Data Protection in EU Law
This chapter aims to discuss the possibilities and limitations of the EU to provide for an effective and comprehensive data protection regime. In this respect, it presents an analysis of the data protection rules in EU law by examining the relevant constitutional and secondary law framework. It analyzes the jurisprudence of the European Court of Justice and the Court of First Instance on data protection issues, and argues that the European Court of Justice has interpreted an internal market measure (the Data Protection Directive) in such a way so as to foster the protection of fundamental rights. However, when it comes to the balancing between fundamental rights the Court leaves the question to be resolved by national courts. Finally, the contribution assesses the transborder data flows regime established by the Data Protection Directive and attempts to draw some conclusions on whether the ‘adequate protection’ test ensures a high protection in such flows.