Expanding the European data protection scope beyond territory: Article 3 of the General Data Protection Regulation in its wider context

Paul de Hert, Michal Czerniawski

Research output: Contribution to journalArticleScientificpeer-review

Abstract

Jurisdiction based solely on the territoriality principle is becoming less evident in the digital age This article engages in a discussion with authors such as Kuner and Svantesson, that have expressed a critical view on expansive jurisdiction of the EU data protection regime in issue 4, November 2015, of this Journal. Our contribution focuses on the choices with regard to scope and jurisdiction made by the EU co-legislators in Article 3 of the new EU General Data Protection Regulation (hereinafter, ‘General Regulation’ or ‘GDPR’),6 which will apply from 25 May 2018, and compares this to the current regime under Article 4 of the Data Protection Directive. It also assesses whether the modernized Council of Europe Convention for the protection of individuals with regard to automatic processing of personal data (No 108) is heading in a similar direction and highlights the Court of Justice of the European Union (CJEU) position on the territorial scope of the EU data protection law.
Original languageEnglish
Pages (from-to)230–243
Number of pages14
JournalInternational Data Privacy Law
Volume6
Issue number3
DOIs
Publication statusPublished - 2016

Fingerprint

data protection
EU
regulation
jurisdiction
Council of Europe
personal data
court of justice
regime
Law

Keywords

  • jurisdiction
  • Data Protection

Cite this

@article{4178d2d017514ea5af39d057e67a777d,
title = "Expanding the European data protection scope beyond territory: Article 3 of the General Data Protection Regulation in its wider context",
abstract = "Jurisdiction based solely on the territoriality principle is becoming less evident in the digital age This article engages in a discussion with authors such as Kuner and Svantesson, that have expressed a critical view on expansive jurisdiction of the EU data protection regime in issue 4, November 2015, of this Journal. Our contribution focuses on the choices with regard to scope and jurisdiction made by the EU co-legislators in Article 3 of the new EU General Data Protection Regulation (hereinafter, ‘General Regulation’ or ‘GDPR’),6 which will apply from 25 May 2018, and compares this to the current regime under Article 4 of the Data Protection Directive. It also assesses whether the modernized Council of Europe Convention for the protection of individuals with regard to automatic processing of personal data (No 108) is heading in a similar direction and highlights the Court of Justice of the European Union (CJEU) position on the territorial scope of the EU data protection law.",
keywords = "jurisdiction, Data Protection",
author = "{de Hert}, Paul and Michal Czerniawski",
year = "2016",
doi = "10.1093/idpl/ipw008",
language = "English",
volume = "6",
pages = "230–243",
journal = "International Data Privacy Law",
issn = "2044-3994",
publisher = "OXFORD UNIV PRESS INC",
number = "3",

}

Expanding the European data protection scope beyond territory: Article 3 of the General Data Protection Regulation in its wider context. / de Hert, Paul; Czerniawski, Michal.

In: International Data Privacy Law, Vol. 6, No. 3, 2016, p. 230–243.

Research output: Contribution to journalArticleScientificpeer-review

TY - JOUR

T1 - Expanding the European data protection scope beyond territory: Article 3 of the General Data Protection Regulation in its wider context

AU - de Hert, Paul

AU - Czerniawski, Michal

PY - 2016

Y1 - 2016

N2 - Jurisdiction based solely on the territoriality principle is becoming less evident in the digital age This article engages in a discussion with authors such as Kuner and Svantesson, that have expressed a critical view on expansive jurisdiction of the EU data protection regime in issue 4, November 2015, of this Journal. Our contribution focuses on the choices with regard to scope and jurisdiction made by the EU co-legislators in Article 3 of the new EU General Data Protection Regulation (hereinafter, ‘General Regulation’ or ‘GDPR’),6 which will apply from 25 May 2018, and compares this to the current regime under Article 4 of the Data Protection Directive. It also assesses whether the modernized Council of Europe Convention for the protection of individuals with regard to automatic processing of personal data (No 108) is heading in a similar direction and highlights the Court of Justice of the European Union (CJEU) position on the territorial scope of the EU data protection law.

AB - Jurisdiction based solely on the territoriality principle is becoming less evident in the digital age This article engages in a discussion with authors such as Kuner and Svantesson, that have expressed a critical view on expansive jurisdiction of the EU data protection regime in issue 4, November 2015, of this Journal. Our contribution focuses on the choices with regard to scope and jurisdiction made by the EU co-legislators in Article 3 of the new EU General Data Protection Regulation (hereinafter, ‘General Regulation’ or ‘GDPR’),6 which will apply from 25 May 2018, and compares this to the current regime under Article 4 of the Data Protection Directive. It also assesses whether the modernized Council of Europe Convention for the protection of individuals with regard to automatic processing of personal data (No 108) is heading in a similar direction and highlights the Court of Justice of the European Union (CJEU) position on the territorial scope of the EU data protection law.

KW - jurisdiction

KW - Data Protection

U2 - 10.1093/idpl/ipw008

DO - 10.1093/idpl/ipw008

M3 - Article

VL - 6

SP - 230

EP - 243

JO - International Data Privacy Law

JF - International Data Privacy Law

SN - 2044-3994

IS - 3

ER -