scholarly journals The ‘Europeanisation’ of Data Protection Law

2016 ◽  
Vol 19 ◽  
pp. 252-286
Author(s):  
Orla LYNSKEY
Keyword(s):  
Decision Making ◽  
Data Protection ◽  
Essential Element ◽  
Governance Structure ◽  
Significant Shift ◽  
National Authority ◽  
General Data Protection Regulation ◽  
General Data ◽  
Data Protection Law ◽  
The Eu

AbstractEU data protection law has, to date, been monitored and enforced in a decentralised way by independent supervisory authorities in each Member State. While the independence of these supervisory authorities is an essential element of EU data protection law, this decentralised governance structure has led to competing claims from supervisory authorities regarding the national law applicable to a data processing operation and the national authority responsible for enforcing the data protection rules. These competing claims – evident in investigations conducted into the data protection compliance of Google and Facebook – jeopardise the objectives of the EU data protection regime. The new General Data Protection Regulation will revolutionise data protection governance by providing for a centralised decision-making body, the European Data Protection Board. While this agency will ensure the ‘Europeanisation’ of data protection law, given the nature and the extent of this Board’s powers, it marks another significant shift in the EU’s agency-creating process and must, therefore, also be considered in its broader EU context.

scholarly journals Criminal justice profiling and EU data protection law: precarious protection from predictive policing

2019 ◽  
Vol 15 (2) ◽  
pp. 162-176 ◽  
Author(s):  
Orla Lynskey
Keyword(s):  
Data Protection ◽  
Legal Framework ◽  
Predictive Policing ◽  
General Data Protection Regulation ◽  
Court Of Justice ◽  
Specific Assessment ◽  
General Data ◽  
Data Protection Law ◽  
Context Specific ◽  
The Eu

AbstractThis paper examines the application of the latest iterations of EU data protection law – in the General Data Protection Regulation, the Law Enforcement Directive and the jurisprudence of the Court of Justice of the EU – to the use of predictive policing technologies. It suggests that the protection offered by this legal framework to those impacted by predictive policing technologies is, at best, precarious. Whether predictive policing technologies fall within the scope of the data protection rules is uncertain, even in light of the expansive interpretation of these rules by the Court of Justice of the EU. Such a determination would require a context-specific assessment that individuals will be ill-placed to conduct. Moreover, even should the rules apply, the substantive protection offered by the prohibition against automated decision-making can be easily sidestepped and is subject to significant caveats. Again, this points to the conclusion that the protection offered by this framework may be more illusory than real. This being so, there are some fundamental questions to be answered – including the question of whether we should be building predictive policing technologies at all.

The General Data Protection Regulation: the Next Generation of EU Data Protection

2018 ◽  
Vol 18 (1) ◽  
pp. 21-28 ◽  
Author(s):  
Sahar Bhaimia
Keyword(s):  
Data Protection ◽  
Information Services ◽  
Next Generation ◽  
General Data Protection Regulation ◽  
Data Protection Directive ◽  
General Data ◽  
Data Protection Law ◽  
The Uk ◽  
The Eu

AbstractThis article, written by Sahar Bhaimia, presents an overview of the General Data Protection Regulation (EU) (2016/679) (GDPR) which will apply automatically across the EU on 25 May 2018. The GDPR is an update and reform of existing EU data protection law, first established by the Data Protection Directive (1995/46/EC). The article is for knowledge managers and information services professionals who may be asked to take on responsibility for GDPR, and focuses on the UK. It covers the fundamentals of EU data protection law, highlights key changes brought about by the GDPR, and provides practical tips and suggestions for knowledge managers.

Revisiting the Basics of EU Data Protection Law

2020 ◽  
pp. 19-33
Author(s):  
Dimosthenis Lentzis
Keyword(s):  
Data Protection ◽  
Case Law ◽  
General Data Protection Regulation ◽  
Court Of Justice ◽  
Data Protection Directive ◽  
General Data ◽  
Data Protection Law ◽  
The Eu

It is often said that the EU General Data Protection Regulation (GDPR) has a much broader material and territorial scope than the EU Data Protection Directive it has recently replaced. This chapter tries to find out if (and, if so, to what extent) this assumption is correct. To this end, it analyzes, in the light of the existing case-law of the Court of Justice of the EU, the relevant provisions of the GDPR, namely Articles 2 and 3. It comes out that the GDPR has a slightly different (but not necessarily broader) material scope and a broader (but not as broad as one would expect) territorial scope than the old EU Data Protection Directive.

Data Protection Regulation and Jurisdiction

2021 ◽  
pp. 233-263
Author(s):  
Julia Hörnle
Keyword(s):  
Member State ◽  
Data Protection ◽  
Public Law ◽  
General Data Protection Regulation ◽  
Applicable Law ◽  
Data Protection Directive ◽  
General Data ◽  
Data Protection Law ◽  
The Eu

Chapter 7 focuses on the intriguing question of when EU law is applied to, and enforced against, foreign data controllers by data protection authorities situated in a Member State of the EU. This chapter examines jurisdiction and applicable law in the area of data protection enforcement in the light of recent jurisprudence of the Court of Justice of the EU and Member States’ courts. Given that this caselaw relates to the “old” data protection instrument, namely the Data Protection Directive 1995/46/EC (DPD), this is contrasted with the “new” General Data Protection Regulation (GDPR), which entered into force in 2018. The comparison with the now superseded DPD is also important as it sketches the background and development of EU data protection law, which is important for the wider context and in particular for showing how difficult a coordination of national competences in this field has been. The chapter does not examine jurisdiction in civil litigation before the courts (Chapter 11), but instead focuses exclusively on administrative and regulatory competence under public law.

The Risk-Based Approach to Data Protection

2020 ◽  
Author(s):  
Raphaël Gellert
Keyword(s):  
Risk Management ◽  
Data Protection ◽  
Personal Data ◽  
Management Tools ◽  
General Data Protection Regulation ◽  
Regulation Theory ◽  
Régulation Theory ◽  
General Data ◽  
Data Protection Law ◽  
The Way

The main goal of this book is to provide an understanding of what is commonly referred to as “the risk-based approach to data protection”. An expression that came to the fore during the overhaul process of the EU’s General Data Protection Regulation (GDPR)—even though it can also be found in other statutes under different acceptations. At its core it consists in endowing the regulated organisation that process personal data with increased responsibility for complying with data protection mandates. Such increased compliance duties are performed through risk management tools. It addresses this topic from various perspectives. In framing the risk-based approach as the latest model of a series of regulation models, the book provides an analysis of data protection law from the perspective of regulation theory as well as risk and risk management literatures, and their mutual interlinkages. Further, it provides an overview of the policy developments that led to the adoption of such an approach, which it discusses in the light of regulation theory. It also includes various discussions pertaining to the risk-based approach’s scope and meaning, to the way it has been uptaken in statutes including key provisions such as accountability and data protection impact assessments, or to its potential and limitations. Finally, it analyses how the risk-based approach can be implemented in practice by providing technical analyses of various data protection risk management methodologies.

scholarly journals The EU General Data Protection Regulation (GDPR)

2020 ◽  
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Privacy Regulation ◽  
General Data Protection Regulation ◽  
Data Protection Directive ◽  
Ongoing Work ◽  
Protection Legislation ◽  
Recent Reform ◽  
General Data ◽  
The Eu

This new book provides an article-by-article commentary on the new EU General Data Protection Regulation. Adopted in April 2016 and applicable from May 2018, the GDPR is the centrepiece of the recent reform of the EU regulatory framework for protection of personal data. It replaces the 1995 EU Data Protection Directive and has become the most significant piece of data protection legislation anywhere in the world. This book is edited by three leading authorities and written by a team of expert specialists in the field from around the EU and representing different sectors (including academia, the EU institutions, data protection authorities, and the private sector), thus providing a pan-European analysis of the GDPR. It examines each article of the GDPR in sequential order and explains how its provisions work, thus allowing the reader to easily and quickly elucidate the meaning of individual articles. An introductory chapter provides an overview of the background to the GDPR and its place in the greater structure of EU law and human rights law. Account is also taken of closely linked legal instruments, such as the Directive on Data Protection and Law Enforcement that was adopted concurrently with the GDPR, and of the ongoing work on the proposed new E-Privacy Regulation.

Sign in / Sign up

Export Citation Format

Share Document