Abstract
The European Union is well-known for its high levels of data protection and concern about the effects of data sharing on individuals’ privacy. The 1995 Data Protection Directive (95/46/EC) established clear norms that have guided the development of data protection laws at the national level. However, these principles have often been tested by advances in the field of law enforcement, where personal data has increasingly been processed for the purpose of fighting crime. This tension has become more problematic with the advent of the Treaty of Lisbon, which has ‘constitutionalised’ data protection as a fundamental right in Article 16 of the Treaty on the Functioning of the European Union (TFEU) and Article 8 of the Charter of Fundamental Rights. This chapter explores to what extent the tension between data protection and data processing has been solved in the process of recasting the former provisions for the protection of personal data. The ‘package approach’ to the reform process has managed to improve the coherence of data protection in the private and the public sectors, but the tensions between privacy and security remain—especially in the law enforcement domain.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
A Framework Decision is the term given to the old legal instruments of the third pillar. They are similar to a Directive but have different legal effects (especially when it comes to scrutiny by the Court of Justice) and were decided under unanimity of member states, after a (non-binding) opinion of the European Parliament.
- 2.
The LIBE Committee voted in favour of a negotiating mandate for the directive with 47 votes in favour, 4 against and 1 abstention (European Parliament 2014a: 8).
- 3.
Trialogues (or trilogues) are informal negotiations held between a team of negotiators from the Council and the European Parliament (and the participation of the Commission) with the aim of reaching an agreement that can receive the support of member states and the EP’s plenary (for further information, see Roederer-Rynning and Greenwood 2015).
- 4.
Rapporteurs are the MEPs responsible for writing the EP report, which contains the amendments proposed to the Commission’s proposal. They also head the EP’s negotiating team when it comes to finding an agreement with the Council. Shadow rapporteurs are MEPs from other political groups that follow and participate in negotiations.
- 5.
Eventually included in a modified version in Articles 63–67.
References
Argomaniz, J. (2009). When the EU is the ‘Norm-taker’: The passenger name records agreement and the EU’s internalization of US border security norms. Journal of European Integration, 31 (1), 119–136.
Bowman, J. (2015, February 6). Paris attacks bring ‘Police’ directive negotiations back into spotlight. The privacy advisor. Retrieved November 18, 2015, from https://iapp.org/news/a/paris-attacks-bring-police-directive-negotiations-back-into-spotlight/
Council of the European Union. (2015). Council document of 11 June 2015, note from the presi dency, 9565/15.
De Hert, P., & Papakonstantinou, V. (2009). The data protection framework decision of 27 November 2008 regarding police and judicial cooperation in criminal matters – A modest achievement however not the improvement some have hoped for. Computer Law & Security Review, 25(5), 403–414.
De Hert, P., Papakonstantinou, V., & Riehle, C. (2008). Data protection in the third pillar: Cautious pessimism. In M. Maik (Ed.), Crime, rights and the EU: The future of police and judicial cooperation (pp. 121–194). London: Justice.
Der Tagesspiegel. (2014, October 8). Deutschland erwägt, Google Löschkriterien vorzugeben. Retrieved November 17, 2015, from http://www.tagesspiegel.de/themen/agenda/europaeische-datenschutzverordnung-deutschland-erwaegt-google-loeschkriterien-vorzugeben/10809162.html
EDRI. (2009, February 11). Data protection framework decision adopted. EDRI-gram, 7(3). http://www.edri.org/edri-gram/number7.3/data-protection-framework-decision
Euobserver. (2013, December 6). EU data protection bill ‘Moves Backwards’. Retrieved April 6, 2014, from http://euobserver.com/justice/122384
Euobserver. (2014, January 24). EU data bill delayed until after may elections. Retrieved April 6, 2014, from http://euobserver.com/justice/122853
Euobserver. (2015, March 11). German-led moves to weaken EU data bill a ‘Scandal’. Retrieved November 17, 2015, from https://euobserver.com/justice/127961
Euractiv. (2013, December 9). Data protection reform in Peril as Germany stymies deal. Retrieved April 6, 2014, from http://www.euractiv.com/infosociety/data-protection-reform-peril-ger-news-532189
Euractiv. (2015a, January 8). EU lawmaker warns of data protection rules delay till 2016. Retrieved November 12, 2015, from http://www.euractiv.com/sections/infosociety/eu-lawmaker-warns-data-protection-rules-delay-till-2016-311100
Euractiv. (2015b, June 25). We need to make big data into an opportunity for Europe. Retrieved November 18, 2015, from http://www.euractiv.com/sections/infosociety/we-need-make-big-data-opportunity-europe-315750
Euractiv. (2016, April 14). Parliament approves privacy rules after record number of amendments. Retrieved May 24, 2016, from http://www.euractiv.com/section/digital/news/parliament-approves-privacy-rules-after-record-number-of-amendments/
European Commission. (2012a, January 25). Proposal for a directive of the European parliament and of the council on the protection of individuals with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data, COM/2012/010 final.
European Commission. (2012b, December 25). Proposal for a regulation of the European parliament and of the council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), COM/2012/011 final.
European Commission. (2015, January 28). Press release. Data protection day 2015: Concluding the EU data protection reform essential for the digital single market. Retrieved November 18, 2015, from http://europa.eu/rapid/press-release_MEMO-15-3802_en.htm
European Court of Justice. (2014a, April 8). Judgment in joined Cases C-293/12 and C-594/12 digital rights Ireland and seitlinger and others.
European Court of Justice. (2014b, April 8). The court of justice declares the data retention directive to be invalid, Press Release No 54/14.
European Court of Justice. (2015, October 6). Maximillian Schrems v data protection commissioner, Case C-362/14.
European Data Protection Supervisor. (2015). A further step towards comprehensive EU data protection: EDPS recommendations on the directive for data protection in the police and justice sectors (No. Opinion 6/2015). Retrieved November 18, 2015, from https://secure.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consultation/Opinions/2015/15-10-28_Directive_Recommendations_EN.pdf
European Parliament. (2013a, November 22). Report of 22 November 2013 on the proposal for a regulation of the European parliament and of the council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), A7-0402/2013.
European Parliament. (2013b, November 22). Report of 22 November 2013 on the proposal for a directive of the European parliament and of the council on the protection of individuals with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data, A7-0403/2013.
European Parliament. (2014a, March 4). Q&A on EU data protection reform. European Parliament. Retrieved April 6, 2014, from http://www.europarl.europa.eu/news/en/news-room/content/20130502BKG07917/pdf
European Parliament. (2014b, March 11). Data protection package and NSA surveillance: ‘Europe needs a digital Bill of Rights’. Retrieved April 6, 2014, from http://www.europarl.europa.eu/news/en/news-room/content/20140311IPR38601/pdf
European Parliament. (2014c, March 11). Debates - Tuesday, 11 March 2014 - Protection of individuals with regard to the processing of personal data - Processing of personal data for the purposes of crime prevention, CRE 11/03/2014-13. Retrieved April 6, 2014, from http://www.europarl.europa.eu/sides/getDoc.do?type=CRE&reference=20140311&secondRef=ITEM-013&language=EN&ring=A7-2013-0403
European People’s Party. (2015, November 16). Data protection directive trialogue should be suspended. Retrieved November 18, 2015, from http://www.eppgroup.eu/press-release/Data-Protection-Directive-trialogue-should-be-suspended
European Voice. (2015, March 13). Ministers sign up for controversial one-stop-shop for data protection. Retrieved November 17, 2015, from http://www.politico.eu/article/ministers-sign-up-for-one-stop-shop-for-data-protection/
Fontanella-Khan, J. (2013, December 6). EU data protection rules hit by surprise legal objection. Financial Times. Retrieved April 6, 2014, from http://www.ft.com/cms/s/0/6930c9a6-5e8a-11e3-8621-00144feabdc0.html
Global Data Hub. (2015, October). The ‘one stop shop’. Retrieved November 17, 2015, from http://united-kingdom.taylorwessing.com/globaldatahub/article-one-stop-shop.html
Long, W. J., & Quek, M. P. (2002). Personal data privacy protection in an age of globalization: The US-EU safe harbor compromise. Journal of European Public Policy, 9(3), 325–344.
Newman, A. L. (2008). Building transnational civil liberties: Transgovernmental entrepreneurs and the European data privacy directive. International Organization, 62(1), 103–130.
Pearce, G., & Platten, N. (1998). Achieving personal data protection in the European Union. Journal of Common Market Studies, 36(4), 529–547.
Ripoll Servent, A. (2013). Holding the European Parliament responsible: Policy shift in the data retention directive from consultation to codecision. Journal of European Public Policy, 20(7), 972–987.
Ripoll Servent, A. (2015). Institutional and policy change in the European Parliament: Deciding on freedom, security and justice. Houndmills: Palgrave MacMillan.
Ripoll Servent, A., & MacKenzie, A. (2011). Is the EP still a data protection champion? The case of SWIFT. Perspectives on European Politics and Society, 12(4), 390–406.
Roederer-Rynning, C., & Greenwood, J. (2015). The culture of trilogues. Journal of European Public Policy, 22(8), 1148–1165.
The Parliament Magazine. (2015, July 3). EU Parliament’s largest political groups split over fundamental rights. Retrieved May 25, 2016, from https://www.theparliamentmagazine.eu/articles/news/eu-parliaments-largest-political-groups-split-over-fundamental-rights
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this chapter
Cite this chapter
Ripoll Servent, A. (2017). Protecting or Processing?. In: Schünemann, W., Baumann, MO. (eds) Privacy, Data Protection and Cybersecurity in Europe. Springer, Cham. https://doi.org/10.1007/978-3-319-53634-7_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-53634-7_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-53633-0
Online ISBN: 978-3-319-53634-7
eBook Packages: Political Science and International StudiesPolitical Science and International Studies (R0)