Interoperability of EU Databases and Access to Personal Data by National Police Authorities under Article 20 of the Commission Proposals

in European Data Protection Law Review (2018), 4/2018(4), 470-482

This contribution assesses data protection concerns relating to the processing of personal data carried out pursuant to Article 20 of the interoperability proposals, which were published by the European ... [more ▼]

This contribution assesses data protection concerns relating to the processing of personal data carried out pursuant to Article 20 of the interoperability proposals, which were published by the European Commission on 12 December 2017. The proposals seek to enable all centralised EU databases for security, border and migration management to be interconnected by 2023. Under Article 20 of the proposals, Member States would be permitted to implement national provisions that allow national police authorities to query one of the interoperability components with biometric taken during an identity check. Such queries shall prevent irregular migration and ensure a high level of security within Union. In particular, this article seeks to examine the data protection concerns arising with regard to streamlined law enforcement access to non-law enforcement databases included in the interoperable framework, and addresses risks for individuals to become subject to unfair processing under Article 20 of the interoperability proposal. [less ▲]

Report: The European Commission's e-Evidence Proposal

in European Data Protection Law Review (2018), 4(3), 347-352

In April 2018, the European Commission presented a legislative package intended to enable, foster and formalise cross-border access by national judicial authorities to electronic evidence controlled by ... [more ▼]

In April 2018, the European Commission presented a legislative package intended to enable, foster and formalise cross-border access by national judicial authorities to electronic evidence controlled by private service providers.1 In particular the public-private character of the ‘cooperation’ envisaged in the proposed set-up raises several questions at the interface of criminal procedure and data protection law. This report provides a brief overview of the proposed EUlegislation and an introduction to themost salient attendant legal and policy-related issues. [less ▲]

European Union ∙ Article 29 Data Protection Working Party Opinion on the Law Enforcement Directive

in European Data Protection Law Review (2018), 4(1), 104-109

The article 29 Working Party's Guidelines for Identifying the Lead Supervisory Authority in Cross-Border Data Processing

in European Data Protection Law Review (2017), 3(1), 90-92

Roles and Powers of National Data Protection Authorities Moving from Directive 95/46/EC to the GDPR: Stronger and More ‘European’ DPAs as Guardians of Consistency?

in European Data Protection Law Review (2016), 2(3), 342-352

Safeguarding the rights of the citizens to the protection of their personal data in an era of nearly ubiquitous computing has become increasingly challenging. National data protection authorities (DPAs ... [more ▼]

Safeguarding the rights of the citizens to the protection of their personal data in an era of nearly ubiquitous computing has become increasingly challenging. National data protection authorities (DPAs), central actors in the data protection landscape, face a difficult task when fulfilling their missions and acting as guardians of these rights under the provisions of the outdated Directive 95/46/EC. Critical decisions of the Court of Justice of the European Union illustrate the challenge of 'stretching' the provisions regarding the powers and competences of DPAs under the Directive to make them applicable to current data processing realities. The article points out the existing problems under the current framework with regard to powers and competence of DPAs and examines if and to what extent they are mended by the General Data Protection Regulation (GDPR). It analyses substantive and procedural aspects of the new cooperation model under the one-stop-shop and consistency mechanisms and discusses whether and how these new tools successfully contribute to solve existing problems. [less ▲]

The "Minimal" Approach: the CJEU on the Concept of "Establishment" Triggering Jurisdiction for DPAs and Limitations of Their Sanctioning Powers

in European Data Protection Law Review (2015)