This new book provides an article-by-article commentary on the new EU General Data Protection Regulation.
Adopted in April 2016 and applicable from May 2018, the GDPR is the centrepiece of the recent reform of the EU regulatory framework for protection of personal data. It replaces the 1995 EU Data Protection Directive and has become the most significant piece of data protection legislation anywhere in the world.
This book is edited by three leading authorities and written by a team of expert specialists in the field from around the EU and representing different sectors (including academia, the EU institutions, data protection authorities, and the private sector), thus providing a pan-European analysis of the GDPR. It examines each article of the GDPR in sequential order and explains how its provisions work, thus allowing the reader to easily and quickly elucidate the meaning of individual articles. An introductory chapter provides an overview of the background to the GDPR and its place in the greater structure of EU law and human rights law. Account is also taken of closely linked legal instruments, such as the Directive on Data Protection and Law Enforcement that was adopted concurrently with the GDPR, and of the ongoing work on the proposed new E-Privacy Regulation.
Table of Cases xvii
Table of Legislation xix
Table of Article 29 Working Party and European Data Protection Board documents xxi
List of Abbreviations xxiii
List of Contributors xxv
Background and evolution of the EU General Data Protection Regulation (GDPR)
Chapter I: General Provisions (Articles 1- 4)
Chapter II: Principles (Articles 5- 11)
Chapter III: Rights of the Data Subject (Articles 12- 23)
Chapter IV: Controller and Processor (Articles 24- 43)
Chapter V: Transfers of Personal Data to Third Countries or International Organisations (Articles 44- 50)
Chapter VI: Independent Supervisory Authorities (Articles 51- 59)
Chapter VII: Cooperation and Consistency (Articles 60- 76)
Chapter VIII: Remedies, Liability and Penalties (Articles 77- 84)
Chapter IX: Provisions Relating to Specific Processing Situations (Articles 85- 91)
Chapter X: Delegated Acts and Implementing Acts (Articles 92- 93)
Chapter XI: Final Provisions (Articles 94- 99)
Index
Christopher Kuner, Brussels Privacy Hub, Vrije Universiteit Brussel (VUB) in Brussels, Belgium, Lee A. Bygrave, Department of Private Law, University of Oslo, Christopher Docksey, Hon. Director General, EDPS, and Assistant Editor Laura Drechsler
Christopher Kuner is Professor of Law and Co-Director of the Brussels Privacy Hub at the Vrije Universiteit Brussel (VUB), Visiting Professor in the Faculty of Law at Maastricht University, Senior Privacy Counsel in the Brussels office of Wilson Sonsini Goodrich & Rosati, and editor-in-chief of the journal International Data Privacy Law. Lee A Bygrave is Professor of Law and Director of the Norwegian Research Center for Computers and Law, University of Oslo. Christopher Docksey is Honorary Director General at the EDPS, a member of the Guernsey Data Protection Authority, and a Visiting Fellow and member of the Advisory Board of the European Centre on Privacy and Cybersecurity (ECPC) at Maastricht University Faculty of Law.
