Data protection and right to privacy : investigating the contested notion ef "personal data" ; Protection des données personnelles et droit à la vie privée : enquête sur la notion controversée de « donnée à caractère personnel »
Internet and digital information and communication technologies in general are often portrayedas a threat to privacy. This gives rise to many debates, both in the media and among decisionmakers. The Snowden revelations, in 2013, followed by the adoption in 2016 of the General Data Protection Regulation (GDPR), have moved these discussions under the spotlight of the publicsphere.The research presented in this dissertation was born out of three questions: can we define what"privacy" is? Is there any consensus on its definition? And does this consensus change with theevolution of the technical milieu transforming our ways of communicating, and by doing so, theway in which our privacy can be intruded upon? By defining "privacy" as the object which is protected by normative texts – laws, court decisions,techno-political standards of the Internet – protecting the right to privacy, it becomes possible toconduct an empirical study of how it evolved and how it has been a topic of contention. Data protection law emerged in Europe during the 1970's. Its aim was to protect a "privacy" that was perceived as under threat by the advent of computers. Currently, the GDPR, or somedocuments adopted by standards-settings organisations like the Internet Engineering Task Force(IETF) or the World Wide Web Consortium (W3C), are written with the intention that they protect this privacy through a set of rules and principles referred to as "data protection", that apply to "personal data". The legal definitions of this notion produced by political institutions and those crafted instandards-settings bodies are identical. Furthermore, the study of the genealogy of data protection reveals that computer scientists have played a pivotal role in the invention of the principles that "data protection" still relies on, for instance in the GDPR. The analysis of the controversies that took place in the shaping of these rules shows that the notion of "personal data" written down in the normative texts we analysed essentially reflects the beliefs ...