Category: Regulation | Area of Effect: Customer Protection | Proposed by:Marxist Germany
The World Assembly,
Appalled by the lack of a resolution regarding data protection;
Recognising the individuals' right to privacy;
Believing that businesses should not be able to collect data from a customer without the explicit consent of that customer as this is clearly a violation of the right to privacy;
Noting that minors are not fully mentally mature and are not capable of taking decisions on their own without the help of their guardians;
Seeking to protect customers from exploitation by businesses;
Hereby,
- Defines the following for the purpose of this resolution:
- A "Minor" as any sapient being under the age of majority;
- A "Guardian" as any legal guardian of a minor, or if none exist, the biological parent;
- "Personal Data" as any data that can be used to identify a sapient individual;
- A "User" as any sapient being who uses or has used the services of a business;
- Prohibits:
- Businesses from storing the personal data of any minor without the explicit consent of their guardian except when the business cannot identify the user's age;
- Businesses from using personal data collected from any individual to cause harm or severe distress to the individual the data belongs to;
- Governments of member states from viewing the data of a user without the explicit prior consent from both the business holding the data and the user that the data belongs to, except when the information is needed for a criminal investigation or trial and a search warrant has been issued;
- Mandates that:
- Businesses provide explicit information on how they will use a user's data in their terms of service;
- Businesses enable users to view the data that the aforementioned business holds on them unless the release of data would compromise the well-being of the user or others;
- Personal data processed for any purpose is not kept for longer than is necessary for that purpose unless the user consents to that explicitly and clearly;
- Businesses allow users to request the removal of their personal data, and act upon these requests unless there is a clear and very compelling safety or disciplinary reason to do otherwise;
- Requires that member states make a private right of action against businesses that don't follow the boundaries established in this resolution;
- Encourages member states to enact stricter laws to protect their citizens' privacy from businesses.