The charm of jurisdictions: a modern version of Solomon’s judgment?
From a perspective of international law, the General Data Protection Regulation (GDPR) pioneers particularly in terms of its (extraterritorial) application. Whereas in international law, which is based on the Westphalian notion of exclusive state sovereignty, this sovereignty is usually restricted to the state’s own territory and allows for an extraterritorial application of human rights only in exceptional circumstances, the GDPR prominently standardises the domestic-market principle in Article 3(2) GDPR. The …
The GDPR and algorithmic decision-making
Safeguarding individual rights, but forgetting society
In algorithmic decision-making systems (ADM systems) machines evaluate and assess human beings and, on this basis, make a decision or provide a forecast or a recommendation for action. Thus, it is not only the data processing as such, but above all the automated decision resulting from the data processing that contains risks for the user. The current international legal framework encompasses such risks by guaranteeing privacy, data protection, personality rights …
The internet on its way back to a future of human dignity?
One year EU General Data Protection Regulation
The General Data Protection Regulation (GDPR) has come a long way since it was first tabled as proposal by the European Commission on 25 January 2012. Probably, it will be remembered as the biggest achievement of the outgoing Juncker Commission. Despite the fact that Europe plays a second-tier role when it comes to the development and production of data-driven technology and services, research shows that of 132 countries which have …
Designed to serve mankind?
The politics of the General Data Protection Regulation
The collection and processing of our personal data is changing sense-making of the world and ourselves, as are projects of governance surrounding it. In the year since it has become effective, the General Data Protection Regulation (GDPR) has come to represent a global standard for privacy and data protection. Yet, the idea that the GDPR represents a global standard assumes a uniform cultural and political context globally and overlooks broader questions …
Promise and Peril: The GDPR as a global standard-setter for data protection
The Völkerrechtsblog is happy to announce a forthcoming online symposium on the impact of the EU General Data Protection Regulation (GDPR) on international law. The GDPR is not the only international legal instrument on data protection but it certainly is one of the most influential ones: Since it has become binding in May 2018 it has influenced several data protection reform processes around the world, inside as well as outside …
Why International Investment Law is not violated by the GDPR
In her recent blog article, Vishaka Ramesh claims that International Investment Law is violated by Data Protection Principles around the world, supporting her thesis in particular with rules set out by the General Data Protection Regulation of the European Union (GDPR). In her opinion, principles like Data Minimization and Localization are likely to infringe generally accepted principles of investment law, such as the fair and equitable standard of treatment of …
Data Protection Principles Around the World
Do They Violate International Investment Law?
There has been a recent surge in the proliferation of data protection regulations globally, the most recent example of which is the General Data Protection Regulation. Since data protection laws across the world have become increasingly extra-territorial in their reach, there is a higher propensity for foreign entities to be affected by them.
One law to rule them all
On the extraterritorial applicability of the new EU General Data Protection Regulation
In May 2016, the EU adopted its long-awaited new General Data Protection Regulation (GDPR) and thereby opened a new chapter in the history of European and global data protection law. Meeting the challenges of the 21st century globally linked information-society, it took the EU-institutions more than four years and almost 4,000 amendments to finally agree on a compromise text. While elaborating the GDPR, the EU tried to solve one of the …
Schrems – Towards a High Standard of Data Protection for European Citizens
It has been almost six weeks since the ECJ handed down its groundbreaking Schrems judgment. This post reflects upon the institutional practices and scholarly discussion following the judgment. The Court held the transfer of data to the US based on the Commission’s safe harbor decision illegal as it violates the essence of the right to privacy. It refrained from setting a grace period. As the judgment concerns many large companies, one …