž
- å人ããŒã¿ã®åå€ç§»è»¢ã«é¢ããèŠå¶ã®æ確å
GDPRã¯ãEUåå ã§äºæ¥ãè¡ãäŒæ¥ã ãã§ãªããEUåå€ã®äŒæ¥ã§ãã£ãŠããEUåšäœè ã®å人ããŒã¿ãåãæ±ãå Žåã«ã¯é©çšãããŸããã€ãŸããç·åå瀟ãEUåšäœè ã®å人ããŒã¿ãåãæ±ãå ŽåãGDPRãéµå®ããå¿ èŠãããã®ã§ãã
GDPRã«ãããå人ããŒã¿ã®å®çŸ©ãšä¿è·ã®åå
GDPRã«ãããŠãå人ããŒã¿ãšã¯ãèå¥ãããããŸãã¯èå¥å¯èœãªèªç¶äººã«é¢ããæ å ±ããšå®çŸ©ãããŠããŸããããã«ã¯ãæ°åãäœæãã¡ãŒã«ã¢ãã¬ã¹ãIPã¢ãã¬ã¹ãªã©ãå«ãŸããŸããGDPRã§ã¯ã以äžã®6ã€ã®ååã«åºã¥ããŠå人ããŒã¿ãä¿è·ããããšãæ±ããããŠããŸãã
åå | å 容 |
---|---|
é©æ³æ§ãå ¬æ£æ§ãéææ§ | å人ããŒã¿ã®åãæ±ãã¯ãé©æ³ãå ¬æ£ããã€éæã§ãªããã°ãªããªãã |
ç®çå¶é | å人ããŒã¿ã¯ãç¹å®ã®ãæ瀺çã§æ£åœãªç®çã®ããã«åéããããããã®ç®çãšäºææ§ã®ãªãæ¹æ³ã§åŠçãããŠã¯ãªããªãã |
ããŒã¿æå°å | å人ããŒã¿ã¯ãç®çã«ç §ãããŠé©åã§ãããé¢é£æ§ããããå¿ èŠãªç¯å²ã«éå®ãããªããã°ãªããªãã |
æ£ç¢ºæ§ | å人ããŒã¿ã¯æ£ç¢ºã§ãããå¿ èŠã«å¿ããŠææ°ã®ç¶æ ã«ä¿ããªããã°ãªããªãã |
ä¿åå¶é | å人ããŒã¿ã¯ãç®çã®éæã«å¿ èŠãªæéã«éããèå¥å¯èœãªåœ¢åŒã§ä¿åãããªããã°ãªããªãã |
å®å šæ§ãšæ©å¯æ§ | å人ããŒã¿ã¯ãäžæ£ãŸãã¯éæ³ãªåŠçãå¶çºçãªçŽå€±ãç Žå£ãŸãã¯æ害ããä¿è·ããããã«ãé©åãªæè¡çã»çµç¹çæªçœ®ãçšããŠåŠçãããªããã°ãªããªãã |
ç·åå瀟ã¯ããããã®ååãèžãŸããå人ããŒã¿ã®é©åãªåãæ±ãã培åºããå¿ èŠããããŸãã
GDPRã®äž»èŠãªèŠå®ãšéåæã®å¶è£
GDPRã«ã¯ãå人ããŒã¿ã®åãæ±ãã«é¢ããæ§ã ãªèŠå®ãå«ãŸããŠããŸããäž»èŠãªèŠå®ã¯ä»¥äžã®éãã§ãã
- å人ããŒã¿ã®åéã»å©çšã«éããŠã®åæååŸã®çŸ©åå
- ããŒã¿äž»äœã®æš©å©ïŒã¢ã¯ã»ã¹æš©ãåé€æš©ãèšæ£æš©ãªã©ïŒã®ä¿é
- ããŒã¿ä¿è·è²¬ä»»è ïŒDPOïŒã®èšçœ®çŸ©å
- å人ããŒã¿ã®åå€ç§»è»¢ã«é¢ããèŠå¶
- ããŒã¿æŒæŽ©çã®äºæ çºçæã®ç£ç£æ©é¢ãžã®å ±å矩å
ãããã®èŠå®ã«éåããå ŽåãäŒæ¥ã«ã¯å·šé¡ã®å¶è£éã課ãããå¯èœæ§ããããŸããå¶è£éã®äžéã¯ãå šäžç幎é売äžé«ã®4%ãŸãã¯2,000äžãŠãŒãïŒçŽ24ååïŒã®ããããé«ãæ¹ãšãããŠããŸããç·åå瀟ã«ãšã£ãŠãGDPRã®éåã¯é倧ãªãªã¹ã¯ãšèšããã§ãããã
以äžãGDPRã®åºæ¬æŠèŠã«ã€ããŠè§£èª¬ããŸãããç·åå瀟ãã°ããŒãã«ã«äºæ¥ãå±éããäžã§ãGDPRãžã®å¯Ÿå¿ã¯é¿ããŠã¯éããªã課é¡ã§ããå人ããŒã¿ã®é©åãªåãæ±ãã培åºããæ³ä»€é å®ã«åªããããšãæ±ããããŠããŸããGDPRãæ£ããç解ãã瀟å äœå¶ã®æŽåãé²ããããšããç·åå瀟ã®æç¶çãªçºå±ã«ã€ãªããã§ãããã
ç·åå瀟ãGDPRã«å¯Ÿå¿ããæ矩ãšéèŠæ§
è¿å¹Žãå人æ å ±ä¿è·ã®éèŠæ§ãé«ãŸãäžã欧å·é£åïŒEUïŒã§ã¯GDPRïŒEUäžè¬ããŒã¿ä¿è·èŠåïŒãæœè¡ãããå人ããŒã¿ã®åãæ±ãã«é¢ããèŠå¶ã匷åãããŠããŸããåœå å€ã§ã°ããŒãã«ã«äºæ¥ãå±éããç·åå瀟ã«ãšã£ãŠãGDPRãžã®å¯Ÿå¿ã¯éåžžã«éèŠãªèª²é¡ãšãªã£ãŠããŸããæ¬èšäºã§ã¯ãç·åå瀟ãGDPRã«å¯Ÿå¿ããæ矩ãšéèŠæ§ã«ã€ããŠè§£èª¬ããŸãã
ç·åå瀟ã®ã°ããŒãã«ããžãã¹ãšGDPRã®é¢ä¿æ§
ç·åå瀟ã¯ãäžçååœã§å€å²ã«ãããäºæ¥ãå±éããŠããã貿æãæè³ããããžã§ã¯ãçµæãªã©ãæ§ã ãªåœ¢ã§ã°ããŒãã«ããžãã¹ã«é¢ãã£ãŠããŸããããããäºæ¥æŽ»åã®äžã§ãç·åå瀟ã¯å¿ ç¶çã«EUåšäœè ã®å人ããŒã¿ãåãæ±ãæ©äŒãçããŸããäŸãã°ã以äžã®ãããªå Žé¢ãèããããŸãã
- EUåå ã®é¡§å®¢ãååŒå ãšã®å¥çŽç· çµãååŒã«éããŠãå人æ å ±ãåéã»å©çšããå Žå
- EUåå ã«æ ç¹ãèšçœ®ããçŸå°ã¹ã¿ããã®å人æ å ±ã管çããå Žå
- EUåšäœè ã察象ãšããããŒã±ãã£ã³ã°æŽ»åãè¡ãå Žå
- 欧å·äŒæ¥ãšã®M&AãååŒäºæ¥ã®æšé²ã«éããŠãå人æ å ±ãåãæ±ãå Žå
ããããEUåšäœè ã®å人ããŒã¿ãåãæ±ãå Žåãç·åå瀟ã¯GDPRã®é©çšå¯Ÿè±¡ãšãªããæ³ä»€ãéµå®ããå¿ èŠããããŸããã€ãŸããã°ããŒãã«ããžãã¹ãæšé²ããäžã§ãGDPRãžã®å¯Ÿå¿ã¯äžå¯æ¬ ãªèŠçŽ ãšèšããã§ãããã
GDPR察å¿ã«ããä¿¡é Œåäžãšããžãã¹ãã£ã³ã¹ã®æ¡å€§
ç·åå瀟ãGDPRã«é©åã«å¯Ÿå¿ããããšã¯ãEUåå ã®é¡§å®¢ãååŒå ããã®ä¿¡é Œåäžã«ã€ãªãããŸããGDPRã¯ãå人ããŒã¿ä¿è·ã«é¢ããäžççã«ãé«ãæ°Žæºã®èŠå¶ã§ããããããéµå®ããããšã§ãç·åå瀟ã¯å人æ å ±ä¿è·ã«çæ¯ã«åãçµã姿å¢ã瀺ãããšãã§ããŸããé«ãå«ç芳ãšã³ã³ãã©ã€ã¢ã³ã¹æèãæã€äŒæ¥ãšããŠè©äŸ¡ãããããšã§ãããžãã¹ããŒãããŒããã®ä¿¡é Œãç²åŸããé·æçãªé¢ä¿æ§ç¯ãå¯èœãšãªããŸãã
ãŸããGDPRãžã®å¯Ÿå¿ã¯ãæ°ããªããžãã¹ãã£ã³ã¹ã®åµåºã«ãã€ãªãããŸããå人ããŒã¿ã®ä¿è·ãšæŽ»çšã«é¢ãããœãªã¥ãŒã·ã§ã³ã¯ãä»åŸãŸããŸãéèŠæ§ãé«ãŸããšäºæ³ãããŸããGDPRãžã®å¯Ÿå¿ã§å¹ã£ãããŠããŠã掻ãããã³ã³ãµã«ãã£ã³ã°ãµãŒãã¹ãé¢é£è£œåã®æäŸãªã©ãæ°ããªäºæ¥é åãžã®é²åºãæåŸ ã§ããŸããããã«ãGDPR察å¿ãæšé²ããããšã§ãããŒã¿ã¬ããã³ã¹ãã»ãã¥ãªãã£ç®¡çã®åŒ·åã«ãã€ãªãããç·åå瀟ã®äºæ¥åºç€ã®åŒ·åã«ãè³ããã§ãããã
GDPRéåã«ããã¬ãã¥ããŒã·ã§ã³ãªã¹ã¯ãšçµæžçæ倱
äžæ¹ã§ãGDPRã®èŠå®ã«éåããå Žåãç·åå瀟ã¯æ·±å»ãªã¬ãã¥ããŒã·ã§ã³ãªã¹ã¯ãšçµæžçæ倱ã«çŽé¢ããå¯èœæ§ããããŸããGDPRã§ã¯ãéåããäŒæ¥ã«å¯ŸããŠå·šé¡ã®å¶è£éã課ãããããšããããŸããå¶è£éã®äžéã¯ãå šäžç幎é売äžé«ã®4%ãŸãã¯2,000äžãŠãŒãïŒçŽ24ååïŒã®ããããé«ãæ¹ãšãããŠããŸããã°ããŒãã«äŒæ¥ã§ããç·åå瀟ã«ãšã£ãŠãããããå¶è£éã¯äºæ¥ç¶ç¶ã«å€§ããªåœ±é¿ãåãŒããããŸããã
å ããŠãGDPRéåãçºèŠããå Žåãã¡ãã£ã¢ã§å€§ããå ±éããããªã¹ã¯ããããŸããå人æ å ±ä¿è·ã«é¢ããåé¡ã¯ç€ŸäŒçãªé¢å¿ãé«ããäŒæ¥ã€ã¡ãŒãžãä¿¡çšã®å€±å¢ã«ã€ãªãããããŸããã顧客ãååŒå ããã®ä¿¡é Œã倱ãã°ãããžãã¹ãã£ã³ã¹ã®åªå€±ãå¥çŽè§£æ¶ãªã©ã®äºæ ãæ³å®ãããŸããããããã¬ãã¥ããŒã·ã§ã³ãªã¹ã¯ã¯ã財åçãªæ倱以äžã«ãç·åå瀟ã®äºæ¥åºç€ãæºãããå¯èœæ§ããããŸãã
以äžã®ããã«ãç·åå瀟ã«ãšã£ãŠGDPRãžã®å¯Ÿå¿ã¯ãã°ããŒãã«ããžãã¹ãæšé²ããäžã§ã®éèŠãªèª²é¡ã§ããé©åãªå¯Ÿå¿ãéããŠãä¿¡é Œåäžãšããžãã¹ãã£ã³ã¹ã®æ¡å€§ãå³ãäžæ¹ãéåã«ãããªã¹ã¯ãæå°éã«æããããšãæ±ããããŸããGDPRãå§ããšããå人æ å ±ä¿è·èŠå¶ã®ååã泚èŠãã€ã€ã瀟å äœå¶ã®æŽåãåŸæ¥å¡æè²ãªã©ãéããŠãçå®ã«ã³ã³ãã©ã€ã¢ã³ã¹åŒ·åãé²ããŠããããšãèèŠã§ãããã
ç·åå瀟ãGDPRãžã®å¯Ÿå¿ãé©åã«è¡ãããšã¯ãã°ããŒãã«äŒæ¥ãšããŠã®è²¬åã§ãããæç¶çãªæé·ã®ããã®å¿ é æ¡ä»¶ãšèšããŸããå人ããŒã¿ã®ä¿è·ãšæŽ»çšã®ãã©ã³ã¹ãåãã€ã€ãæ³ä»€éµå®ãšäºæ¥æ©äŒã®åµåºãäž¡ç«ãããããšããããããã®ç·åå瀟ã«æ±ããããéèŠãªçµå¶èª²é¡ãšãªãã§ãããã
ç·åå瀟ã«ãããGDPR察å¿ã®ãã€ã³ããšå®è·µã¹ããã
ç·åå瀟ãã°ããŒãã«ã«ããžãã¹ãå±éããäžã§ãGDPRãžã®å¯Ÿå¿ã¯é¿ããŠã¯éããªãéèŠãªèª²é¡ã§ããå人ããŒã¿ã®é©åãªåãæ±ãã培åºããæ³ä»€é å®ã«åªããããšãæ±ããããŠããŸããããã§ã¯ãç·åå瀟ãGDPR察å¿ãé²ããäžã§ã®ãã€ã³ããšå®è·µã¹ãããã«ã€ããŠè§£èª¬ããŸãã
å人ããŒã¿ã®é©åãªååŸãšç®¡ç
GDPR察å¿ã®ç¬¬äžæ©ã¯ãå人ããŒã¿ã®é©åãªååŸãšç®¡çäœå¶ã®æ§ç¯ã§ããç·åå瀟ã¯ãäºæ¥æŽ»åã®äžã§æ§ã ãªå人ããŒã¿ãåãæ±ããŸããããã®åéã«éããŠã¯ãããŒã¿äž»äœã®åæãåŸãããšãååãšãªããŸããåæååŸã®æ¹æ³ãèšé²ã«ã€ããŠã¯ãGDPRã®èŠä»¶ã«æ²¿ã£ãŠé©åã«èšèšããå¿ èŠããããŸãã
ãŸããååŸããå人ããŒã¿ã¯ãç®çã«å¿ããŠå¿ èŠãªç¯å²ã«éå®ããæ£ç¢ºæ§ãšææ°æ§ãç¶æããªããã°ãªããŸããããã®ããã«ã¯ã瀟å ã®æ å ±ã·ã¹ãã ã管çäœå¶ãæŽåããå人ããŒã¿ã®é©åãªä¿ç®¡ã»æŽæ°ã»åé€ã培åºããããšãéèŠã§ããã¢ã¯ã»ã¹å¶åŸ¡ããã°ç®¡çãªã©ãæè¡çã»çµç¹çãªå®å šç®¡çæªçœ®ã®å®è£ ãæ¬ ãããŸããã
ããŒã¿äž»äœã®æš©å©ãžã®å¯Ÿå¿ãšãã©ã€ãã·ãŒä¿è·ã®åŸ¹åº
GDPRã§ã¯ãããŒã¿äž»äœïŒå人ããŒã¿ã®æ¬äººïŒã®æš©å©ã匷åãããŠããŸããç·åå瀟ã¯ãããŒã¿äž»äœããã®æ±ãã«å¿ããŠãå人ããŒã¿ã®é瀺ãèšæ£ãå©çšåæ¢ãªã©ã«é©åã«å¯Ÿå¿ããå¿ èŠããããŸãããã®ããã«ã¯ãããŒã¿äž»äœã®æš©å©ã«é¢ãã瀟å æç¶ããæŽåããåŸæ¥å¡ãžã®æè²ã培åºããããšãéèŠã§ãã
ãŸããGDPRã§ã¯ãã©ã€ãã·ãŒã»ãã€ã»ãã¶ã€ã³ïŒPbDïŒã®èãæ¹ãéèŠãããŠããŸããããã¯ãå人ããŒã¿ã®åãæ±ãã«éããŠãåæèšèšæ®µéãããã©ã€ãã·ãŒä¿è·ãçµã¿èŸŒããšããã¢ãããŒãã§ããæ°ããªã·ã¹ãã å°å ¥ãããžãã¹å±éã®éã«ã¯ãPbDã®èŠ³ç¹ããå人ããŒã¿ä¿è·ã«é æ ®ããããšãæ±ããããŸãããã©ã€ãã·ãŒåœ±é¿è©äŸ¡ïŒPIAïŒã®å®æœãªã©ãæ€èšãã¹ãã§ãããã
ã»ãã¥ãªãã£å¯Ÿçã®åŒ·åãšããŒã¿äŸµå®³ãžã®è¿ éãªå¯ŸåŠ
å人ããŒã¿ã®ä¿è·ã«ãããŠãã»ãã¥ãªãã£å¯Ÿçã®åŒ·åã¯æ¬ ãããŸãããç·åå瀟ã¯ãèªç€Ÿã·ã¹ãã ã®ãã匱æ§èšºæãè åšåæãå®æçã«å®æœããé©åãªå¯Ÿçãè¬ããå¿ èŠããããŸããç¹ã«ãã¯ã©ãŠããµãŒãã¹ã®å©çšããªã¢ãŒãã¯ãŒã¯ã®å°å ¥ãªã©ãITç°å¢ã®å€åã«å¿ããã»ãã¥ãªãã£å¯Ÿçã®èŠçŽããéèŠã§ãã
ãŸããäžãäžããŒã¿äŸµå®³ãçºçããå Žåã«ã¯ãè¿ éãªå¯ŸåŠãæ±ããããŸããGDPRã§ã¯ãããŒã¿äŸµå®³çºçæã®ç£ç£æ©é¢ãžã®å ±å矩åãå®ããããŠããŸããç·åå瀟ã¯ãããŒã¿äŸµå®³å¯Ÿå¿ã®æé ãäºãå®ããŠãããšãšãã«ãç£ç£æ©é¢ãžã®å ±åäœå¶ãæŽããŠããå¿ èŠããããŸããããŒã¿äŸµå®³ã®åœ±é¿ãæå°éã«æããä¿¡é Œã®ç¶æã«åªããããšãèèŠã§ãã
GDPRãžã®å¯Ÿå¿ã¯ãäžæäžå€ã§å®çŸã§ãããã®ã§ã¯ãããŸãããç·åå瀟ã¯ãçµå¶å±€ã®ãªãŒããŒã·ããã®äžãå šç€Ÿçãªãããžã§ã¯ããšããŠåãçµãå¿ èŠããããŸããå人ããŒã¿ä¿è·ã®éèŠæ§ãå šåŸæ¥å¡ã«æµžéãããç¶ç¶çãªæ¹åãå³ãããšãæ±ããããŸããGDPRãå¥æ©ãšããŠãå人ããŒã¿ä¿è·ãšæŽ»çšã®ãã©ã³ã¹ãåãã€ã€ãã°ããŒãã«ããžãã¹ãæšé²ããŠããããšããç·åå瀟ã®æç¶çãªæé·ã«ã€ãªããã§ãããã
ãŸãšã
ç·åå瀟ã«ãšã£ãŠGDPRãžã®å¯Ÿå¿ã¯ãã°ããŒãã«ããžãã¹ãæšé²ããäžã§ã®éèŠãªèª²é¡ã§ããå人ããŒã¿ã®é©åãªååŸãšç®¡çãããŒã¿äž»äœã®æš©å©ä¿è·ãã»ãã¥ãªãã£å¯Ÿçã®åŒ·åãªã©ã®ãã€ã³ããæŒãããå šç€Ÿçãªäœå¶æŽåãé²ããããšãæ±ããããŸããGDPR察å¿ãéããŠãä¿¡é Œåäžãšããžãã¹ãã£ã³ã¹ã®æ¡å€§ãå³ãäžæ¹ãéåãªã¹ã¯ãæå°éã«æããããšãèèŠã§ããå人ããŒã¿ä¿è·ãšæŽ»çšã®ãã©ã³ã¹ãåãã€ã€ãæ³ä»€éµå®ãšäºæ¥æ©äŒã®åµåºãäž¡ç«ãããããšããç·åå瀟ã®æç¶çæé·ã«ã€ãªããã§ãããã