Tải bản đầy đủ - 0 (trang)
18 The CJEU Also Promotes Integration and Acts as an Umpire Where Other Public Interests or Other Governmental Actors Have an Impact on the Exercise of Article 16 (1) TFEU

18 The CJEU Also Promotes Integration and Acts as an Umpire Where Other Public Interests or Other Governmental Actors Have an Impact on the Exercise of Article 16 (1) TFEU

Tải bản đầy đủ - 0trang

252



5  Understanding and Assessing the Contribution of the CJEU to the Mandate Under…



An integrationist approach of the Court prevents Member States from deviating

from the harmonised level of data protection, and, at the same time, means that the

Member States are limited in the exercise of competences which compete with

Article 16 TFEU. The function of integration may also prevent a Member State

from requiring – in the national context – a level of data protection that is higher

than the level of protection agreed for the European Union.

The Court of Justice also adjudicates – as umpire – on disputes on competences

between the European institutions, which have nothing to do with integration. The

dispute before the Court on passenger name records (PNR) between, on the one

hand, the European Parliament and, on the other hand, the Commission and the

Council on the occasion of the first PNR agreement between the EU and the US is

an example of the latter. In this case, the European Parliament successfully challenged the competence of the Commission and the Council to enter into an agreement with the US on the transfer and use of passenger name records of air passengers,

but not because the European Parliament disagreed that the subject matter should be

dealt with at EU level.406



5.18.1  M

 arket Integration: An Additional Interest to Be Taken

into Account by the CJEU

The function of market integration is important in data protection, if only because

EU data protection law is also in the interest of the internal market. Recital (3) of

Directive 95/46 emphasises the free flow of personal data. Although after the Lisbon

Treaty the internal market component lost importance,407 the reform of the legislative framework for data protection is closely linked to the creation of a digital single

market,408 which requires for instance a more coherent framework.409 Market integration played a role in ASNEF and FEMCED where the European Court of Justice

ruled that Member States did not have discretion to specify a specific provision of

European data protection law, namely Article 7(f) of Directive 95/46. The Court

referred to the impact of national data protection rules on the internal market,



 : Joined cases C-317/04 and C-318/04, European Parliament v Council Union (C-317/04) and

Commission (C-318/04), EU:C:2006:346. Summary in: Paul Craig and Grainne de Búrca, EU

Law, Text, Cases and Material (Fifth Edition) Oxford University Press, 2011, at 308. See on the

case: C. Docksey in Data protection anno 2014: how to restore trust? Contributions in honour of

Peter Hustinx, European Data Protection Supervisor (2004–2014), Hielke Hijmans and Herke

Kranenborg (eds), Intersentia 2014, at 100–106.

407

 As explained in Chap. 7, Sect. 7.9, in relation to the CJEU’s case law on the independence of the

data protection authorities.

408

 See, e.g., the Conclusions of the European Council of 24 and 25 October 2013, www.consilium.

europa.eu/uedocs/cms_data/docs/pressdata/en/ec/139197.pdf, at 8.

409

 Commission Proposal for a General Data Protection Regulation, COM (2012), 11 final,

Explanatory Memorandum, at 1.

406



5.18  The CJEU Also Promotes Integration and Acts as an Umpire Where Other Public… 253



emphasising that the directive intends to ensure an equivalent level of data protection in all Member States.410

The exercise of the rights to privacy and data protection influences other public

interests. This is recognised in Directive 95/46 itself. The directive contains exemptions and restrictions for a wide, but exhaustively listed number of interests.411

Moreover, the directive allows the processing of personal data if this is necessary for

the performance of a task carried out in the public interest,412 without specifying the

public interests at stake. The use of these exemptions and restrictions – quite often

at national level – does not only affect the level of fundamental rights protection but

also EU integration.

By way of example reference is made to the exemptions and restrictions on the

harmonised level of data protection in relation to national concerns of public health.

Public health is also mentioned in Article 36 TFEU, as a ground for justifying measures of Member States prohibiting or restricting the free movement of goods in the

European Union. A high level of health protection is furthermore recognised under

EU law in Article 168 TFEU and in Article 35 Charter413 as an objective to be pursued in all EU policies. Processing of personal data in the interest of a high level of

health protection may take place in a great variety of situations, from prevention and

the combat of serious cross-border health threats to medical research.414 A more

targeted use of personal data may take place if this “is necessary in order to protect

the vital interests of the data subject”, which, under Directive 95/46, is recognised

as a ground for the lawful processing of personal data. Vital interests are closely

related to the survival of the data subject.415 However, in the context of health protection quite often medical data of individuals are processed. They are special categories of data and, therefore, enjoy specific protection.416

In short, public health is a complicated area, where national policies interact with

the harmonised level of privacy and data protection under Article 16 TFEU. It

exemplifies that the use of national competences for public interests, like health,

adversely affects the level of integration reached under Article 16 TFEU. Market

integration is an additional interest to be taken into account by the Court of Justice,

where it rules on the basis of Article 16 TFEU, because of the close link between

privacy and data protection and the digital single market.



 Joined cases C-468/10 and C-469/10, ASNEF and FECEMD, EU:C:2011:777, at 27–28.

 Article 13 of the Directive.

412

 Article 7(e) of the Directive.

413

 Article 35 Charter also establishes a fundamental right of access to preventive health care and

the right to benefit from medical treatment, but that right is not directly relevant for the subject of

this book.

414

 As illustrated by Article 89 (2) GDPR opening up for derogations under national law for research

purposes.

415

 Fundamental Rights Agency, Handbook on European data protection law (2nd edition) at 83.

416

 Case C-101/01, Lindqvist, EU:C:2003:596, at 51. See also: I. v Finland, Application No.

20511/03, 17 July 2008.

410

411



254



5  Understanding and Assessing the Contribution of the CJEU to the Mandate Under…



5.18.2  T

 he CJEU as an Umpire Between Different Powers:

Precise Answers by the CJEU Are Required, Where

the CJEU Adjudicates on Article 16 TFEU

and Relating Competences

Article 16 TFEU impacts on other public interests, such as security, that may require

exceptions or limitations to fundamental rights protection. Article 52(1) Charter

allows limitations to fundamental rights such as the rights to privacy and data protection “if they are necessary and genuinely meet objectives of general interest recognised by the Union”. Article 52(1) Charter encompasses a wide range of interests,

covering, for instance, the interests listed in Article 36 TFEU as possible exceptions

of free movement under EU law.417 Article 52(1) does not contain an exhaustive list

of interests, but it is defendable that the interests to which the Explanations refer

must considered to be exhaustive, in the light of the general requirement to interpret

limitations to fundamental rights restrictively.418 However, this exhaustive listing

does not give much guidance, since the Explanations refer to a wide range of interests and objectives. Moreover, the example of public health shows that applying

exceptions and limitations to data protection is complicated.

The restriction of the use of Article 52(1) Charter can, therefore, better be found

in the test of the seriousness of the invoked public interest. In this respect, there is a

similarity with the exceptions to free movement as developed in the case law of the

Court of Justice on free movement under the rule of reason, opening the door for

reasonable national measures restricting free movement.419

Often, the competence of the European Union under Article 16 TFEU impacts

on other competences of the Union or the Member States. The absence of EU competence or the limits posed on EU competence by competing competences can be

invoked by EU institutions420 or by the Member States. This interaction between the

Union and the Member States – which is most relevant for this book – is related to

managing centralisation, an inherent effect of the exercise of the Union’s mandate

under Article 16 TFEU, in connection with the competences of the Member States.421



417



 Explanations relating to the Charter of Fundamental Rights, OJ (2007) 303/17, on Article 52.

 In this sense, Peers and Prechal in: “The EU Charter of Fundamental Rights, A Commentary,”

Edited by Steve Peers, Tamara Hervey, Jeff Kenner and Angela Ward, Hart Publishing 2014, at

1475.

419

 As developed in the case law on the free movement of goods, with as the leading case 120/78,

Rewe-Zentral, EU:C:1979:42 (better known as ‘Cassis de Dijon’); see: Koen Lenaerts and Piet van

Nuffel, European Union Law (Third edition) Sweet & Maxwell, 2010, at 9-039. See also: Peers

and Prechal in: “The EU Charter of Fundamental Rights, A Commentary,” Edited by Steve Peers,

Tamara Hervey, Jeff Kenner and Angela Ward, Hart Publishing, 2014, at 1455–1523.

420

 An example in data protection is: Joined cases C-317/04 and C-318/04, European Parliament v

Council (C-317/04) and Commission (C-318/04), EU:C:2006:346. See also literature quoted in

footnote 206.

421

 This subject is mainly addressed in respect of the contributions of the legislator and of the DPAs.

418



5.19 Conclusions



255



The Court of Justice deals with the interaction with the Member States in a direct

manner, when the Union’s competence is challenged by a Member State because of

the absence of a sound legal basis,422 but also in more indirect ways in preliminary

procedures. An important parameter for measuring how the Court deals with the

discretionary powers of Member States is its preciseness in the answering of preliminary questions. It may apply a “doctrine of deference” leaving national judges

discretion in solving the cases or it may take an approach based on integration and

hierarchy, solving conflicts of law itself.423 A strong defender of a “doctrine of deference” is Gerards, who argues that leaving a wide margin of appreciation by the

Court to national instances enhances the legitimacy of the European Union.424

However, she accepts that a clear and serious impairment of a central objective of

the Treaties justifies an intensified judicial review.

Above we argued that effectively protecting privacy and data protection requires

that the Court of Justice answers preliminary questions in a precise manner. Precise

answers are also important where the Court adjudicates on the competences under

Article 16 TFEU and relating competences. The contrary view would prejudice a

harmonised and effective privacy and data protection, under the rule of law.



5.19  Conclusions

The judicial review of the fundamental rights to privacy and data protection by the

Court of Justice of the European Union is essential in making the Union’s mandate

under Article 16(1) TFEU work. The Court of Justice fulfils its role, for instance, by

systematically interpreting Directive 95/46 in the light of Articles 7 and 8 Charter.

The extensive role of the Court compensates to a certain extent for the democratic

deficit of the Union. Where the EU structures do not provide for satisfactory democratic control on the EU institutions and structures, individuals enjoy judicial protection, ultimately guaranteed by the Court.

The Court of Justice must deal with the remarkable features of Article 16 TFEU

and Article 8 Charter. As an example, the interpretation of the right to data protection under Article 8(2) Charter draws on the acquis laid down in Directive 95/46.

This reasoning is circular, since the Court interprets Directive 95/46 in the light of

the Articles 7 and 8 Charter (Sect. 5.2).



422



 Koen Lenaerts and Piet van Nuffel, European Union Law (Third edition) Sweet & Maxwell

2010, at 7-009 to 7-012 (and the cases mentioned there). In data protection, Case C-301/06, Ireland

v Parliament and Council, EU:C:2009:68.

423

 Dóra Guðmundsdóttir, ‘A renewed emphasis on the Charter’s distinction between rights and

principles: Is a doctrine of judicial restraint more appropriate?’, CMLR, 52, Issue 3, pp. 685–719,

2015, at 709–718.

424

 J.H. Gerards, Pluralism, Deference and the Margin of Appreciation Doctrine’, European Law

Journal, vol. 17–1, pp. 80–120, 2011, at 115–120.



256



5  Understanding and Assessing the Contribution of the CJEU to the Mandate Under…



The Court of Justice does not just interpret the law by solving the disputes

brought before it or by answering preliminary questions of national courts. In the

exercise of its tasks, the Court also acts as a constitutional court with three functions: the review of fundamental rights, market integration and umpire between the

various powers. The – perceived – activist role the Court plays qualifies it as a suitable actor for privacy and data protection on the internet. The preliminary ruling

procedure is a success, also in the field of privacy and data protection. However, the

case law of the Court is by definition incremental. The Court cannot develop a comprehensive policy for better protection (Sect. 5.3).

As explained, the extensive role of the Court of Justice compensates for the democratic deficit of the European Union, yet the Court has further legitimacy because

of its close link with national courts, in particular through the preliminary ruling

procedure. It enhances its legitimacy by properly balancing the interest of EU integration and national interests. The Court gives guidance, by adjudicating in cases

interpreting EU data protection legislation in the light of Articles 7 and 8 Charter.

Guidance by the Court is not sufficient for bridging the gap between general principles and practice; other mechanisms are also needed (Sect. 5.4).

Until the Lisbon Treaty, the Court of Justice referred to fundamental rights as

principles under Member States’ law and took account of the European Convention

on Human Rights. The Court ruled itself on possible infringements of fundamental

rights, as part of its task of ensuring a uniform interpretation of EU law. Over the

years, the importance of fundamental rights increased in the case law, but Articles 7

and 8 Charter were only mentioned once (Sect. 5.5).

The entry into force of the Lisbon Treaty prompted the Court of Justice to fundamentally change its approach in relation to fundamental rights. The Court’s assessment of limitations of a fundamental right focuses on proportionality. The Charter

has become the yardstick and has a wide scope, but with limits (Sect 5.6).

The test under the Charter is stringent, depending on a number of factors. The

nature of the fundamental right is such a factor. This factor is analysed in more

detail in this book, focusing on the question whether meaningful distinctions can be

made between fundamental rights, in order to improve the protection of the most

essential rights on the internet (Sect. 5.7).

Various methods of defining fundamental rights are useful for understanding

fundamental rights: a positive method, a method based on the nature of the right and

a method based on the historical background. All three methods have advantages in

understanding privacy and data protection in relation to other fundamental rights

(Sect. 5.8).

The Charter does not establish any hierarchy between fundamental rights. This

book proposes a simple taxonomy enabling a difference in the standard of review

for fundamental rights protection on the internet, without creating a hierarchy. This

taxonomy has a number of purposes. Thus, it should prevent any weakening of privacy and data protection (and other fundamental rights that are most crucial for our

democracies), resulting from the equal protection of all rights. In addition, it should

assist in compensating for the particular challenges of certain rights on the internet,

and enable an efficient use of resources. Finally, it would allow a focus on extrater-



5.19 Conclusions



257



ritorial application of fundamental rights, taking into consideration legitimate

claims of third countries or international organisations (Sect. 5.9).

The book suggests that the legitimacy of the Court’s role would further improve,

were the Court to assess the application of the rights to privacy and data protection,

taking this simple taxonomy into account. Privacy and data protection fall within

the second category of fundamental rights, with a high impact on human dignity.

This means more concretely: (1) there is a necessity of protection in an online environment; (2) where needed, extraterritorial application of the rights must be safeguarded; (3) the rights should be applicable in horizontal relations; (4) restrictions

and limitations of these rights are subject to a strict test; (5) where a balance is

needed with other fundamental rights and public interests, the essential nature of the

rights to privacy and data protection should be taken into account; and (6) this may

lead to an approach where the Court adjudicates itself, and does not defer the matter

to the national courts (in preliminary ruling procedures). These requirements are in

line with the strict approach the Court already takes on privacy and data protection

(Sect. 5.10).

The case law of the US Supreme Court differs from that of the EU Court of

Justice in respect of the balancing with free speech. It is therefore not surprising that

Google Spain and Google Inc. was heavily criticised in the US, because of its presumed impact on free speech. However, where privacy and data protection need to

be balanced with the public interest of security, there is synergy with the approach

of the US Supreme Court. Both Courts contributed to the legal development in relation to privacy and data protection in law enforcement, by taking account of the

intrusive consequences of the information society. For instance, the US Supreme

Court decided that, generally, a warrant is needed for searching a smartphone (Sect.

5.11).

The link between the fundamental rights of privacy and data protection, on the

one hand, and freedom of expression and information, on the other hand, is changing and intensifying due to internet related developments. The dividing line between

private and public speech is becoming blurred, changes are caused by the impact of

a free and open internet, and new intermediaries, like search engines, play a role in

promoting freedom. The debate on the right to be forgotten demonstrates that,

where an individual is entitled to request deletion of personal data, this automatically impacts on the right to receive information under Article 11 Charter (Sect.

5.12).

In Google Spain and Google Inc., the European Court of Justice takes into consideration the changed reality in the information society, which has an impact on

privacy and data protection and on the balancing between fundamental rights. The

ubiquitous availability of information implies a lack of control on the part of the

data subjects and potentially restricts their autonomy. The Court no longer takes a

deferential approach and gives search engines a social responsibility, giving them

the task of balancing between fundamental rights, a task close to the core tasks of

government (Sect. 5.13).

The right of access to documents gives effect to core values in society such as

transparency and democratic control. The Court of Justice scrutinises strictly, but



258



5  Understanding and Assessing the Contribution of the CJEU to the Mandate Under…



not where balancing is needed with privacy and data protection. Applicants invoking transparency must demonstrate the necessity of having access to documents if

these documents include personal data. The Court does not seem to balance privacy

and data protection on an equal footing with public access to documents (Sect.

5.14).

There are different scholarly views on the status of the right to property as an

essential value in a democratic society. The right to property is not included in all

fundamental rights treaties. The enforcement of intellectual property is becoming

more complex in the information society and copyright is the example of a right

which is difficult to enforce. However, if intellectual property is balanced against

privacy and data protection on an equal footing, this may weaken the level of data

protection, resulting from accepting internet monitoring of individuals by copyright

holders (Sect. 5.15).

The relationship between privacy and data protection and security has elements

of a trade-off. Privacy is, on the one hand, seen as inhibiting the appropriate protection of our societies against threats caused by terrorist attacks or by serious crime,

yet, on the other hand, it is considered a value that should prevail against risks of

unconditioned surveillance. The Court of Justice builds on the case law of the

European Court of Human Rights on privacy and security, which includes a strict

review of measures that aim at creating a high level of security, but have an impact

on privacy and data protection (Sect. 5.16).

Digital Rights Ireland and Seitlinger gives indications for balancing privacy and

security. First, the outcome is determined by trends in these two areas, the ubiquitous connectivity and the security threats for society. Second, objectively measuring

the effects of a legislative instrument and making comparisons is not easy. Third,

privacy should not depend on political preferences of a majoritarian body. Fourth,

strong privacy and data protection can benefit law enforcement. The challenge is to

find synergies (Sect. 5.17).

The Court of Justice of the European Union also promotes market integration

and acts as an umpire where other public interests or other governmental actors

impact on the exercise of Article 16(1) TFEU. The integration of the Union in general and of EU markets in particular is an additional interest to be taken into account

by the Court, where it rules on the basis of Article 16 TFEU. Moreover, insofar as

the Court acts as an umpire between various powers, precise answers by the Court

are required, particularly where it adjudicates on the competences under Article 16

TFEU and relating competences (Sect. 5.18).

This chapter outlined the contribution of the Court of Justice of the European

Union to the mandate under Article 16 TFEU. A taxonomy of fundamental rights

has been proposed, as a specific tool for further improving the level of protection.

This taxonomy divides fundamental rights into the following categories: (1) non-­

derogable or absolute fundamental rights, corresponding to the rights included in

Title I of the Charter, entitled ‘dignity’; (2) the rights with a huge impact on human

dignity, but not qualified as non-derogable; and (3) the social, cultural and economic

rights. Further categories include: principles in the Charter (as meant in Articles



References



259



51(1) and 52(5) thereof); the fundamental freedoms of the Treaties, relating to free

movement; and the undefined species of public and general interests.



References

Abazi, V., and M. Hillebrandt. 2015. The legal limits to confidential negotiations: Recent case law

developments in council transparency: Access info Europe and In’t Veld. Common Market Law

Review 52: 825–845.

Barak, Aharon. 2012. Proportionality; constitutional lights and their limitations. Cambridge

University Press.

Bignami, Francesca E. 2007. Privacy and law enforcement in the European Union: The data retention directive. Chicago Journal of International Law 8: 233–255.

Boehm, Franziska, and Mark D. Cole. 2014. Data retention after the judgement of the court of

justice of the European Union. Available on http://www.janalbrecht.eu/fileadmin/material/

Dokumente/Boehm_Cole_-_Data_Retention_Study_-_June_2014.pdf.

Centre for Information Policy Leadership. 2014. An initial issues paper for privacy risk framework

and risk-based approach to privacy project workshop I. Paris, France, 20 March 2014. Available

on:http://www.informationpolicycentre.com/files/Uploads/Documents/Centre/Centres_

Privacy_Risk_Framework_Workshop_I_Initial_Issues_Paper.pdf.

Bygrave, Lee A. 2014. Data privacy law, an international perspective. Oxford University Press.

Court of Justice of the European Union. 2012. The Court of justice and the construction of Europe:

Analyses and perspectives on sixty years of case-law – La Cour de Justice et la Construction

de l’Europe: Analyses et Perspectives de Soixante Ans de Jurisprudence, Published on the

unique occasion of its 60th anniversary. Asser Press.

Craig, Paul, and Grainne de Búrca. 2011a. EU law: Text, cases and material, 5th ed. Oxford

University Press.

Craig, Paul, and Grainne de Búrca (eds.). 2011b. The evolution of EU law, 2nd ed. Oxford

University Press.

de Búrca, G. 2013. After the EU charter of fundamental rights: The court of justice as a human

rights adjudicator? Maastricht Journal of European and Comparative Law 20(2): 168–184.

de Búrca, Gráinne, and J.H.H. Weiler (eds.). 2001. The European Court of Justice. Oxford

University Press.

De Hert, Paul, and Vagelis Papakonstantinou. 2015. Google Spain: Addressing critiques and misunderstandings one year later. Maastricht Journal of European and Comparative Law 22(4):

624–638.

Dougan, Michael. 2015. Judicial review of member state action under the general principles and

the charter: Defining the ‘scope of union law’. Common Market Law Review 52: 1201–1245.

Fabre, C. 1998. Constitutionalising social rights. The Journal of Political Philosophy 6(3):

263–284.

Ferretti, Federico. 2014. Data protection and the legitimate interest of data controllers: Much ado

about nothing or the winter of rights? Common Market Law Review 51: 843–868.

FIDE Congress. 2012. Reports of the FIDE Congress in Tallinn, volume 1, The protection of fundamental rights post-Lisbon: The interaction between the charter of the fundamental rights of

the European Union, the European Convention on Human Rights and national constitutions.

Tartu University Press.

Gerards, J.H. 2008. Fundamental rights and other interests – should it really make a difference? In

Conflicts between fundamental eights, ed. E. Brems, 655–690. Intersentia.

Gerards, J.H. 2011. Pluralism, deference and the margin of appreciation doctrine. European Law

Journal 17–1: 80–120.

González Fuster, G. 2014. The emergence of personal data protection as a fundamental right of the

EU, Law, governance and technology series, vol. 16. Springer.



260



5  Understanding and Assessing the Contribution of the CJEU to the Mandate Under…



Guðmundsdóttir, Dóra. 2015. A renewed emphasis on the charter’s distinction between rights and

principles: Is a doctrine of judicial restraint more appropriate? Common Market Law Review

52: 685–719.

Gutwirth, S., et al. (eds.). 2009. Reinventing data protection? Springer.

Habermas, Jürgen. 2012. The crisis of the European Union, a response. Cambridge University

Press. Book Review by I. Pernice, Common Market Law Review 50, 1843–1874.

Hijmans, Hielke. 2014a. Right to have links removed: Evidence of effective data protection.

Maastricht Journal of European and Comparative Law 21(3): 555–563.

Hijmans, H. 2014b. De ongeldigverklaring van de dataretentierichtlijn: een nieuwe stap in de bescherming van de grondrechten door het Hof. NTER, No. 7, Sept. 2014, 245–252.

Hijmans, Hielke, and Herke Kranenborg (eds). 2014. Data protection anno 2014: How to restore

trust? Contributions in honour of Peter Hustinx, European data protection supervisor (2004–

2014), Intersentia.

Hustinx, Peter. 2013. EU data protection law: The review of directive 95/46/EC and the proposed

general data protection regulation. In: Collected courses of the European University Institute's

Academy of European Law, 24th Session on European Union Law, 1–12 July 2013.

Iglesias Sánchez, Sara. 2012. The court and the charter: The impact of the entry into force of the

Lisbon Treaty on the ECJ’s approach to fundamental rights. Common Market Law Review 49:

1565–1611.

Ishay, Micheline R. 2008. The history of human rights: From ancient times to the globalization

era. University of California Press.

Kelemen, R. Daniel. 2006. Suing for Europe, adversarial legalism and European governance.

Comparative Political Studies 39(1): 101–127.

Kokott, Juliane, and Christoph Sobotta. 2015. Protection of Fundamental Rights in the European

Union: On the relationship between EU Fundamental Rights, the European Convention and

National Standards of Protection. Yearbook of European Law 34: 60–73.

Kranenborg, Herke. 2008. Access to documents and data protection in the European Union: On the

public nature of personal data. Common Market Law Review 45: 1079–1114.

Kulk, Stefan, and Frederik Zuiderveen Borgesius. 2012. Filtering for copyright enforcement in

Europe after the Sabam cases. European Intellectual Property Review 11: 54–58.

Kulk, Stefan, and Frederik J. Zuiderveen Borgesius. 2014. Google Spain v. González: Did the

court forget about freedom of expression. European Journal of Risk Regulation 4: 389–398.

Leczykiewicz, D. 2013. Melloni and the future of constitutional conflict in the EU. UK

Constitutional Law Blog of 22 May 2013. Available on http://ukconstitutionallaw.org.

Lenaerts, Koen, and Piet van Nuffel. 2011. European Union Law, 3rd ed. Sweet & Maxwell.

Lind, Anna-Sara, and Jane Reichel. 2014. Administrating data protection – or the Fort Knox of the

European composite administration. Critical Quarterly for Administration and Law (EuCritQ)

1: 44–57.

Locke, John. 1689. Second treatise of government. Available on http://www.earlymoderntexts.

com/pdfs/locke1689a.pdf.

Majone, Giandomenico. 1998. Europe’s ‘Democratic Deficit’: The question of standards. European

Law Journal 4(1): 5–28.

Muir, Elise. 2014. The fundamental rights implications of EU legislation: Some constitutional

challenges. Common Market Law Review 51: 219–245.

Peers, Steve, Tamara Hervey, Jeff Kenner, and Angela Ward (eds.). 2014. The EU Charter of

Fundamental Rights, a commentary. Hart Publishing.

Prechal, Sacha. 2015. The Court of Justice and effective judicial protection: What has the Charter

changed? In Fundamental rights in international and European law – public and private law

perspectives, ed. Christophe Paulussen, Tamara Takács, Vesna Lazic, and Ben Van Rompuy,

143–160. T.M.C. Asser Press/Springer.

PRISMS project, sponsored by the EU under the 7th Framework Programme, available on http://

prismsproject.eu/.



References



261



Reidenberg, Joel. 2013. The data surveillance state in the United States and Europe. Fordham law

legal studies research paper no. 2349269, (Princeton University – Center for Information

Technology Policy/Fordham University School of Law), Wake Forest Law Review, November

2013.

Rosen, Jeffrey. 2012. The right to be forgotten. 4 Stanford Law Review Online 88, available on

http://www.stanfordlawreview.org/sites/default/files/online/topics/64-SLRO-88.pdf.

Rosen, Jeffrey. 2013. Inside the stunning court smackdown on NSA spying, The New Republic.

Available on http://www.newrepublic.com/article/115962/courts-nsa-ruling-against-metadatacollection-fourth-amendment-win.

Schwartz, Paul M. 2012. Systematic government access to private-sector data in Germany,

International Data Privacy Law 2(2012): 289.

Spahiu, Irma. 2015. Courts: An effective venue to promote government transparency? The case of

the court of justice of the European Union. (2015) 31(80) Utrecht Journal of International and

European Law 5.

Syrpis, Phil. 2015. The relationship between primary and secondary law in the EU. Common

Market Law Review 52: 461–487.

Trybus, M., and L. Rubini (eds.). 2012. The Treaty of Lisbon and the future of European law and

policy. Edward Elgar Publishing.

Vainio, Niklas, and Samuli Miettinen. 2015. Telecommunications data retention after digital rights

Ireland: Legislative and judicial reactions in the member states. International Journal of Law

and Information Technology 23(3): 290–309.

Vandamme, T.A.J.A. 2014. Dataretentie als fata morgana: Over nationale beleidsruimte die er niet

was. Tijdschrift voor Constitutioneel Recht 2014: 284–302.

Wellman, Carl. 1999. The proliferation of rights: Moral progress or empty rhetoric? Westview.

Zuiderveen Borgesius, Frederik J. 2015. Improving privacy protection in the area of behavioural

targeting. Kluwer Law International.



Chapter 6



Understanding the Scope and Limits of the EU

Legislator’s Contribution to the Mandate

Under Article 16 TFEU

Abstract  This chapter analyses the EU legislator’s contribution to the mandate

under Article 16 TFEU. The Treaty on the Functioning of the European Union

empowers the EU legislator – the European Parliament and the Council – to adopt

rules on data protection. The EU legislator is even under a duty to lay down the rules

on data protection, including all areas where personal data are processed. The data

protection reform implements this duty.



The chapter discusses the institutional role of the legislator, the contributions of the

EU institutions, as well as the involvement of other stakeholders in the legislative

process. It also contains a short comparison with the mandate of the EU legislator

on equal treatment and non-discrimination.

This general duty is limited in two ways. There are areas in which the

Members States should exercise competence and interfaces exist with other

competences of the EU and the Member States. Examples of these interfaces

discussed in this chapter are the areas of electronic communications and competition law.

Finally, the Chapter addresses the conditions for good legislation and for engaging the private sector, with a key role for the concept of accountability.



6.1  Introduction

The right to data protection is a claim based on fairness requires safeguards where

personal data are processed. These safeguards are primarily laid down in legislative

acts.

The first objective of the chapter is to understand the scope and the limits of the

contribution of the EU legislator to the mandate under Article 16 TFEU, in relation



© Springer International Publishing Switzerland 2016

H. Hijmans, The European Union as Guardian of Internet Privacy, Law,

Governance and Technology Series 31, DOI 10.1007/978-3-319-34090-6_6



263



Tài liệu bạn tìm kiếm đã sẵn sàng tải về

18 The CJEU Also Promotes Integration and Acts as an Umpire Where Other Public Interests or Other Governmental Actors Have an Impact on the Exercise of Article 16 (1) TFEU

Tải bản đầy đủ ngay(0 tr)

×