Skip to main content
SpringerLink
Log in

The Right to the Protection of Personal Data and EU Law

  • Chapter
  • First Online:
The Emergence of Personal Data Protection as a Fundamental Right of the EU

Part of the book series: Law, Governance and Technology Series ((ISDP,volume 16))

Abstract

This chapter chronicles the integration in the law of the European Union (EU) of the fundamental right to personal data protection as advanced by the Charter of Fundamental Rights of the EU. It first explores a transitional period inaugurated by the solemn proclamation of the EU Charter in 2000 and closed with the entry into force of the Lisbon Treaty in 2009. During this period the Charter did not have legally binding force, but generated nonetheless a series of references in EU secondary law, in addition to being echoed by the EU Court of Justice. Second, the chapter offers an overview of the changes triggered by the Lisbon Treaty in the area of personal data protection, reviews the changing and not fully consistent incorporation of Article 8 of the Charter in the case law of the Luxembourg Court, and highlights the new role granted to the EU fundamental right to personal data protection in the legislative proposals introduced in 2012 by the European Commission for the review of the EU personal data protection legal landscape, emphasising how the new right is seemingly ready to move ‘privacy’ out of such legal landscape.

Privacy is a nothingness these days.

(Gaeoudjiparl 2012)

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    See preamble to the EU Charter.

  2. 2.

    Describing them as ‘closely linked’: (Bygrave 2010, p. 168).

  3. 3.

    An example in a policy document: (Article 29 Data Protection Working Party 2007, p. 7). Arguing that the protection of personal data can only be partially accommodated under the right to respect for private life: (Terrasi 2008, p. 392). Stating that data protection is ‘at least partly subsumed within the right to privacy in Article 8 ECHR’: (Oliver 2009, p. 1455). Portraying data protection as ‘both broader and more specific than the right to privacy’: (Gutwirth and Hildebrandt 2010, p. 37). An account of privacy and data protection in terms of opacity tools v transparency tools (based on their roles in the democratic constitutional state) similarly argued that privacy and data protection ‘pre-suppose each other and are intertwined’: (Gutwirth 2007, p. 63).

  4. 4.

    As a counter-example, there are references to Directive 95/46/EC, and to personal data, in a Directive lacking any allusion to privacy: Directive 2004/48/EC of the European Parliament and of the Council of 29 April 2004 on the enforcement of intellectual property rights [2004] OJ L195/16). The provision of Directive 2004/48/EC that mentions ‘personal data’, however, does not specifically refer to the protection of personal data, but rather to ‘the protection of confidentiality of information sources or the processing of personal data’ (Article 8(3)(e) of Directive 2004/48/EC).

  5. 5.

    Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related rights in the information society [2001] OJ L167/10.

  6. 6.

    Emphasis added.

  7. 7.

    Recital 57. French version: ‘incorporer les principes de protection de la vie privée’; German: ‘dem Schutz der Privatsphäre’; Dutch: ‘de persoonlijke levenssfeer’; Spanish: ‘respeto de la intimidad’; Italian: ‘salvaguardia della vita privata’.

  8. 8.

    Article 9 of Directive 2001/29/EC. French version: ‘la protection des données personnelles et le respect de la vie privée’; German version: ‘Datenschutz und Schutz der Privatsphäre’; Dutch: ‘gegevensbescherming en persoonlijke levenssfeer’; Spanish: ‘la protección de datos y el derecho a la intimidad’; Italian: ‘la tutela dei dati e il rispetto della vita privata’.

  9. 9.

    Directive 97/66/EC of the European Parliament and of the Council of 15 December 1997 concerning the processing of personal data and the protection of privacy in the telecommunications sector [1997] OJ L24/1. See Chap. 5, Sect. 5.2.2 of this book.

  10. 10.

    Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) [2002] OJ L 201/37.

  11. 11.

    Recital 4 of Directive 2002/58/EC.

  12. 12.

    Article 2(1) of Directive 2002/58/EC.

  13. 13.

    Ibid. Recital 3.

  14. 14.

    Similarly, the French version uses vie privée both in the heading and in the short name.

  15. 15.

    Emphasis added.

  16. 16.

    Recital 2 of Directive 2002/58/EC.

  17. 17.

    Ibid. Article 1(1) of Directive 2002/58/EC. See also: (Martínez Martínez 2004, p. 229).

  18. 18.

    See, for instance: Recitals 5, 6 and 46 of Directive 2002/58/EC.

  19. 19.

    Ibid. Article 2(b). On the status of traffic data in EU law, see notably: (Pérez Asinari 2004).

  20. 20.

    Ibid. Article 2(c).

  21. 21.

    Ibid. Article 9.

  22. 22.

    Observing it is unclear whether they are regarded by Directive 2002/58/EC as falling under the category of personal data: (Poullet 2006, p. 216).

  23. 23.

    Ibid. Article 14(1).

  24. 24.

    Ibid. Article 15(1).

  25. 25.

    Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC [2006] OJ L105/54.

  26. 26.

    Ibid. Recital 25.

  27. 27.

    Ibid. Recital 22.

  28. 28.

    Emphasis added.

  29. 29.

    Article 7 of Directive 2006/24/EC.

  30. 30.

    Tabled as a joint proposal by four Member States: UK, France, Ireland, and Sweden.

  31. 31.

    For instance, the European Parliament asserted in a 2004 Resolution that, in its view, ‘Member States’ laws providing for the wide-scale retention of data related to citizens’ communications for law-enforcement purposes are not in full conformity with the European Convention on Human Rights’ (Resolution of the European Parliament on the First Report on the implementation of the Data Protection Directive (95/46/EC) (COM(2003) 265– C5–0375/2003– 2003/2153(INI)), P5_TA(2004)0141, Strasbourg, 9.3.2004, paragraph 18). In 2005, the European Parliament rejected under the consultation procedure the proposal for a Framework Decision (European Parliament legislative Resolution on the initiative by the French Republic, Ireland, the Kingdom of Sweden and the UK for a Draft Framework Decision on the retention of data processed and stored in connection with the provision of publicly available electronic communications services or data on public communications networks for the purpose of prevention, investigation, detection and prosecution of crime and criminal offences including terrorism (8958/2004– C6-0198/2004– 2004/0813(CNS)), P6_TA(2005)0348, Strasbourg, 25.9.2005).

  32. 32.

    European Parliament legislative Resolution on the proposal for a directive of the European Parliament and of the Council on the retention of data processed in connection with the provision of public electronic communication services and amending Directive 2002/58/EC (COM(2005)0438– C6-0293/2005– 2005/0182(COD)), P6_TA(2005)0512, Strasbourg, 14.12.2005.

  33. 33.

    C-301/06 Ireland v Parliament and Council [2009] ECR I-593, Judgment of the Court (Grand Chamber) of 10 February 2009. See, on this case: (Herlin-Karnell 2009).

  34. 34.

    Joined Cases C-317/04 and C-318/04 Parliament v Council [2006] ECR I-4721, Judgment of the Court (Grand Chamber) of 30 May 2006 (‘PNR’). See, on this judgment: (González Vaqué 2006; Guild and Brouwer 2006; Pedilarco 2006; Mendez 2007; Terrasi 2008).

  35. 35.

    Agreement between the European Community and the United States of America on the processing and transfer of PNR data by Air Carriers to the United States Department of Homeland Security, Bureau of Customs and Border Protection [2004] OJ L183/83, and corrigendum [2005] OJ L255/168). See, on this agreement: (Poullet and Pérez Asinari 2004).

  36. 36.

    Commission Decision 2004/535/EC of 14 May 2004 on the adequate protection of personal data contained in the Passenger Name Record of air passengers transferred to the US Bureau of Customs and Border Protection [2004] OJ L235/11.

  37. 37.

    PNR § 56.

  38. 38.

    See, notably: (Geyer 2008; European Commission 2010a).

  39. 39.

    On the asymmetrical regimes applicable to first and third pillar large-scale information systems surfaced in the AFSJ: (Quilleré-Majzoub 2005, in particular pp. 610–611).

  40. 40.

    The subject became one of the most widely debated topics in the field. Prior to the events of 9/11, the European Parliament had notably been actively investigating ECHELON, a global system for the interception of private and commercial communications. It endorsed a Resolution on the subject only a week before 9/11 (Resolution of the European Parliament on the existence of a global system for the interception of private and commercial communications (ECHELON interception system), 2001/2098(INI), 5.9.2001). There was no visible follow up to that initiative.

  41. 41.

    In a Resolution adopted in 2003, the European Parliament called on the European Commission to come forward ‘as soon as possible’ with a binding legal instrument relating to data protection in the context of the third pillar, providing guarantees equivalent to those of Directive 95/46/EC, and requested the Council to ensure that all major EU information systems were subject to first pillar data protection (Resolution of the European Parliament on progress in 2002 in implementing an Area of Freedom, Security and Justice (Articles 2 and 39 of the EU Treaty), P5_TA(2003)0126), 27.3.2003). In March 2004, it adopted another Resolution appealing for ‘a comprehensive and trans-pillar European privacy and data protection regime’ (Resolution of the European Parliament of 9.3.2004, op. cit.). In June 2005, a new Resolution repeated the European Parliament’s ‘call for common criteria for data protection in the security domain’ (Resolution of the European Parliament on progress made in 2004 in creating an Area of Freedom, Security and Justice (AFSJ) (Articles 2 and 39 of the EU Treaty), P6_TA(2005)0227, 8.6.2005).

  42. 42.

    See, in this sense, the amendments proposed in: European Parliament legislative Resolution of 14 November 2000 on the proposal for a European Parliament and Council regulation on the protection of individuals with regard to the processing of personal data by the institutions and bodies of the Community and on the free movement of such data: COM(1999) 337-C5-0149/1999- 1999/0153(COD) [2001] OJ C223/73. See also: (González Fuster and Paepe 2008).

  43. 43.

    See Article 14(2) of Council Decision 2002/187/JHA of 28 February 2002 setting up Eurojust with a view to reinforcing the fight against serious crime [2002] OJ L63/1.

  44. 44.

    Convention of 27 May 2005 between the Kingdom of Belgium, the Federal Republic of Germany, the Kingdom of Spain, the French Republic, the Grand Duchy of Luxembourg, the Kingdom of the Netherlands and the Republic of Austria on the stepping up of cross-border cooperation, particularly in combating terrorism, cross-border crime and illegal migration (‘Prüm Convention); see in particular Article 34(1), where Convention 108 is mentioned together with the Additional Protocol of 8 November 2001, and Recommendation No R (87) 15.

  45. 45.

    Council Decision 2008/615/JHA of 23 June 2008 on the stepping up of cross-border cooperation, particularly in combating terrorism and cross-border crime [2008] OJ L210/1, in particular Article 25(1), also referring additionally to the 2001 Additional Protocol, and Recommendation No R (87) 15.

  46. 46.

    Council Framework Decision 2008/977/JHA of 27 November 2008 on the protection of personal data processed in the framework of police and judicial cooperation in criminal matters [2008] OJ L350/60.

  47. 47.

    Recital 48 of Council Framework Decision 2008/977/JHA.

  48. 48.

    Ibid. Article 1(1).

  49. 49.

    Ibid. Recital 5.

  50. 50.

    Council, ‘The Hague Programme: Strengthening Freedom, Security and Justice in the European Union’ [2005] OJ C53/1.

  51. 51.

    Ibid. 7.

  52. 52.

    Regulation (EC) No 1049/2001 of the European Parliament and of the Council of 30 May 2001 regarding public access to European Parliament, Council and Commission documents [2001] OJ L145/43.

  53. 53.

    As enshrined in the second subparagraph of Article 1 of the Treaty on European Union (TEU) (Recital 1 of Regulation No 1049/2001).

  54. 54.

    Ibid. Recital 3.

  55. 55.

    Article 255(2) of the EC Treaty (Recital 4 of Regulation No 1049/2001).

  56. 56.

    Recital 11 of Regulation No 1049/2001.

  57. 57.

    Emphasis added.

  58. 58.

    Article 4(1)(b) of Regulation No 1049/2001 (ibid. Recital 4).

  59. 59.

    Describing the clause as ‘rather ambiguous’: (Kranenborg 2008, p. 1096).

  60. 60.

    Recital 2 of Regulation (EC) No 1049/2001.

  61. 61.

    Ibid. Recital 11.

  62. 62.

    Ibid. Article 4(7).

  63. 63.

    Opinion of Advocate General Sharpston in C-28/08 P Bavarian Lager [2010] ECR I-6055 § 39.

  64. 64.

    Ibid. § 38.

  65. 65.

    Ibid. § 42.

  66. 66.

    Ibid. § 49.

  67. 67.

    T-194/04 Bavarian Lager Company Ltd. v Commission [2007] ECR II-4523, Judgment of the Court of First Instance (Third Chamber) of 8 November 2007. On this judgment, see also: (Guichot 2008; Adamski 2009).

  68. 68.

    T-194/04 Bavarian Lager § 127–129.

  69. 69.

    Ibid. § 118.

  70. 70.

    Ibid § 119.

  71. 71.

    Ibid. § 130.

  72. 72.

    Ibid. § 131.

  73. 73.

    C-28/08 P Commission v Bavarian Lager [2010] ECR I-6055, Judgment of the Court (Grand Chamber) of 29 June 2010. See, on this ruling: (González Vaqué 2010).

  74. 74.

    Referred to in the judgment as the General Court, its current denomination.

  75. 75.

    C-28/08 P Bavarian Lager § 65.

  76. 76.

    Ibid. § 59.

  77. 77.

    Ibid. § 61.

  78. 78.

    Ibid. § 79.

  79. 79.

    Opinion of Advocate General Sharpston in C-28/08 P Bavarian Lager § 11.

  80. 80.

    Cf. Opinions of Advocate General Alber in C-340/99 TNT Traco [2001] ECR I-4109 § 94 (in reference to Article 36 of the Charter); Advocate General Tizzano in C-173/99 BECTU [2001] ECR I-4881 § 26 (in reference to Article 31(2) of the Charter); or Advocate General Léger in C-353/99 P Hautala [2001] ECR I-9565, § 51 (in reference to Article 42 of the Charter).

  81. 81.

    Joined Cases T-377/00, T-379/00, T-380/00, T-260/01 and T-272/01 Philip Morris International and Others v Commission [2003] ECR II-1, Judgment of the Court of First Instance (Second Chamber, extended composition) of 15 January 2003, § 122.

  82. 82.

    Cf. the ECtHR, which alluded to the Charter (in particular, to Article 9 on the right to marry and to found a family) in 2002, in Christine Goodwin v the United Kingdom [2002] ECHR 2002-VI, App. No 28957/95.

  83. 83.

    C-540/03 Parliament v Council [2006] ECR I-5769, Judgment of the Court (Grand Chamber) of 27 June 2006.

  84. 84.

    Council Directive 2003/86/EC of 22 September 2003 on the right to family reunification [2003] OJ L251/12. See also: (Benoit-Rohmer 2011).

  85. 85.

    Ibid. § 38.

  86. 86.

    C-275/06 Productores de Música España (Promusicae) [2008] ECR I-271, Judgment of the Court (Grand Chamber) of 29 January 2008, § 64. See, on this judgment: (González Vaqué 2008; Soto García; Mari 2008).

  87. 87.

    See also: (Kranenborg 2008, p. 1089). Article 8 of the Charter had been mentioned twice by Advocate General Léger in his Opinion for Case C-317/04 (on PNR): § 23, and footnote 127.

  88. 88.

    Promusicae § 64.

  89. 89.

    Ibid.

  90. 90.

    Promusicae § 65.

  91. 91.

    Opinion of Advocate General Kokott in C-275/06 Promusicae [2008] ECR I-271; concretely, in a Section titled ‘The link between data protection and fundamental rights’.

  92. 92.

    Ibid. § 51.

  93. 93.

    Ibid. § 52.

  94. 94.

    C-524/06 Heinz Huber v Bundesrepublik Deutschland [2008] ECR I-9705, Judgment of the Court (Grand Chamber) of 16 December 2008. See, notably: (González Fuster et al. 2010).

  95. 95.

    Opinion Advocate General Poiares Maduro in Case C-524/06 Huber [2008] ECR I-9705 § 30.

  96. 96.

    C-73/07 Satakunnan Markkinapörssi and Satamedia [2008] ECR I-9831, Judgment of the Court (Grand Chamber) of 16 December 2008. See, notably: (Docquir 2009).

  97. 97.

    Satamedia § 52.

  98. 98.

    Ibid. § 53. The ECJ also ruled that the fact that the data were in the public domain was not an obstacle for their qualification as personal data, and that the notion of journalism needed to be interpreted ‘broadly’ § 56).

  99. 99.

    Opinion of Advocate General Kokott in C-73/07 Satamedia [2008] ECR I-9831 § 40 (with a reference to Promusicae).

  100. 100.

    Ibid. § 37.

  101. 101.

    C-553/07 College van burgemeester en wethouders van Rotterdam v M. E. E. Rijkeboer [2009] ECR I-3889, Judgment of the Court (Third Chamber) of 7 May 2009.

  102. 102.

    Ibid. § 4.

  103. 103.

    Ibid. § 46.

  104. 104.

    Ibid. § 47 (with references to Rundfunk, Lindqvist, Promusicae, and Satamedia).

  105. 105.

    Ibid. § 49.

  106. 106.

    Ibid. § 50.

  107. 107.

    Opinion of Advocate General Ruiz-Jarabo Colomer in C-553/07 Rijkeboer [2009] ECR I-3889.

  108. 108.

    Ibid. § 20.

  109. 109.

    Emphasis added. In the original Spanish version of his Opinion: right to intimidad.

  110. 110.

    Ibid. § 8.

  111. 111.

    It was composed of two members of Parliament of each Member State and applicant country, sixteen members of the European Parliament, two members of the European Commission, and a representative from the government of each Member State.

  112. 112.

    The final content of Article I-51 of the draft Constitutional treaty was however criticised for being more limited in scope than originally foreseen (Guerrero Picó 2005, p. 293).

  113. 113.

    Treaty of Lisbon amending the Treaty on European Union and the Treaty establishing the European Community, signed at Lisbon, 13 December 2007 [2007] OJ C306/1.

  114. 114.

    On the impact of the Lisbon Treaty on EU (personal) data protection, see also: (Spiecker gen. Döhman and Eisenbarth 2011).

  115. 115.

    Consolidated versions of the Treaty on European Union and the Treaty on the Functioning of the European Union [2010] OJ C83/1. See also Article 2 of the TEU: ‘The Union is founded on the values of respect for human dignity, freedom, democracy, equality, the rule of law and respect for human rights, including the rights of persons belonging to minorities. These values are common to the Member States in a society in which pluralism, non-discrimination, tolerance, justice, solidarity and equality between women and men prevail’.

  116. 116.

    See also Declaration No 2 on Article 6(2) of the Treaty on European Union, annexed to the Final Act of the Intergovernmental Conference which adopted the Treaty of Lisbon, signed on 13 December 2007, where the Conference noted ‘the existence of a regular dialogue between the Court of Justice of the European Union and the European Court of Human Rights; such dialogue could be reinforced when the Union accedes to that Convention’.

  117. 117.

    Charter of Fundamental Rights of the European Union [2010] OJ C83/389.

  118. 118.

    See also: (Amato and Ziller 2007, p. 115).

  119. 119.

    Ibid. A reference to the Explanation was also added to the Charter’s preamble.

  120. 120.

    Explanations relating to the Charter of Fundamental Rights [2007] OJ C303/17.

  121. 121.

    Ibid. 20.

  122. 122.

    As confirmed also in Article 51(2) of the EU Charter.

  123. 123.

    Declaration No 1 concerning the Charter of Fundamental Rights of the European Union, annexed to the Final Act of the Intergovernmental Conference which adopted the Treaty of Lisbon, signed on 13 December 2007.

  124. 124.

    Protocol (No 30) on the application of the Charter of Fundamental Rights of the European Union to Poland and to the United Kingdom. See also Declaration No 61 by the Republic of Poland on the Charter of Fundamental Rights of the European Union, and Declaration No 62 by the Republic of Poland concerning the Protocol on the application of the Charter of Fundamental Rights of the European Union in relation to Poland and the United Kingdom. A draft protocol to incorporate the Czech Republic to Protocol 30 was eventually proposed by the European Council.

  125. 125.

    The only difference being the use of the pronoun ‘them’ (instead of ‘him or her’ as in the Charter). Describing this as a ‘questionable alteration’: (Oliver 2009, p. 1456).

  126. 126.

    Only when processed by Member States (Article 29 Data Protection Working Party and Working Party on Police and Justice 2009, p. 7).

  127. 127.

    For the third pillar, it replaces Articles 30 (1)(b) and 34 (2)(b) TEU.

  128. 128.

    The original version of Article 52(2) was slightly different, and set out that ‘(r)ights recognised by this Charter which are based on (emphasis added) the Community Treaties or the Treaty on European Union shall be exercised under the conditions and within the limits defined by those Treaties’. Although it could be debatable whether Article 8 of the Charter is ‘based on’ Treaty recognition, it cannot be disputed that there is currently a provision on such right in the TFEU.

  129. 129.

    Declaration No 20 on Article 16 of the Treaty on the Functioning of the European Union.

  130. 130.

    Declaration No 21 on the protection of personal data in the fields of judicial cooperation in criminal matters and police cooperation. Viewing these Declarations as an open door for the adoption of specific rules in these areas despite the existence of a single legal basis in Article 16 TFEU: (Boehm 2012, p. 117).

  131. 131.

    See, on this case law: (González Fuster and Gellert 2012).

  132. 132.

    Joined Cases C-92/09 and C-93/09 Volker und Markus Schecke and Eifert [2010] ECR I-11063, Judgment of the Court (Grand Chamber) of 9 November 2010.

  133. 133.

    Schecke and Eifert § 45.

  134. 134.

    Ibid. § 46.

  135. 135.

    Ibid. § 47.

  136. 136.

    Ibid.

  137. 137.

    Ibid. § 48.

  138. 138.

    Ibid. § 49.

  139. 139.

    Ibid. § 50.

  140. 140.

    Ibid. § 51. Regarding this as a combined application of the Charter and the ECHR: (Benoit-Rohmer 2011, p. 161).

  141. 141.

    Concretely, to Amann and Rotaru.

  142. 142.

    Schecke and Eifert § 52.

  143. 143.

    Ibid. § 69. This allowed the Court to assert that the measures pursued a legitimate purpose, namely transparency, regarded as an objective of general interest recognised by the EU (§ 71), even if the Court considered that they did not comply with proportionality requirements.

  144. 144.

    Even despite the fact that the case referred to events occurred in September 2008 (Lind and Strand 2011, p. 4).

  145. 145.

    Opinion of Advocate General Sharpston in Joined Cases C-92/09 and C-93/09 Schecke and Eifert [2010] ECR I-11063.

  146. 146.

    Ibid. § 71 (referring notably to Promusicae and to the Opinion of Advocate General Ruiz Jarabo Colomer in Rijkeboer, as well as to Directive 95/46/EC).

  147. 147.

    Ibid. § 65.

  148. 148.

    Joined Cases C-468/10 and C-469/10 Asociación Nacional de Establecimientos Financieros de Crédito (ASNEF) (C-468/10) and Federación de Comercio Electrónico y Marketing Directo (FECEMD) (C-469/10) v Administración del Estado, Judgment of the Court (Third Chamber) of 24 November 2011, not yet published.

  149. 149.

    The ECJ found that Article 7(f) of Directive 95/46/EC must be interpreted as precluding the existence of national rules with that effect.

  150. 150.

    FECEMD and ASNEF § 40.

  151. 151.

    Ibid. § 41.

  152. 152.

    Ibid. 42.

  153. 153.

    On this subject, see also: (González Fuster 2012).

  154. 154.

    C-70/10 Scarlet Extended SA v Société belge des auteurs, compositeurs et éditeurs SCRL (SABAM), Judgment of the Court (Third Chamber) of 24 November 2011, not yet published.

  155. 155.

    Directive of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related rights in the information society [2001] OJ L167/10; Directive of the European Parliament and of the Council of 29 April 2004 on the enforcement of intellectual property rights [2004] OJ L157/45; corrections: [2004] OJ L195/16, and [2007] OJ L204/27.

  156. 156.

    Directive of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (‘Directive on electronic commerce’) [2000] OJ L178/1.

  157. 157.

    Opinion of Advocate General Cruz Villalón in Case C-70/10 Scarlet, delivered on 14 April 2011, § 34.

  158. 158.

    Ibid. § 30. See also: Benoit-Rohmer (2011) op. cit. 160.

  159. 159.

    Opinion of Advocate General Cruz Villalón in Scarlet, § 31.

  160. 160.

    Ibid. § 33.

  161. 161.

    An idea that Cruz Villalón supported referring to Rundfunk, Satamedia, and Schecke and Eifert, as well as the Opinion of Advocate General Kokott in Promusicae.

  162. 162.

    Ibid. § 73.

  163. 163.

    Scarlet § 43.

  164. 164.

    Ibid. § 44.

  165. 165.

    Ibid. § 45. This idea was also echoed in C-461/10 Bonnier Audio and Others (Judgment of the Court (Third Chamber) of 19 April 2012, not yet published § 49), where nonetheless the EU Court of Justice failed to identify the applicable fundamental rights to be balanced. Similarly mentioning a need to balance ‘the various fundamental rights involved’, whithout naming them: C-557/07 LSG-Gesellschaft zur Wahrnehmung von Leistungsschutzrechten [2009] ECR I-1227, Order of the Court (Eighth Chamber) of 19 February 2009.

  166. 166.

    The ECJ also observed that measures such as the contested affected the freedom to conduct a business enjoyed by operators (ibid. § 46).

  167. 167.

    Ibid. § 50.

  168. 168.

    Ibid. § 51.

  169. 169.

    C360/10 Belgische Vereniging van Auteurs, Componisten en Uitgevers CVBA (SABAM) v Netlog NV, Judgment of the Court (Third Chamber) of 16 February 2012, not yet published.

  170. 170.

    Ibid. § 49.

  171. 171.

    Ibid. § 51 (referring ‘by analogy’ to Scarlet).

  172. 172.

    C-518/07 Commission v Germany [2010] ECR I-1885, Judgment of the Court (Grand Chamber) of 9 March 2010. An action had been brought by the European Commission asking the ECJ to declare that Germany had failed to correctly implement Directive 95/46/EC because it did not ensure the complete independence of data protection authorities established at Länder level, and responsible for monitoring the processing of personal data outside the public sector. The Luxembourg Court agreed that Germany had failed to fulfil its obligations.

  173. 173.

    Advocate General Mazák did not mention the Charter in his Opinion for the case (which notably proposed to the ECJ to dismiss the action) (Opinion of Advocate General Mazák in C-518/07 Commission v Germany, delivered on 22 October 2009).

  174. 174.

    C-614/10 Commission v Austria, Judgment of the Court (Grand Chamber) of 16 October 2012, not yet published.

  175. 175.

    Resulting from a complaint submitted to the European Commission in 2003 by the Austrian organisation ARGE DATEN.

  176. 176.

    Commission v Austria § 36.

  177. 177.

    C-543/09 Deutsche Telekom AG v Bundesrepublik Deutschland [2011] ECR I-3441, Judgment of the Court (Third Chamber) of 5 May 2011.

  178. 178.

    Directive 2002/22/EC of the European Parliament and of the Council of 7 March 2002 on universal service and users’ rights relating to electronic communications networks and services (Universal Service Directive) [2002] OJ L108/51.

  179. 179.

    Deutsche Telekom § 50.

  180. 180.

    Ibid. § 3.

  181. 181.

    Ibid. § 50.

  182. 182.

    That it routinely referred to in the German authentic version of the judgment using its official short name: Datenschutzrichtlinie für elektronische Kommunikation (‘Data protection Directive for electronic communications’).

  183. 183.

    Deutsche Telekom § 49.

  184. 184.

    Ibid. § 51.

  185. 185.

    Ibid. § 52.

  186. 186.

    C-104/10 Patrick Kelly v National University of Ireland (University College, Dublin), Judgment of the Court (Second Chamber) of 21 July 2011, not yet published, § 55.

  187. 187.

    Ibid. § 56.

  188. 188.

    Article 33 of Directive 95/46/EC.

  189. 189.

    Emphasis added. The European Commission also alluded to individuals’ ‘data protection rights’ (European Commission 2003, p. 20).

  190. 190.

    See, for instance: (European Commission 2007, pp. 2 and 8).

  191. 191.

    Which notably included the celebration of a Conference titled ‘Personal data—more use, more protection?’ in Brussels, on 19 May 2009. During the event was distributed merchandising (including pens, and sticky notes) with the slogan ‘The protection of your personal data is your fundamental right’. The consultation notably asked for views on the new challenges for personal data protection, in particular in the light of new technologies and globalisation.

  192. 192.

    Emphasis added.

  193. 193.

    The sentence, with some changes in punctuation, was signed by Commissioner Viviane Reding (Commissioner responsible for Justice, Fundamental Rights and Citizenship since 2010) in 2012 (Reding 2012, p. 120).

  194. 194.

    See also the section ‘Putting individuals in control of their personal data’ (European Commission 2012c, p. 4).

  195. 195.

    The notification of data breaches was first incorporated into EU law through a revision of Directive 2002/58/EC undertaken in 2009 (and, thus, applying only to the electronic communications sector); see: Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009 amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws [2009] OJ L337/11. On this subject, see, notably: (Barceló and Traung 2010).

  196. 196.

    Emphasis added.

  197. 197.

    This formula is also echoed by Recitals 2, 7 and 129 of the proposed Regulation (European Commission 2012a, pp. 17, 18 and 37).

  198. 198.

    Emphasis added.

  199. 199.

    As well as ensuring that the exchange of personal data by competent authorities in the EU is not restricted for reasons connected with the protection of individuals with regard to the processing of personal data (European Commission 2012b, p. 26).

  200. 200.

    As argued by the reading of the EU Agency for Fundamental Rights (FRA), which stresses in its assessment of the 2012 legislative package that Article 8 of the Charter is closely connected to ‘the right to privacy as guaranteed by Article 7 of the Charter on the respect for private and family life’ (EU Agency for Fundamental Rights 2012).

  201. 201.

    The Explanatory Memorandum also refers to the fundamental right to personal data protection in (European Commission 2012a, pp. 2 and 6).

  202. 202.

    See, in this sense, Recital 7 of the proposed Regulation: ‘The objectives and principles of Directive 95/46/EC remain sound, but it has not prevented fragmentation in the way data protection is implemented across the Union, legal uncertainty and a widespread public perception that there are significant risks for the protection of individuals associated notably with online activity. Differences in the level of protection of the rights and freedoms of individuals, notably to the right to the protection of personal data, with regard to the processing of personal data (emphasis added) afforded in the Member States may prevent the free flow of personal data throughout the Union’ (European Commission 2012a, p. 18); cf. Article 1(1) of Directive 95/46/EC: ‘the fundamental rights and freedoms of natural persons, and in particular their right to privacy with respect to the processing of personal data’ (emphasis added).

  203. 203.

    As already foreseen by (European Commission 2010c, p. 12) and in (European Commission 2012c, p. 7).

  204. 204.

    On this subject, see for instance: (González Fuster 2013).

  205. 205.

    See also: (González Fuster and Gutwirth 2013).

  206. 206.

    Article 22 of the proposed Regulation.

  207. 207.

    Article 6(3) of the proposed Regulation.

  208. 208.

    Emphasis added.

  209. 209.

    Recital 41 of the proposed Regulation (European Commission 2012a, 24).

  210. 210.

    Emphasis added.

  211. 211.

    Article 32(1) of the proposed Regulation (European Commission 2012a, p. 61).

  212. 212.

    Recital 67 of the proposed Regulation (European Commission 2012a, p. 28).

  213. 213.

    Article 30(3) of the proposed Regulation (European Commission 2012a, p. 60).

  214. 214.

    Such as the Dutch version, which alludes to ‘oplossingen inzake privacy by design en gegevens-bescherming by default’; or the Spanish version: ‘soluciones de privacidad desde el diseño y la protección de datos por defecto’.

  215. 215.

    The French version refers to: ‘des solutions de protection des données dès la conception ainsi que par défaut’; in German: ‘Lösungen für einen Datenschutz durch Technik und datenschutzfreundliche Voreinstellungen’; Italian: ‘soluzioni per la protezione fin dalla progettazione e per la protezione di default’.

  216. 216.

    Article 17 of the proposed Regulation.

  217. 217.

    Recital 54 of the Proposed Regulation.

  218. 218.

    In particular: Secrétariat d’Etat à la Prospective et au Développement de l’économie numérique, Charte du droit à l’oubli dans les sites collaborateurs et les moteurs de recherche and Charte du Droit à l’oubli numérique dans la publicité ciblée, both of 2010.

  219. 219.

    Comparing the droit à l’oubli and the right to be forgotten: (Ambrose and Ausloos 2013).

  220. 220.

    See, notably: (Rallo Lombarte 2010, p. 104).

  221. 221.

    Case C-131/12, Google Spain and Google, case in progress.

  222. 222.

    The conception of digital forgetting as an expiration date for information had actually been supported previously in the literature: (Mayer-Schönberg 2009, using the expression “expiration date”: p. 15).

  223. 223.

    Opinion of the European Economic and Social Committee on the Communication from the Commission to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions—A comprehensive approach on personal data protection in the European Union COM(2010) 609 final, [2011] OJ C248/123, p. 126.

References

  • Adamski, Dariusz. 2009. How wide is ‘the widest possible’? Judicial interpretation of the exceptions to the right of access to official documents revisited. Common Market Law Review 46:521–549.

    Google Scholar 

  • Alonso Blas, Diana. 2009. First pillar and third pillar: Need for a common approach on data protection? In Reinventing Data Protection? eds. Serge Gutwirth, Yves Poullet, Paul De Hert, Cécile De Terwangne, and Sjaak. Nouwt, 225–237. Dordrecht: Springer.

    Chapter  Google Scholar 

  • Amato, Giuliano, and Jacques Ziller. 2007. The European Constitution: Cases and Materials in EU and Member States’ Law. Cheltenham: Edward Elgar.

    Book  Google Scholar 

  • Ambrose, Meg Leta, and Ausloos, Jef. 2013. The right to be forgotten across the pond. Journal of Information Policy 3:1–23.

    Google Scholar 

  • Article 29 Data Protection Working Party. 2007. Opinion 4/2007 on the concept of personal data. WP 136. Brussels.

    Google Scholar 

  • Article 29 Data Protection Working Party. 2012. Opinion 01/2012 on the data protection reform proposals. WP 191. Brussels.

    Google Scholar 

  • Article 29 Data Protection Working Party, and Working Party on Police and Justice. 2009. The future of privacy: Joint contribution to the consultation of the European Commission on the legal framework for the fundamental right to the protection of personal data. Brussels.

    Google Scholar 

  • Barceló, Rosa, and Traung, Peter. 2010. The emerging European union security breach legal framework: The 2002/58 ePrivacy Directive and beyond. In Data Protection in a Profiled World, eds. Serge Gutwirth, Yvers Poullet, and Paul De Hert, 77–104. Dordrecht: Springer.

    Chapter  Google Scholar 

  • Benoit-Rohmer, Florence. 2011. L’Union européenne et les droits fondamentaux depuis l’entrée en vigueur du Traité de Lisbonne. Revue trimestrielle de Droit européen 47 (1): 145–172.

    Google Scholar 

  • Benyekhlef, Karim. 1996. Les normes internationales de protection des données personnelles et l’autoroute de l’information. In Les Journées Maximilien-Caron: Le respect de la vie privée dans l’entreprise, 65–101. Thémis.

    Google Scholar 

  • Boehm, Franziska. 2012. Information sharing and data protection in the Area of Freedom, Security and Justice. Berlin: Springer.

    Book  Google Scholar 

  • Bougettaya, Farid. 2006. La protection des données personnelles en droit communautaire. Université de Montpellier I.

    Google Scholar 

  • Burgorgue-Larsen, Laurence. 2005. Les juges face à la Charte: De la prudence à l’audace. In La France face à la Charte des droits fondamentaux de l’Union européenne, ed. Laurence Burgorgue-Larsen, 3–64. Bruxelles: Bruylant.

    Google Scholar 

  • Bygrave, Lee A. 2010. Privacy and data protection in an international perspective. Scandinavian Studies in Law 56:165–200.

    Google Scholar 

  • De Schutter, Olivier. 2005. Article II-68 – Protection des données à caractère personnel In Traité établissant une Constitution pour l’Europe: Commentaire article par article, eds. Laurence Burgorgue-Larsen, Anne Levade and Fabrice Picod. Bruxelles: Bruylant, 122–152

    Google Scholar 

  • Docquir, Benjamin. 2009. Arrêt Satamedia: La (re)diffusion d’informations publiques dans les médias et les exigences de la protection des données. Revue européenne de droit de la consommation 2–3:560–581.

    Google Scholar 

  • EU Agency for Fundamental Rights. 2012. Opinion of the European Union Agency for Fundamental Rights on the proposed data protection reform package. FRA Opinion 2/2012. Vienna.

    Google Scholar 

  • European Commission. 2000. File note: Comparative analysis of the Member States’ legislation concerning the access to documents. SG.C.2/L D(99). Brussels.

    Google Scholar 

  • European Commission. 2003. First report on the implementation of the Data Protection Directive (95/46/EC). COM (2003) 265 final. Brussels.

    Google Scholar 

  • European Commission 2005. Proposal for a Council Framework Decision on the protection of personal data processed in the framework of police and judicial co-operation in criminal matters. COM (2005) 475 final. Brussels.

    Google Scholar 

  • European Commission. 2007. Communication from the Commission to the European Parliament and the Council on the follow-up of the Work Programme for better implementation of the Data Protection Directive, COM (2007) 87 Final, Brussels, 7.3. 2007, 8. COM (2007) 87 final. Brussels.

    Google Scholar 

  • European Commission. 2009. Communication from the Commission to the European Parliament and the Council—An Area of Freedom, Security and Justice serving the citizen. COM/2009/0262 final. Brussels.

    Google Scholar 

  • European Commission. 2010a. Communication from the Commission to the European Parliament and the Council: Overview of Information Management in the Area of Freedom, Security and Justice. COM (2010) 385 final (2010). Brussels.

    Google Scholar 

  • European Commission. 2010b. Communication from the Commission: Strategy for the effective implementation of the Charter of Fundamental Rights by the European Union. COM (2010) 573. Brussels.

    Google Scholar 

  • European Commission. 2010c. Communication to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions: A comprehensive approach on personal data protection in the European Union. COM (2010) 609 final.

    Google Scholar 

  • European Commission. 2012a. Proposal for a Regulation of the European parliament and of the council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). COM (2012) 11 final. Brussels.

    Google Scholar 

  • European Commission. 2012b. Proposal for a directive of the European parliament and of the Council on the protection of individuals with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data. COM (2012) 10 final. Brussels.

    Google Scholar 

  • European Commission. 2012c. Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions: Safeguarding privacy in a connected world: A European Data Protection framework for the 21st Century. COM (2012) 9 final. Brussels.

    Google Scholar 

  • European, Data Protection Supervisor (EDPS). 2011. Opinion on the Communication from the Commission to the European Parliament, the Council, the Economic and Social Committee and the Committee of the Regions—‘A Comprehensive Approach on Personal Data Protection in the European Union’ OJ C181/1, 1–23.

    Google Scholar 

  • Gaeoudjiparl. 2012. El camino del hardcore. Barcelona: Alku.

    Google Scholar 

  • Geyer, Florian. 2008. Taking stock: Databases and systems of information exchange in the Area of Freedom, Security and Justice. CEPS Research Paper No. 9. Centre for European Policy Studies (CEPS).

    Google Scholar 

  • González Fuster, Gloria. 2012. Balancing intellectual property against data protection: A new right’s wavering weight. IDP Revista de Internet, Derecho y Política 14:43–46.

    Google Scholar 

  • González Fuster, Gloria. 2013. Security and the future of personal data protection in the European Union. Security and Human Rights 23 (4): 331–342.

    Article  Google Scholar 

  • González Fuster, Gloria, De Hert, Paul, Ellyne, Erika, and Gutwirth Serge. 2010. Huber, Marper and others: Throwing new light on the shadows of suspicion. INEX Policy Brief No. 11. Centre for European Policy Studies (CEPS).

    Google Scholar 

  • González Fuster, Gloria, and Gellert, Raphaël. 2012. The fundamental right of data protection in the European union: In search of an uncharted right. International Review of Law, Computers & Technology 26 (1): 73–82.

    Article  Google Scholar 

  • González Fuster, Gloria, and Gutwirth, Serge. 2013. Opening up personal data protection: A conceptual controversy. Computer Law & Security Review 29:531–539.

    Article  Google Scholar 

  • González Fuster, Gloria, and Paepe, Pieter. 2008. Reflexive governance and the EU third pillar: Analysis of data protection and criminal law aspects. In Security Versus Justice? Police and Judicial Cooperation in the European Union, eds. Elspeth Guild and Florian Geyer. Aldershot: Ashgate.

    Google Scholar 

  • González Vaqué, Luis. 2006. El Tribunal de Justicia de las Comunidades Europeas anula el Acuerdo entre la Comunidad Europea y los EE.UU. para la transmisión de datos sobre los pasajeros de las compañías aéreas. Revista Española de Derecho Europeo 20:557–576. (octubre-diciembre).

    Google Scholar 

  • González Vaqué, Luis. 2008. El TJCE se pronuncia sobre la obligación de comunicar datos personales a fin de garantizar la protección de los derechos de autor en un procedimiento civil: La Sentencia ‘Promusicae’. Unión Europea Aranzadi 5 (año XXXIV): 5–14.

    Google Scholar 

  • González Vaqué, Luis. 2010. El TJUE precisa el alcance de la protección de los datos personales en el marco del acceso a los documentos de las instituciones de la UE: La Sentencia ‘Comisión/Bavarian Lager’. Gaceta Jurídica de la Unión Europea y de la Competencia 18: 9–18. (noviembre-diciembre).

    Google Scholar 

  • Groussot, Xavier. 2008. Case C-275/06, Productores de Música de España (Promusicae) V. Telefónica de España SAU, Judgment of the Court (Grand Chamber) of 28 January 2008: Rock the KaZaA: Another clash of fundamental rights. Common Market Law Review 45:1745–1766.

    Google Scholar 

  • Guerrero Picó, María del Carmen. 2005. El derecho fundamental a La protección de datos de carácter personal en La Constitución Europea. Revista de Derecho Constitucional Europeo 2005 (4): 293–332.

    Google Scholar 

  • Guichot, Emilio. 2008. Un paso decisivo en la clarificación de las relaciones entre derecho de acceso y derecho de protección de datos: La Sentencia del TPI de 8 de noviembre de 2007, Bavarian Lager/Comisión, T-194/04. Revista Española de Derecho Europeo 27:329–345. (julio-septiembre).

    Google Scholar 

  • Guild, Elspeth, and Brouwer, Evelien. 2006. The political life of data: The ECJ decision on the PNR agreement between the EU and the US. Policy Brief No. 109. Centre for European Policy Studies (CEPS).

    Google Scholar 

  • Gutwirth, Serge. 2007. Biometrics between opacity and transparency. Annali dell’Istituto Superiore di Sanità 43 (1): 61–65.

    Google Scholar 

  • Gutwirth, Serge, and Hildebrandt, Mireille. 2010. Some caveats on profiling. In Data Protection in a Profiled World, eds. Serge Gutwirth, Yves Poullet, and Paul De Hert, 31–41. Springer.

    Google Scholar 

  • Herlin-Karnell, Ester. 2009. Case C-301/06, Ireland V. Parliament and council, judgment of the court (Grand Chamber) of 10 February 2009, Not yet reported. Common Market Law Review 46:1667–1684.

    Google Scholar 

  • Hustinx, Peter J. 2005. Data protection in the European Union. Privacy & Informatie 2:62–65.

    Google Scholar 

  • Jacqué, Jean-Paul. 2003. L’évolution des travaux de la Convention. In Constitution européenne, démocratie et droits de l’homme, eds. Gérard Cohen-Jonathan and Jacqueline Dutheil de la Rochère, 25–42. Bruxelles: Bruylant.

    Google Scholar 

  • Korff, Douwe. 2004. The legal framework: An analysis of the ‘Constitutional’ European approach to issues of data protection and law enforcement. UK Information Commissioner Study Project: Privacy & Law Enforcement.

    Google Scholar 

  • Kranenborg, Herke. 2008. Access to documents and data protection in the European Union: On the public nature of personal data. Common Market Law Review 45 (4): 1079–1114.

    Google Scholar 

  • Le Bot, Olivier. 2003. Charte de l’Union européenne et Convention de sauvegarde des Droits de l’homme: La coexistence de deux catalogues de droits fondamentaux. Revue trimestrielle de droit européen 55:781–811.

    Google Scholar 

  • Lind, Anna-Sara, and Magnus Strand. 2011. A new proportionality test for fundamental rights? The Joined Cases C-92/09 and C-93/09 Volker und Markus Schecke GbR (C-92/09) and Hartmut Eifert (C-93/09) V. Land Hessen. European Policy Analysis 7:1–12.

    Google Scholar 

  • Mari, Gaia. 2008. Saggi—L’Unione Europea impone di non sacrificare ad occhi chiusi la proprietà intellettuale sull’altare della privacy. Il Diritto di Autore 3: 289–321.

    Google Scholar 

  • Martínez Martínez, Ricard. 2004. Una aproximación crítica a la autodeterminación informativa. Madrid: Thomson Civitas.

    Google Scholar 

  • Mayer-Schönberg, Viktor. 2009. Delete: The Virtue of Forgetting in the Digital Age. Princeton and Oxford: Princeton University Press.

    Google Scholar 

  • Mendez, Mario. 2007. Passenger Name Record agreement: European Court of Justice. European Constitutional Law Review 3 (1): 127–147.

    Article  Google Scholar 

  • Murillo, de la Cueva, Lucas Pablo. 2009. La construcción del derecho a la autodeterminación informativa y las garantías para su efectividad. In El derecho a la autodeterminación informativa, eds. Pablo Lucas Murillo de la Cueva and José Luis Piñar Mañas, 11–80. Madrid: Fundación Coloquio Jurídico Europeo.

    Google Scholar 

  • Oliver, Peter. 2009. The protection of privacy in the economic sphere before the European Court of Justice. Common Market Law Review 46:1443–1483.

    Google Scholar 

  • Pedilarco, Emanuele. 2006. Protezione dei dati personali: La Corte di Giustizia annulla l’accordo Unione Europea—Stati Uniti sul trasferimento dei dati dei passeggeri aeri. Diritto Pubblico Comparato ed Europeo Vol. 3, 1225–1231.

    Google Scholar 

  • Poullet, Yves, and María Verónica Pérez Asinari. 2004. Données Des Voyageurs Aériens: Le Débat Europe-États Unis. Journal Des Tribunaux 12 (113): 266–274.

    Google Scholar 

  • Poullet, Yves. 2006. The Directive 95/46/EC: Ten years after. Computer Law & Security Report 22:206–217.

    Article  Google Scholar 

  • Poullet, Yves, and Pérez Asinari, María Verónica. 2004. Données des voyageurs aériens: Le débat Europe-États Unis. Journal des Tribunaux 12 (113): 266–274.

    Google Scholar 

  • Quilleré-Majzoub, Fabienne. 2005. Les individus face aux systèmes d’information de l’Union européenne: L’impossible équation du contrôle juridictionnel et de la protection des données personnelles au niveau européen? Journal du Droit International 132 (3): 609–635.

    Google Scholar 

  • Rallo Lombarte, Artemi. 2003. Europa ¿Hacia una Constitución europea? Reflexiones sobre la protección de los derechos fundamentales en el debate constituyente europeo. Revista Valenciana de Economía y Hacienda 7:201–218.

    Google Scholar 

  • Rallo Lombarte, Artemi. 2010. El derecho al olvido y su protección: a partir de la protección de datos. Telos: Cuadernos de Comunicación e Innovación 85:104–108.

    Google Scholar 

  • Reding, Viviane. 2012. The European data protection framework for the twenty-first century. International Data Privacy Law 2 (3): 119.

    Article  Google Scholar 

  • Rodotà, Stefano. 2009. Data protection as a fundamental right. In Reinventing Data Protection? eds. Serge Gutwirth, Yves Poullet, Paul De Hert, Cécile De Terwangne, and Sjaak Nouwt, 77–82. Dordrecht: Springer.

    Chapter  Google Scholar 

  • Rosen, Jeffrey. 2012. The right to be forgotten. Stanford Law Review Online 64(2012) http://www.stanfordlawreview.org/sites/default/files/online/topics/64-SLRO-88.pdf. Accessed 10 March 2013.

  • Rosier, Karen. 2008. La Directive 2002/58/CE vie privée et communications électroniques et la Directive 95/46/CE relative au traitement des données à caractère personnel: Comment les (ré)concilier? In Challenges of Privacy and Data Protection Law: Perspectives of European and North American Law, eds. María Verónica Pérez Asinari and Pablo Palazzi, 328–352. Bruxelles: Bruylant.

    Google Scholar 

  • Rouvroy, Antoinette, and Thomas Berns. 2010. Le nouveau pouvoir statistique ou quand le contrôle s’exerce sur un réel normé, docile et sans événement car constitué de corps “numériques”. Multitudes 40:88–103.

    Article  Google Scholar 

  • Soto García, Mercedes. TJCE—Sentencia de 2008, Promusicae, C-275/06– Sociedad de la información, protección de datos personales, deber de divulgación de proveedores de servicios, protección de los derechos de auto. Revista de Derecho Comunitario Europeo 31:867–883.

    Google Scholar 

  • Spiecker gen, Döhman, Indra, and Markus Eisenbarth. 2011. Kommt das ‘Volkszählungsurteil’ Nun durch den EuGH? – Der Europäische Datenschutz Nach Inkrafttreten des Vertrags von Lissabon. Juristenzeitung 4:169–177.

    Google Scholar 

  • Terrasi, Alfredo. 2008. Trasmissione dei dati personali e tutela della riservatezza: L’accordo tra Unione Europea e Stati Uniti del 2007. Rivista di Diritto Internazionale 91:375–419.

    Google Scholar 

  • Vranes, Erich. 2003. The final clauses of the Charter of Fundamental Rights—Stumbling blocks for the first and second Convention. European Integration online Papers (EIoP) Vol. 7 No. 7.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Law, Science, Technology and Society (LSTS), Vrije Universiteit Brussel (VUB), Brussels, Belgium

    Gloria González Fuster

Authors
  1. Gloria González Fuster
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Gloria González Fuster .

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this chapter

Cite this chapter

González Fuster, G. (2014). The Right to the Protection of Personal Data and EU Law. In: The Emergence of Personal Data Protection as a Fundamental Right of the EU. Law, Governance and Technology Series(), vol 16. Springer, Cham. https://doi.org/10.1007/978-3-319-05023-2_7

Download citation

Publish with us

Policies and ethics

Search

Navigation