Review of EU Data Protection Law: A Future with a Past

On 15 September 2014 the European Data Protection Supervisor (EDPS) has made available the thourough data protection review article entitled "EU Data Protection Law: The Review of Directive 95/46/EC and the Proposed General Data Protection Regulation" by Peter Hustinx which is based on a course given at the European University Institute's Academy of European Law in July 2013.

The article reminds the reader of the origins of data protection which were about the rights and interests of individuals and not mainly about the data relating to those individuals and then not only takes stock of where EU data protection law currently is but also takes a closer look at some of the key data protection issues.

Valuable Distinctions

"Privacy and data protection - more precisely: the right to respect for private life and the right to the protection of someone's personal data - are both fairly recent expressions of a universal idea with quite strong ethical dimensions:

the dignity, autonomy and unique value of every human being.

This also implies the right of every individual to develop their own personality and to have a fair say on matters that may have a direct impact on them. It explains two features that frequently appear in this context:

• the need to prevent undue interference in private matters, and
• the need to ensure adequate control for individuals over matters that may affect them." (Peter Hustinx, "EU Data Protection Law: The Review of Directive 95/46/EC and the Proposed General Data Protection Regulation", page 2)

Main Themes

"In this overview we will see two main lines:

• the first one having to do with the development of stronger privacy and data protection rights as such, and
• the second with the need to ensure a more consistent application of those rights across the EU.

Both are aiming to promote more effective protection in practice and less unhelpful diversity in the way protection is delivered in the Member States. In both lines we will see a gradual development in different stages, which now also involves the increasing impact of the Charter of Fundamental Rights, both in the case law of the Court of Justice and in the review of the current legal framework. As 'privacy' and 'data protection' are mentioned separately in the Charter, this also leads to issues as to the distinction between the two."
(Peter Hustinx, "EU Data Protection Law: The Review of Directive 95/46/EC and the Proposed General Data Protection Regulation", page 2)

The article by Peter Hustinx largely follows "the historic timeline:

• the origins of data protection and the role of the Council of Europe will be discussed in Section 2 (pages 3-8) and
• the main lines of the current EU Directive in Section 3 (pages 9-13).
• After an intermezzo in Section 4 (pages 14-23) on different institutional aspects, including the Charter and the impact of the Lisbon Treaty, we will turn to
• the background and the main lines of the proposed General Data Protection Regulation in Section 5 (pages 24-33).
• In Section 6 (pages 34-43) we will highlight some of the key issues in the current legislative debate and
• in Section 7 (pages 44-49) we will address other issues which may require further reflection and discussion.
• Finally, we will make some concluding remarks in Section 8 (pages 50-52)."

(Peter Hustinx, "EU Data Protection Law: The Review of Directive 95/46/EC and the Proposed General Data Protection Regulation", page 3)

The article "EU Data Protection Law: The Review of Directive 95/46/EC and the Proposed General Data Protection Regulation" by Peter Hustinx will be published in the "Collected Courses of the European University Institute's Academy of European Law, 24th Session on European Union Law, 1-12 July 2013"