you're reading...
Institutional and Legal Affairs, PUBLICATIONS

Understanding EU data protection policy [Policy Podcast]

Written by Sofija Voronova with Anna Nichols,

The near-ubiquity of data in the lives of ordinary people, along with its exponential growth in generation rate and potential misuse, has made the protection of personal information an increasingly important social, legal and political matter for the EU. In recent years, both awareness of data rights and expectations for EU action in this area have grown considerably.

The right to privacy and the right to protection of personal data are both enshrined in the Charter of Fundamental Rights of the EU and the EU Treaties. The entry into force of the Lisbon Treaty in 2009 gave the Charter the same legal value as the Treaties and abolished the pillar structure, providing a stronger basis for a more effective and comprehensive data protection regime in the EU.

In 2012, the European Commission launched an ambitious reform to modernise the EU data protection framework. It resulted in the adoption in 2016 of the main EU data protection legislative instrument – the General Data Protection Regulation (GDPR) – and the Law Enforcement Directive. The framework overhaul also included adopting an updated Regulation on Data Processing in the EU Institutions and reforming the ePrivacy Directive, pending in the Council since September 2017.

The European Parliament has played a major role in passing these reforms, both as co-legislator and author of own-initiative reports and resolutions seeking to guarantee a high level of data protection to EU citizens. Last but not least, the European Court of Justice has also played an important part in building the EU data protection framework, with several landmark judgments delivered in recent years.

In the coming years, potential challenges to the data protection framework include the question of how to adapt the GDPR to emerging technologies such as artificial intelligence, facial recognition technology and the Internet of Things. Potential fragmentation issues include differing Member State interpretations of consent for data processing, while compliance burdens for SMEs and insufficient resources for data protection authorities may present challenges for enforcement. The European Commission is expected to address these issues in its upcoming evaluation of the GDPR.

Read the complete briefing on ‘Understanding EU data protection policy‘ in the Think Tank pages of the European Parliament.

Listen to policy podcast ‘Understanding EU data protection policy’ on YouTube.



  1. Pingback: Understanding EU data protection policy [Policy Podcast] | - June 12, 2020

Leave a Reply

Download the EPRS App

EPRS App on Google Play
EPRS App on App Store
What Europe Does For You
EU Legislation in Progress
Topical Digests
EPRS Podcasts

Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 3,548 other subscribers

RSS Link to Members’ Research Service

Disclaimer and Copyright statement

The content of all documents (and articles) contained in this blog is the sole responsibility of the author and any opinions expressed therein do not necessarily represent the official position of the European Parliament. It is addressed to the Members and staff of the EP for their parliamentary work. Reproduction and translation for non-commercial purposes are authorised, provided the source is acknowledged and the European Parliament is given prior notice and sent a copy.

For a comprehensive description of our cookie and data protection policies, please visit Terms and Conditions page.

Copyright © European Union, 2014-2019. All rights reserved.

%d bloggers like this: