A Comparison of Data Protection Legislation and Policies Across the EU

Custers, Bart; Dechesne, Francien; Sears, Alan M.; Tani, Tommaso; van der Hof, Simone

doi:10.2139/ssrn.3091040

Download This Paper

Open PDF in Browser

Add Paper to My Library

A Comparison of Data Protection Legislation and Policies Across the EU

Custers, B., Dechesne, F., Sears, A., Tani, T., Van der Hof, S. (2017) A comparison of data protection legislation and policies across the EU, Computer Law & Security Review, DOI: 10.1016/j.clsr.2017.09.001

10 Pages Posted: 26 Dec 2017 Last revised: 30 Jan 2019

See all articles by Bart Custers

Bart Custers

Leiden University - Center for Law and Digital Technologies

Francien Dechesne

Leiden University - Centre for Law and Digital Technologies

Alan M. Sears

Center for Law and Digital Technologies (eLaw), Leiden Law School, Leiden University

Tommaso Tani

Leiden University - Centre for Law and Digital Technologies

Simone van der Hof

Leiden University - Leiden Law School

Date Written: December 20, 2017

Abstract

Although the protection of personal data is harmonized within the EU by Directive 95/46/EC and will be further harmonized by the General Data Protection Regulation (GDPR) in 2018, there are significant differences in the ways in which EU member states implemented the protection of privacy and personal data in national laws, policies, and practices. This paper presents the main findings of a research project that compares the protection of privacy and personal data in eight EU member states: France, Germany, the UK, Ireland, Romania, Italy, Sweden, and the Netherlands. The comparison focuses on five major themes: awareness and trust, government policies for personal data protection, the applicable laws and regulations, implementation of those laws and regulations, and supervision and enforcement. The comparison of privacy and data protection regimes across the EU shows some remarkable findings, revealing which countries are front runners and which countries are lagging behind on specific aspects. For instance, the roles of and interplay between governments, civil rights organizations, and data protections authorities vary from country to country. Furthermore, with regard to privacy and data protection there are differences in the intensity and scope of political debates, information campaigns, media attention, and public debate. New concepts like privacy impact assessments, privacy by design, data breach notifications and big data are on the agenda in some but not all countries. Significant differences exist in (the levels of) enforcement by the different data protection authorities, due to different legal competencies, available budgets and personnel, policies, and cultural factors.

Keywords: privacy, data protection, comparative law, personal data, data protection authorities

Suggested Citation: Suggested Citation

Custers, Bart and Dechesne, Francien and Sears, Alan M. and Tani, Tommaso and van der Hof, Simone, A Comparison of Data Protection Legislation and Policies Across the EU (December 20, 2017). Custers, B., Dechesne, F., Sears, A., Tani, T., Van der Hof, S. (2017) A comparison of data protection legislation and policies across the EU, Computer Law & Security Review, DOI: 10.1016/j.clsr.2017.09.001, Available at SSRN: https://ssrn.com/abstract=3091040 or http://dx.doi.org/10.2139/ssrn.3091040