Download this Paper Open PDF in Browser

Data Protection Reform and the Internet: The Draft Data Protection Regulation

Forthcoming in Savin, A., Trzaskowski, J., (eds) Research Handbook on EU Internet Law (Edward Elgar 2014)

Tilburg Law School Research Paper No. 03/2014

20 Pages Posted: 2 Jan 2014  

Colette Cuijpers

Tilburg University; Tilburg Institute for Law, Technology, and Society (TILT) ; Tilburg Law School

Nadezhda Purtova

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT)

Eleni Kosta

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT); Tilburg Law School

Abstract

This contribution critically examines the proposal for a new General Data Protection Regulation -- both the original Commission Proposal and the amendments adopted by the Parliament. It focuses on the proposed changes to some key traditional data protection concepts: the territorial scope, consent, purpose limitation principle, and on some novelties introduced by the draft Regulation: the principle of accountability, data portability and the principles of data protection by design and by default.

The efforts to reform EU data protection have shown that the very concept of data protection as a right and as a regulatory regime is in crisis. The Commission Proposal seems to accept the bankruptcy of the idea to build data protection law around individual control over what is going on with his/her personal data, while tightening the tools for monitoring and ensuring compliance.

The Parliament text turned the idea of the data protection reform around by introducing -- albeit in not too explicit way -- the individual autonomy back into the data protection discussion. It remains to be seen what the consequences of inclusion of the references to the individual autonomous choices would have for interpretation of the Regulation, if those references will make it to the final text. Even more importantly, the Parliament text seems to have made an attempt to divorce itself from the traditional ‘consent versus fair use’ dichotomy that has been used to describe dominant and conflicting approaches to data protection. The Parliament text seems to craft an alternative way for data protection by introducing a risk-based approach to data protection and by differentiating between ‘regular’ personal data and pseudonymous data that receive different degrees of protection.

Keywords: data protection reform, data portability, right to be forgotten, accountability

Suggested Citation

Cuijpers, Colette and Purtova, Nadezhda and Kosta, Eleni, Data Protection Reform and the Internet: The Draft Data Protection Regulation. Forthcoming in Savin, A., Trzaskowski, J., (eds) Research Handbook on EU Internet Law (Edward Elgar 2014); Tilburg Law School Research Paper No. 03/2014. Available at SSRN: https://ssrn.com/abstract=2373683

Colette Cuijpers

Tilburg University ( email )

P.O. Box 90153
Tilburg, DC 5000 LE
Netherlands

Tilburg Institute for Law, Technology, and Society (TILT)

P.O.Box 90153
Prof. Cobbenhagenlaan 221
Tilburg, 5037
Netherlands

Tilburg Law School ( email )

Tilburg, 5000 LE
Netherlands

Nadezhda Purtova (Contact Author)

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT) ( email )

P.O.Box 90153
Prof. Cobbenhagenlaan 221
Tilburg, 5037
Netherlands

Eleni Kosta

Tilburg Law School

Tilburg, 5000 LE
Netherlands

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT) ( email )

P.O.Box 90153
Prof. Cobbenhagenlaan 221
Tilburg, 5037
Netherlands

Paper statistics

Downloads
913
Rank
20,417
Abstract Views
2,918