Between legitimacy and lawfulness: In search of rationality and consistency in EU data protection

Research output: Contribution to journalArticleScientificpeer-review

25 Downloads (Pure)

Abstract

The principle of ‘lawfulness’ of data processing with this explicit label assigned to it in Article 5(1)(a) of the General Data Protection Regulation (‘GDPR’) 1 seems to be one of the least disputed principles in the EU data protection framework. 2 It sounds almost like a truism to say that once the processing relies on at least one of six grounds for data processing exhaus-tively enumerated in Article 6(1) GDPR – titled ‘Lawfulness of Processing’ – such processing shall be regarded lawful. According to Article 8(1) of the Law Enforcement Directive (‘LED’), 3 in turn, ‘Member States shall provide for processing to be lawful only if and to the extent that processing is necessary for the performance of a task carried out by a competent au-thority for the [law enforcement] purposes (…) and that it is based on Union or Member State law.’ 4.

Original languageEnglish
Pages (from-to)112-122
Number of pages11
JournalEuropean Data Protection Law Review
Volume9
Issue number2
DOIs
Publication statusPublished - 16 Aug 2023

Keywords

  • GDPR
  • data protection
  • legitimacy
  • lawfulness
  • Charter of Fundamental Rights
  • secondary law

Fingerprint

Dive into the research topics of 'Between legitimacy and lawfulness: In search of rationality and consistency in EU data protection'. Together they form a unique fingerprint.

Cite this