Publicaties

The right to remedy breaches of data protection is laid down in both Directive 95/46/EC (Art. 22) and the Council of Europe Data Protection Convention no. 108 (Art. 8 (d)). Although data protection violations are remedied mainly at the national level, it is possible to identify a set of procedural rules on how to remedy data protection violations under EU law. Currently, there is a three-layered remedial system in place (composed of access ...

After having reflected about technologies and the role of non-political guidance in EU data protection law in previous editorials, I now turn to the thorny question about the proper place of data protection law. In search of a substance, I use Murakami’s imaginary to prepare for the worst: not all things, concepts and beings are blessed with substance. After having managed (lowered) possible expectations about the essence of data protection law, ...

Data protection is one of the main issues raised in the development of the European
area of freedom, security and justice (AFSJ). The introduction of measures touching
upon data protection is coinciding with growing dilemmas as to how best to ensure
individuals' fundamental rights. Is current legislation on data protection adequate
to the challenges posed by specific technologies and specific policies? Do the main
actors ...

Jurisdiction based solely on the territoriality principle is becoming less evident in the digital age This article engages in a discussion with authors such as Kuner and Svantesson, that have expressed a critical view on expansive jurisdiction of the EU data protection regime in issue 4, November 2015, of this Journal. Our contribution focuses on the choices with regard to scope and jurisdiction made by the EU co-legislators in Article 3 of the ...

Recent years have seen the emergence of a so-called risk-based approach to data protection. It is meant to address the purported shortcomings of the traditional EU data protection principles (such as data minimisation, purpose limitation, etc) with regard to evolving data processing practices (eg, profiling, big data). It does so by replacing these principles with risk analysis tools, the goal of which is to assess the benefits and harms of each ...

This article analyses the liability exposure of organisations involved in the processing of personal data under European data protection law. It contends that the liability model of EU data protection law is in line with the Principles of European Tort Law (PETL), provided one takes into account the “strict” nature of controller liability. After analysing the liability regime of Directive 95/46, the article proceeds to highlight the main changes ...

Deze bijdrage handelt over de bescherming van persoonsgegevens en het Euro- pees kader hieromtrent. De Europese Commissie hee in januari 2012 nieuwe voorstellen bekend gemaakt ter actualisering van het zgn. data protection acquis, bestaande uit onder meer de Data Protectie Richtlijn uit 1995 en een resem specifieke teksten waaronder Kaderbesluit 2008/977/JBZ over de verwerking van persoonsgegevens door politie en justitie.

This article presents the findings of interviews with representatives from the majority of EU data protection authorities in the context of the ongoing data protection reform process. It not only identifies commonalities between the authorities to the extent it is possible to speak about an EU DPA perspective, but also identifies areas of tension and disagreement as well as future intentions. The focus of the article is upon the impact of the ...

Telecommunications are privileged in being the only sector in European Union ("EU") law benefiting from sector-specific data protection legislation. Although the (European) right to data protection is by now a fundamental right 1 intended to find horizontal application into any and all fields that involve even the remotest personal data processing, certain sectors did go ahead and acquire regulations, of various legal statuses, specific to their ...