Upon the final creation and integration of the European Union as a conglomerate of various states, the Data Protection Directive of 1995 (Directive 95/46/EC) was passed as a comprehensive law for EU members with the aim of fostering closer, economic and social relations through common frameworks and actions in both, private and public sector. The 1995 Data Protection Directive was limited to processing of personal data while balancing the free movement of data necessary for economic progress. The ECHR principles in Sections 7 and 8 accord protection to privacy and personal data. In furtherance to these rights enshrined in the ECHR, the 1995 Directive aimed to follow through with a substantial law for the entire European Union.
The 2002 Directive (Directive 2002/58/EC) specifically applies to processing of personal data in the electronic communications sector. Its scope extends to protecting legitimate interests of subscribers who are legal persons as well. 'Communications' with respect to this law pertains to 'any information exchanged or conveyed between a finite number of parties by means of a publicly available electronic communication service.' This Directive is aimed at regulating the means of processing personal data by the providers of publicly available electronic communication service.
The General Data Protection Regulation (GDPR) will come into force in 2018. It has even stricter requirements and liabilities regarding the collection, processing, use and transfer of personal and sensitive personal data. EU has also proposed draft ePrivacy regulations in January 2017 to replace the 2002 Directive for regulating privacy of electronic communications, including among other things, protection of metadata and an easy way to accept or reject tracking cookies.
United States of America
The legal framework established in the United States for the protection of privacy is different than that in the EU. Where the EU has a set of central laws as a foundation, based on which separate national laws are drafted, United States functions on the system of distinct laws in various sectors governing privacy of personal data. Besides that, the US Constitution has carved out a right to privacy from three of its fundamental rights, the First Amendment, the Fourth Amendment, and the Fourteenth Amendment. The First Amendment is the right to free speech and assembly and a counterpart of the Indian Article 19 of the Constitution; the Fourth Amendment enshrines the protection of citizens from unauthorized searches and seizures; and the Fourteenth amendment contains the due process clause. The Courts in US, like India have evolved the scope and applicability of this right to include privacy concerns, including in matters of reproduction, search & seizure of documents and computers, among other things. The right to privacy has been secured in the United States through varying mediums and its jurisprudence has spread across avenues of reproductive rights, the right to watch obscene material in the vicinity of one's house, among various other rights, to this right being carried forward to the materials stored in a person's computer.