This article was accepted into the corpus but its outbound wikilinks were never NER-processed — typical at the deepest BFS hop or when the run's entity cap was reached. No expansion funnel to show.
| Real Decreto 1720/2007 | |
|---|---|
| Title | Real Decreto 1720/2007 |
| Type | Royal Decree |
| Jurisdiction | Spain |
| Date enacted | 2007 |
| Related legislation | Ley Orgánica 15/1999, Reglamento (UE) 2016/679 |
Real Decreto 1720/2007. Real Decreto 1720/2007 is a Spanish royal decree that approves the regulations developing Ley Orgánica 15/1999 on the protection of personal data, linking Spanish administrative practice with European instruments such as Regulation (EU) 2016/679, Directive 95/46/EC and referencing institutions like the Agencia Española de Protección de Datos, Tribunal Constitucional de España and Consejo de Ministros. The decree was promulgated during the government of José Luis Rodríguez Zapatero and interacts with jurisprudence from the Tribunal Supremo (España), decisions of the European Court of Justice and policies influenced by actors such as European Commission commissioners and national administrations including the Ministerio del Interior and the Ministerio de Justicia.
Real Decreto 1720/2007 arose in the legislative context established by Ley Orgánica 15/1999 and the regulatory environment shaped by rulings of the Audiencia Nacional (España), normative activity of the Agencia Española de Protección de Datos, and coordination with standards from the Council of the European Union, Parliament of the European Union, and case law from the European Court of Human Rights, reflecting debates involving figures such as Juan Carlos I (as head of state during promulgation), policymakers from the Partido Socialista Obrero Español, and counterpoints in the Partido Popular (España) parliamentary groups.
The decree specifies the regulatory scope set by Ley Orgánica 15/1999 concerning personal data processing for public administrations like the Comunidad de Madrid and private entities including corporations listed on the Bolsa de Madrid, aiming to harmonize practice with international norms from the United Nations and guidance from the Organisation for Economic Co-operation and Development. Objectives include safeguarding rights recognized under the Constitución Española and aligning Spanish norms with principles promoted by jurisprudence from the Court of Justice of the European Union, guidance by the European Data Protection Supervisor, and recommendations of bodies such as the World Health Organization where health data are implicated.
The decree is organized into titles, chapters and articles that detail principles, categories of data, obligations and procedural rules affecting actors like the Agencia Española de Protección de Datos, municipal registries such as the Registro Civil (España), and sectoral regulators including the Comisión Nacional de los Mercados y la Competencia. Main provisions address lawful processing requirements, classifications that affect files held by institutions like the Servicio Público de Empleo Estatal, exceptions for intelligence or security activities overseen by the Centro Nacional de Inteligencia and procedural coordination with bodies such as the Tribunal de Cuentas.
The decree codifies rights of access, rectification, cancellation and opposition as exercised before the Agencia Española de Protección de Datos, with mechanisms compatible with remedies available via the Tribunal Constitucional de España and administrative appeals before the Consejo de Ministros. It prescribes technical and organizational measures for controllers handling sensitive categories such as health data managed by the Ministerio de Sanidad or criminal records administered by the Ministerio de Justicia, and contemplates interaction with international requests involving authorities like the Interpol or the European Union Agency for Fundamental Rights.
Controllers and processors, whether public bodies like the Ayuntamiento de Barcelona or private firms such as multinationals listed on the IBEX 35, must implement security levels, notification procedures and contractual safeguards consistent with oversight by the Agencia Española de Protección de Datos, collaboration with sectoral regulators like the Banco de España, and standards influenced by international bodies such as the International Organization for Standardization.
The decree provides the legal basis for administrative enforcement and sanctions exercised by the Agencia Española de Protección de Datos and for judicial review in forums such as the Audiencia Nacional (España) and the Tribunal Supremo (España), interacting with compliance programs promoted by institutions like the Comisión Europea and subject to appeal procedures involving the Consejo de Estado (España).
Implementation affected public administrations including the Ministerio de Educación and private sectors such as telecommunications operators like Telefónica, prompting commentary from academic institutions like the Universidad Complutense de Madrid and civil society groups including Facua and Asociación de Internautas. Criticism targeted tensions with evolving EU law under Regulation (EU) 2016/679, procedural burdens on small enterprises represented by chambers such as the Cámara de Comercio de España, and interpretive disputes resolved in case law of the Tribunal Constitucional de España and the Court of Justice of the European Union.
Category:Spanish legislation