Looking at European Union Data Protection Law Reform Through a Different Prism: The Proposed EU General Data Protection Regulation Two Years Later
Journal of Internet Law (March 2014 -- Vol. 17, No. 9) -- Aspen Publishers Inc. -- Wolters Kluwer Law & Business
15 Pages Posted: 21 Feb 2015
Date Written: March 1, 2014
Abstract
This article provides an overall review of the proposed European Union General Data Protection Regulation (GDPR), two years after its initial proposal by the European Commission. It places the GDPR in the context of the current Data Protection Directive that it will replace once adopted, and details provisions of the GDPR, including those that were amended by the LIBE Committee (just prior to the vote of changes in the European Parliament sitting in plenary): extraterritorial effect of the GDPR, conditions placed on consent to processing, right to be forgotten and right to erasure, level of administrative sanctions, sensitive data, cross-border data transfers, and requirements for privacy impact assessments and data protection officers. The heavy lobbying on this EU legislation is discussed, and the impact of the NSA PRISM revelations on the legislative process are analyzed.
Keywords: data protection, data security, data protection directive, general data protection regulation, European legislation, European Commission, European law reform, LIBE Committee, European lobbying, PRISM, Safe Harbor, cross-border data transfers
JEL Classification: K02, K22
Suggested Citation: Suggested Citation