Following many years of intense political debate on data protection in the European Union, the General Data Protection Regulation (GDPR) will finally become law across the EU in May 2018 and is designed to be the cornerstone of data protection in Europe. It sets out directly applicable rules on the rights of data subjects, the duties of those organisations that demand the processing of personal data and those that do the processing (data controllers and processors), international data transfers and the powers of supervisory authorities.
To celebrate Data Protection Day (28 January), the Council of Europe (CoE), CPDP and the European Data Protection Supervisor (EDPS), are co-organising a one-day event full of keynote speeches and panel discussions on how to safeguard individuals’ rights to privacy and data protection.
This background paper explores the requirement of respecting the ‘essence’ of the rights to respect for private life and of right to the protection of personal data whenever these rights are limited under European Union (EU) law.
The requirement is explicitly established in Article 52(1) of the Charter of Fundamental Rights of the EU, and currently also mentioned in EU secondary law. With the aim of facilitating further reflection and discussion on the requirement’s application notably when limitations of the right to personal data protection are at stake, the paper reviews current knowledge on the subject and illustrates the significant limitations of existing knowledge.
Taking stock of the relevant literature and case law, mainly of the Court of Justice of the EU and of the European Court of Human Rights (ECHR), it also identifies a few key issues deserving further analysis and discussion. The paper concludes by suggesting it can be useful to focus not on speculating about what would be the essence of the rights at stake, but rather on when must a limitation of a right be regarded as a breach of the essence requirement.
What's in store for newsletter #105? In this issue, CSAM: the point of no return? EDPS actions on Artificial Intelligence, the digital euro, how to be smarter than a hacker? And more diverse topics to read now. This issue is also part of our podcast series, the Newsletter Digest.
Newsletter #104 is out now! Stay informed with us about new updates in the digital regulatory landscape, affecting the GDPR and transfers of personal data to the US. Technology specialist? Read about how to download our Website Evidence Collector 2.1.1. Also in this edition, learn more how can social media be both practical and privacy friendly? This issue is also part of our podcast series, the Newsletter Digest.
EDPS Opinion 36/2023 on the Proposal for a Regulation on compulsory licensing for crisis management.