The General Data Protection Regulation: the Next Generation of EU Data Protection

2018 ◽  
Vol 18 (1) ◽  
pp. 21-28 ◽  
Author(s):  
Sahar Bhaimia
Keyword(s):  
Data Protection ◽  
Information Services ◽  
Next Generation ◽  
General Data Protection Regulation ◽  
Data Protection Directive ◽  
General Data ◽  
Data Protection Law ◽  
The Uk ◽  
The Eu

AbstractThis article, written by Sahar Bhaimia, presents an overview of the General Data Protection Regulation (EU) (2016/679) (GDPR) which will apply automatically across the EU on 25 May 2018. The GDPR is an update and reform of existing EU data protection law, first established by the Data Protection Directive (1995/46/EC). The article is for knowledge managers and information services professionals who may be asked to take on responsibility for GDPR, and focuses on the UK. It covers the fundamentals of EU data protection law, highlights key changes brought about by the GDPR, and provides practical tips and suggestions for knowledge managers.

Revisiting the Basics of EU Data Protection Law

2020 ◽  
pp. 19-33
Author(s):  
Dimosthenis Lentzis
Keyword(s):  
Data Protection ◽  
Case Law ◽  
General Data Protection Regulation ◽  
Court Of Justice ◽  
Data Protection Directive ◽  
General Data ◽  
Data Protection Law ◽  
The Eu

It is often said that the EU General Data Protection Regulation (GDPR) has a much broader material and territorial scope than the EU Data Protection Directive it has recently replaced. This chapter tries to find out if (and, if so, to what extent) this assumption is correct. To this end, it analyzes, in the light of the existing case-law of the Court of Justice of the EU, the relevant provisions of the GDPR, namely Articles 2 and 3. It comes out that the GDPR has a slightly different (but not necessarily broader) material scope and a broader (but not as broad as one would expect) territorial scope than the old EU Data Protection Directive.

Data Protection Regulation and Jurisdiction

2021 ◽  
pp. 233-263
Author(s):  
Julia Hörnle
Keyword(s):  
Member State ◽  
Data Protection ◽  
Public Law ◽  
General Data Protection Regulation ◽  
Applicable Law ◽  
Data Protection Directive ◽  
General Data ◽  
Data Protection Law ◽  
The Eu

Chapter 7 focuses on the intriguing question of when EU law is applied to, and enforced against, foreign data controllers by data protection authorities situated in a Member State of the EU. This chapter examines jurisdiction and applicable law in the area of data protection enforcement in the light of recent jurisprudence of the Court of Justice of the EU and Member States’ courts. Given that this caselaw relates to the “old” data protection instrument, namely the Data Protection Directive 1995/46/EC (DPD), this is contrasted with the “new” General Data Protection Regulation (GDPR), which entered into force in 2018. The comparison with the now superseded DPD is also important as it sketches the background and development of EU data protection law, which is important for the wider context and in particular for showing how difficult a coordination of national competences in this field has been. The chapter does not examine jurisdiction in civil litigation before the courts (Chapter 11), but instead focuses exclusively on administrative and regulatory competence under public law.

scholarly journals The EU General Data Protection Regulation (GDPR)

2020 ◽  
Keyword(s):  
Data Protection ◽  
Personal Data ◽  
Privacy Regulation ◽  
General Data Protection Regulation ◽  
Data Protection Directive ◽  
Ongoing Work ◽  
Protection Legislation ◽  
Recent Reform ◽  
General Data ◽  
The Eu

This new book provides an article-by-article commentary on the new EU General Data Protection Regulation. Adopted in April 2016 and applicable from May 2018, the GDPR is the centrepiece of the recent reform of the EU regulatory framework for protection of personal data. It replaces the 1995 EU Data Protection Directive and has become the most significant piece of data protection legislation anywhere in the world. This book is edited by three leading authorities and written by a team of expert specialists in the field from around the EU and representing different sectors (including academia, the EU institutions, data protection authorities, and the private sector), thus providing a pan-European analysis of the GDPR. It examines each article of the GDPR in sequential order and explains how its provisions work, thus allowing the reader to easily and quickly elucidate the meaning of individual articles. An introductory chapter provides an overview of the background to the GDPR and its place in the greater structure of EU law and human rights law. Account is also taken of closely linked legal instruments, such as the Directive on Data Protection and Law Enforcement that was adopted concurrently with the GDPR, and of the ongoing work on the proposed new E-Privacy Regulation.

The Second Internet: The Brussels Bourgeois Internet

2021 ◽  
pp. 77-91
Author(s):  
Kieron O’Hara
Keyword(s):  
European Union ◽  
Public Space ◽  
Data Protection ◽  
The European Union ◽  
Privacy Rights ◽  
General Data Protection Regulation ◽  
Internet Privacy ◽  
Data Protection Directive ◽  
General Data ◽  
Data Protection Law

This chapter describes the Brussels Bourgeois Internet. The ideal consists of positive, managed liberty where rights of others are respected, as in the bourgeois public space, where liberty follows only when rights are secured. The exemplar of this approach is the European Union, which uses administrative means, soft law, and regulation to project its vision across the Internet. Privacy and data protection have become the most emblematic struggles. Under the Data Protection Directive of 1995, the European Union developed data-protection law and numerous privacy rights, including a right to be forgotten, won in a case against Google Spain in 2014, the arguments about which are dissected. The General Data Protection Regulation (GDPR) followed in 2018, amplifying this approach. GDPR is having the effect of enforcing European data-protection law on international players (the ‘Brussels effect’), while the European Union over the years has developed unmatched expertise in data-protection law.

scholarly journals The GDPR as Global Data Protection Regulation?

AJIL Unbound ◽  
2020 ◽  
Vol 114 ◽  
pp. 5-9 ◽  
Author(s):  
Cedric Ryngaert ◽  
Mistale Taylor
Keyword(s):  
International Law ◽  
Data Protection ◽  
Personal Data ◽  
Fundamental Rights ◽  
General Data Protection Regulation ◽  
Data Protection Directive ◽  
Protection Legislation ◽  
General Data ◽  
Global Data ◽  
The Eu

The deterritorialization of the Internet and international communications technology has given rise to acute jurisdictional questions regarding who may regulate online activities. In the absence of a global regulator, states act unilaterally, applying their own laws to transborder activities. The EU's “extraterritorial” application of its data protection legislation—initially the Data Protection Directive (DPD) and, since 2018, the General Data Protection Regulation (GDPR)—is a case in point. The GDPR applies to “the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to: (a) the offering of goods or services . . . to such data subjects in the Union; or (b) the monitoring of their behaviour . . . within the Union.” It also conditions data transfers outside the EU on third states having adequate (meaning essentially equivalent) data protection standards. This essay outlines forms of extraterritoriality evident in EU data protection law, which could be legitimized by certain fundamental rights obligations. It then looks at how the EU balances data protection with third states’ countervailing interests. This approach can involve burdens not only for third states or corporations, but also for the EU political branches themselves. EU law viewed through the lens of public international law shows how local regulation is going global, despite its goal of protecting only EU data subjects.

scholarly journals Criminal justice profiling and EU data protection law: precarious protection from predictive policing

2019 ◽  
Vol 15 (2) ◽  
pp. 162-176 ◽  
Author(s):  
Orla Lynskey
Keyword(s):  
Data Protection ◽  
Legal Framework ◽  
Predictive Policing ◽  
General Data Protection Regulation ◽  
Court Of Justice ◽  
Specific Assessment ◽  
General Data ◽  
Data Protection Law ◽  
Context Specific ◽  
The Eu

AbstractThis paper examines the application of the latest iterations of EU data protection law – in the General Data Protection Regulation, the Law Enforcement Directive and the jurisprudence of the Court of Justice of the EU – to the use of predictive policing technologies. It suggests that the protection offered by this legal framework to those impacted by predictive policing technologies is, at best, precarious. Whether predictive policing technologies fall within the scope of the data protection rules is uncertain, even in light of the expansive interpretation of these rules by the Court of Justice of the EU. Such a determination would require a context-specific assessment that individuals will be ill-placed to conduct. Moreover, even should the rules apply, the substantive protection offered by the prohibition against automated decision-making can be easily sidestepped and is subject to significant caveats. Again, this points to the conclusion that the protection offered by this framework may be more illusory than real. This being so, there are some fundamental questions to be answered – including the question of whether we should be building predictive policing technologies at all.

Do We Need Data Protection at All?

2021 ◽  
pp. 91-128
Author(s):  
Dara Hallinan
Keyword(s):  
Data Protection ◽  
Thought Experiment ◽  
Legal Systems ◽  
Genetic Privacy ◽  
General Data Protection Regulation ◽  
European Data ◽  
Viable Solution ◽  
General Data ◽  
Data Protection Law ◽  
The Uk

This chapter assesses whether there is any need to consider European data protection law as a framework for the protection of genetic privacy in biobanking in Europe at all. To answer the question, the chapter conducts a thought experiment and examines what the standard of protection in Europe would look like if one were to exclude data protection law from consideration. This is merely a thought experiment, as data protection already plays, and will continue to play, a significant role in the protection of genetic privacy in biobanking in Europe. The exercise is enlightening, however, in showing the extent of flaws in protection in European legal systems stripped of data protection. In this regard, the chapter then maps the protection provided to genetic privacy in biobanking by the EU's, and three European states'—Estonia, Germany, and the UK—legal systems. It then engages in a critical analysis, highlighting the significant inadequacy of the protection provided by these systems excluding data protection law. Finally, the chapter shows why, generally, European data protection law under the General Data Protection Regulation (GDPR) looks a viable solution to address the problems displayed by other approaches.

scholarly journals The ‘Europeanisation’ of Data Protection Law

2016 ◽  
Vol 19 ◽  
pp. 252-286
Author(s):  
Orla LYNSKEY
Keyword(s):  
Decision Making ◽  
Data Protection ◽  
Essential Element ◽  
Governance Structure ◽  
Significant Shift ◽  
National Authority ◽  
General Data Protection Regulation ◽  
General Data ◽  
Data Protection Law ◽  
The Eu

AbstractEU data protection law has, to date, been monitored and enforced in a decentralised way by independent supervisory authorities in each Member State. While the independence of these supervisory authorities is an essential element of EU data protection law, this decentralised governance structure has led to competing claims from supervisory authorities regarding the national law applicable to a data processing operation and the national authority responsible for enforcing the data protection rules. These competing claims – evident in investigations conducted into the data protection compliance of Google and Facebook – jeopardise the objectives of the EU data protection regime. The new General Data Protection Regulation will revolutionise data protection governance by providing for a centralised decision-making body, the European Data Protection Board. While this agency will ensure the ‘Europeanisation’ of data protection law, given the nature and the extent of this Board’s powers, it marks another significant shift in the EU’s agency-creating process and must, therefore, also be considered in its broader EU context.

Data Protection in UK Library and Information Services: Are We Ready for GDPR?

2018 ◽  
Vol 18 (1) ◽  
pp. 28-34 ◽  
Author(s):  
Josephine Bailey
Keyword(s):  
Data Protection ◽  
Data Security ◽  
Current Data ◽  
Information Services ◽  
Security And Privacy ◽  
Privacy Concerns ◽  
General Data Protection Regulation ◽  
General Data ◽  
Data Protection Law

AbstractAgainst a backdrop of increasing data security and privacy concerns, current data protection law will soon be overhauled by the General Data Protection Regulation (GDPR). Previous research has indicated a lack of data protection management in libraries, however, it has been nine years since the latest study. This article by Josephine Bailey aims to provide an updated review of the extent of data protection management in UK library and information services and gauge preparation for the incoming GDPR.

The Proposed Data Protection Regulation: The Illusion of Harmonisation, the Private/Public Sector Divide and the Bureaucratic Apparatus

2013 ◽  
Vol 15 ◽  
pp. 27-46 ◽  
Author(s):  
Peter Blume ◽  
Christian Wiese Svanberg
Keyword(s):  
Data Protection ◽  
Current Data ◽  
General Data Protection Regulation ◽  
Data Protection Directive ◽  
Central Elements ◽  
Scope Of Application ◽  
General Data ◽  
Data Protection Law ◽  
Draft Regulation ◽  
Practical Implications

AbstractThe proposal for a new General Data Protection Regulation has been billed as a harbinger of increased harmonisation, better enforcement and modernised rules within the area of data protection law. Through an analysis of several central elements in the draft Regulation—and European data protection law in general—as well as an assessment of the practical implications the proposal is likely to have if adopted, this chapter challenges whether the proposal will be able to deliver the harmonised rules that have been promised. It focuses particularly on the proposed regulations scope of application, its legal architecture, the use of discretionary provisions and related issues.It is argued that the proposal not only fails to address the root causes of why the current data protection directive (Directive 95/46) failed to bring about harmonisation and effective rules, but also looks set to transplant them into the new regulation.

Sign in / Sign up

Export Citation Format

Share Document