One of the central concepts of the General Data Protection Regulation (GDPR) is the “data subject”. This notion in relation to the establishment of rights and obligations for controllers and processors becomes a common denominator in the implementation of this Regulation at the level of all Member States of the European Union. The Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) was adopted, in order to protect the privacy of data subject, whether a parent, an young person or a child. However, starting with the title we can identify two different actions: to assure the protection of personal data and the free movement of this data within and outside the Union borders. In this context we must take the following into account: the reality of conceptual gaps in interpretation of this document; old or non-existent infrastructure; legislative bottlenecks and the risks involved in the protection of children’s data. Are parents, young people or children properly informed about their rights and the risks to which they are exposed in an era of digitalization? Can online school ensure the protection of children? Does the current infrastructure allow the optimal implementation of the General Data Protection Regulation? My research, in this context, has the aim of identifying gaps between information, infrastructure and the application of the GDPR, using the content analysis method and the questionnaire as a qualitative method of research. The expected results of this research are awareness by state institutions about the risks to which children are exposed in an era of digitalization and the awareness of the controllers about the obligation to ensure the protection of children’s data in the processing process.
Read full abstract