The risks of sharing the information of others on the Internet
After seven years of debate and effort, Europe’s General Data Protection Regulation (GDPR) finally enters into force, implying radical changes across all sectors, from technology to advertising, medicine or banking.
The new regulation will also have an impact on the behavior of Internet users, by reinforcing the protection of personal information and redefining the actions that may constitute crimes on the Internet. In this regard, the Spanish Data Protection Agency (AEPD) has presented a manual that details the conditions under which the dissemination of information on the Internet could be a crime.
Sharing personal information
Posting information, photographs, videos or audio files of other people without permission, whether on social networks, through instant messaging services or email, could be subject to civil or criminal penalties. Specifically, such crimes could be punishable with prison sentences ranging from one to five years, according to article 197.3 of the Spanish Penal Code. The most severe sentences are aimed at those who, in addition to distributing the data, have also taken part in illegally obtaining it.
Unauthorized access to other people’s information implies a breach of privacy and would represent crimes of “discovery and disclosure of secrets” and “violation of moral integrity.” These include the installation of apps on mobile devices of relatives or partners in order to monitor their communications or their location, or access messages or emails. In fact, after the last reform to the Spanish Penal Code, it is a crime to possess software designed to commit fraud such as forging contracts or ID documents.
This section also includes the privacy of minors, which is protected by the Organic Law 1/1996 of the Legal Protection of Minors, stipulating that “minors have the right to honor, personal and family privacy and to their own image. This right also covers the inviolability of the family home and correspondence, as well as the secrecy of communications.”
Sexting and revenge porn
Unauthorized publication of intimate images sent or taken in a private environment is a serious crime. This includes those who publish or share such material via messaging or social networks, even if they do not know the people who appear in the images or videos. Anyone participating in the publication or sharing of this type of material may be fined or imprisoned for between three to twelve months (article 197.1 of the Spanish Penal Code).
The law also makes reference to ‘revenge porn’, i.e, the publication of intimate images or videos of a former partner. The AEPD is very clear on this point: “To threaten or blackmail someone with the publication of intimate recordings (photographs, videos or audio files) of that person, without their consent, may constitute a crime of gender-based violence.” It should also be noted, that it is a crime to erase or damage computers, programs or files of your ex-partner or company after the break-up of a relationship or dismissal from work.
Despite the seemingly anonymous nature of the Web, the authorities insist that when slander and insults are made via the Internet the penalties are stiffer. The crime of cyber-bullying or stalking, for example, has been contemplated by the Spanish Penal Code since 2015 and is committed when somebody continuously monitors or follows a person, contacts them through any means of communication, uses their data to get goods or services or in order that other people contact the person. This crime carries a penalty of three months to two years in prison or fines.
How does this GDPR law effect revenge porn in the UK specifically? who is responsible for overseeing it? Do lawyers in UK courts prosecute this? what is the sentencing?