The new general data protection regulation: Still a sound system for the protection of individuals

Paul de Hert, Vagelis Papakonstantinou

Research output: Contribution to journalArticleScientificpeer-review

203 Downloads (Pure)

Abstract

The five-year wait is finally over; a few days before expiration of 2015 the “trilogue” that had started a few months earlier between the Commission, the Council and the Parlia- ment suddenly bore fruit and the EU data protection reform package has finally been concluded. As planned since the beginning of this effort a Regulation, the General Data Pro- tection Regulation is going to replace the 1995 Directive and a Directive, the Police and Criminal Justice Data Protection Directive, the 2008 Data Protection Framework Decision. In this way a long process that started as early as in 2009, peaked in early 2012, and required another three years to pass through the Parliament’s and the Council’s scrutiny is finished. Whether this reform package and its end-result is cause to celebrate or to lament depends on the perspective, the interests and the expectations of the beholder. Four years ago we pub- lished an article in this journal under the title “The proposed data protection Regulation replacing Directive 95/46/EC: A sound system for the protection of individuals”. This paper essentially constitutes a continuation of that article: now that the General Data Protection Regulation’s final provisions are at hand it is possible to present differences with the first draft prepared by the Commission, to discuss the issues raised through its law-making passage over the past few years, and to attempt to assess the effectiveness of its final provisions in relation to their declared purposes.
Original languageEnglish
Pages (from-to)179–194
Number of pages16
JournalComputer Law and Security Review
Volume32
Publication statusPublished - 2016

    Fingerprint

Keywords

  • Data Protection

Cite this