Even though European data protection attempts to craft a harmonized approach to some of the pressing and unwieldy issues in contemporary digital reality, there is much more than is commonly recognised to learn from the different experiences of European countries not only currently but across the whole sweep of this framework’s history. The transformations wrought by computers and electronic networks began to gather pace from the late 1960s and the first data protection law was passed in Sweden as far back as 1973. Since that time, national data protection frameworks have also continued to multiply and under the Data Protection Directive (DPD) 95/46 they finally became universal across the EU (and indeed the wider European Economic Area (EEA)).
Although the General Data Protection Regulation (GDPR) 2016/679 is in principal now directly applicable across the EU, these national laws remain of great importance. Many issues require national specification and implementation including the constitution of Data Protection Authorities, many aspects of the sensitive data regime, the framework for law enforcement and national security (albeit, as regards the former, as an implementation within the EU of the Law Enforcement Directive 2016/680) and derogations to balance data protection with a whole host of other rights and interests including, most notably, freedom of expression and information.
The CIPIL website already has a fair amount of transnational material on the history of not only European intellectual property but also information law including, for example, the complete traveau préparatoires of the DPD. The new listing compiled by CIPIL's Dr David Erdos provides comprehensive details of the pre-DPD (“first generation”), DPD-era (“second generation”) and GDPR-era (“third generation”) laws which have been enacted in EEA States and also in Switzerland and the UK, both of which have had and retain very close links with EU data protection.
The listing gives preference to English (or, if not, French) texts wherever these are available. In that regard Dr Erdos was able to draw in particular on translations produced by European Data Protection Authorities (DPAs), other government authorities and by the Council of Europe.
The current listing will be periodically updated as new translations, especially of national data protection laws enacted under the GDPR, are produced. Beyond this, it is also intended to add considerably more detail on the development of these laws especially with regards to the interface with freedom of expression.
An article highlighting these resources has been posted on the International Forum for Responsible Media Blog.
David Erdos is Deputy Director of Centre for Intellectual Property and Information Law (CIPIL) and also WYNG Fellow in Law at Trinity Hall, University of Cambridge
Twitter
Email