Brief overview of the legal instruments and restrictions for sharing data while complying with the EU data protection law

Abstract

Data are the new oil of our society, but as opposed to the latter, business are not allowed to work them and re-use freely. To the extent that data fall under the category of “personal data”, businesses must comply with the data protection legal framework. In order to do this, it is primarily necessary to design internal and automatic procedures to understand if the sharing of data, as further processing operation, is compatible with the original purpose, and if appropriate safeguards – such as anonymisation – can be implemented without compromising achievement of the aim pursued through the sharing. When the aim of the sharing requires businesses to disclose personal data, businesses must detect a legal ground to rely upon and comply with several data protection rules. The aim of this paper is to briefly analyze solutions adopted by stakeholders under the EU data protection legal framework.