Abstract
The principle of ‘lawfulness’ of data processing with this explicit label assigned to it in Article 5(1)(a) of the General Data Protection Regulation (‘GDPR’) 1 seems to be one of the least disputed principles in the EU data protection framework. 2 It sounds almost like a truism to say that once the processing relies on at least one of six grounds for data processing exhaus-tively enumerated in Article 6(1) GDPR – titled ‘Lawfulness of Processing’ – such processing shall be regarded lawful. According to Article 8(1) of the Law Enforcement Directive (‘LED’), 3 in turn, ‘Member States shall provide for processing to be lawful only if and to the extent that processing is necessary for the performance of a task carried out by a competent au-thority for the [law enforcement] purposes (…) and that it is based on Union or Member State law.’ 4.
Original language | English |
---|---|
Pages (from-to) | 112-122 |
Number of pages | 11 |
Journal | European Data Protection Law Review |
Volume | 9 |
Issue number | 2 |
DOIs | |
Publication status | Published - 16 Aug 2023 |
Keywords
- GDPR
- data protection
- legitimacy
- lawfulness
- Charter of Fundamental Rights
- secondary law