The Best of Both Worlds? Free Trade in Services and EU Law on Privacy and Data Protection
The article focuses on the interplay between European Union (EU) law on privacy and data protection and international trade law, in particular the General Agreement on Trade in Services (GATS) and the WTO dispute settlement system. The argument distinguishes between the effects of international trade law in the EU legal order on the one hand, and, on the other hand, how EU data protection law would fare in a hypothetical challenge under the GATS. The contribution will apply international trade law and the general exception in GATS Article XIV to typical requirements stemming from EU data protection law, especially on transfers of personal data to third countries. The article enumerates the specific legal risks for defending EU law on privacy and data protection and explains the practical implications of its hypothetical challenge under the GATS. These insights could be useful for the EU’s negotiators of the future bi- or multilateral free trade agreements, notably the Transatlantic Trade and Investment Partnership and the Trade in Services Agreement.
Your Digital Home is No Longer Your Castle: How Cloud Computing Transforms the (Legal) Relationship between Individuals and Their Personal Records
In line with the overall trend individuals’ personal affairs, too, are composed of digital records to an increasing amount. At about the same time, the era of local storage in end-user equipment is about to give way to remote computing where data resides on third party equipment (cloud computing). Once information, and even the most personal one, is no longer stored on personal equipment the relationship between individual users and their digital assets belonging to them is becoming increasingly abstract. This contribution focuses on the implications of cloud computing for individuals’ unpublicized digital records. The question to be answered is whether—taken together—the progressing virtualization and the disruption of physical control produce a backslide for individual positions of rights. The article introduces the legal treatment of users’ digital personal records and how a technical transformation in combination with disparate legal protection and prevailing commercial practices are bound to impact the distribution of rights and obligations.
The Court of Justice and the Data Retention Directive in Digital Rights Ireland – Telling Off the EU Legislator and Teaching a Lesson in Privacy and Data Protection
In Digital Rights Ireland, the Court of Justice invalidated the 2006 Data Retention Directive, which required private providers to retain for a considerable period electronic communication metadata for law enforcement purposes.In this landmark ruling, the EU judiciary introduced a strict scrutiny test for EU legislative acts that interfere seriously with important rights protected by the Charter of Fundamental Rights and the European Convention on Human Rights—in this case, the rights to privacy and data protection—and applied a rigorous assessment of the proportionality of the measure under the Charter, criticising numerous aspects of the Directive.This article presents and analyses the judgment, discussing its implications for constitutional review and constitutionalism in the European Union, and the substantive and procedural constraints that it imposes on EU and national data retention schemes.It concludes by reflecting on the ruling’s impact on European integration and data related policies.
International Assistance and Media Democratization in the Western Balkans: A Cross-National Comparison
nternational media assistance programs accompanied the democratic media transition in Albania, Bosnia and Herzegovina, Kosovo, Macedonia and Serbia with varying intensity. These countries untertook a range of media reforms to conform with accession requirements of the European Union (EU) and the standards of the Council of Europe, among others. This article explores the nexus between the democratic transformation of the media and international media assistance (IMA) as constrained by the local political conditions in the five countries of the Western Balkans. It aims to enhance the understanding of conditions and factors that influence media institution building in the region and evaluates the role of international assistance programs and conditionality mechanisms herein. The cross-national analysis concludes that the effects of IMA are highly constrained by the local context. A decade of IMA of varying intensity is not sufficient to construct media institutions when, in order to function properly, they have to outperform their local context. From today’s vantage point it becomes obvious, that in the short-term scaling-up IMA does not necessarily improve outcomes. The experiences in the region suggest that imported solutions have not been sufficiently cognitive of all aspects of local conditions and international strategies have tended to be rather schematic and have lacked strategic approaches to promote media policy stability, credible media reform and implementation. To a certain extent, the loss of IMA effectiveness is also self-inflicted.
Online Personal Data Processing and the EU Data Protection Reform
The report sheds light on the fundamental questions and underlying tensions between current policy objectives, compliance strategies and global trends in online personal data processing, assessing the existing and future framework in terms of effective regulation and public policy. Based on the discussions among the members of the CEPS Digital Forum and independent research carried out by the rapporteurs, policy conclusions are derived with the aim of making EU data protection policy more fit for purpose in today’s online technological context. This report constructively engages with the EU data protection framework, but does not provide a textual analysis of the EU data protection reform proposal as such.
Government Cloud Computing and National Data Sovereignty
Government cloud services are a new development at the intersection of electronic government and cloud computing which holds the promise of rendering government service delivery more effective and efficient. Cloud services are virtual, dynamic, and potentially stateless which has triggered governments' concern for data sovereignty. This article explores data sovereignty in relation to government cloud services and how national strategies and international policy evolve. It concludes that data sovereignty presents national governments with a legal risk that cannot be adequately addressed with technology or through contractual arrangements alone. Governments therefore adopt strategies that aim to retain sovereignty over government information.