Search results

In the absence of international standards for the processing of personal data, the European Union (EU) is seeking to create an effective system for data protection within its sphere of interest. As a first step, the relevant national provisions in the legal systems of the EU Member States were approximated at some level by the 1995 Data Protection Directive (DPD). It paved the way for the adoption of the General Data Protection Regulation (GDPR) that became directly applicable as law at both a national and supranational level on 25 May 2018. Much has been said about the territorial scope of the Union legal framework for data protection. Indeed, there seems to be a widespread fear of a claim for "extraterritorial applicability". However, the concept of "extraterritoriality" is utterly vague and the discourse has in most instances been conspicuously abstracted from its technical, economic and legal context. In this article, the territorial scope of the GDPR is explored in the light of emerging technologies, online trade and constitutional EU law comprising methodological starting points. ; In the course of the academic year 2017/2018, I investigated the territorial scope of the General Data Protection Regulation (GDPR) as research fellow at Oxford University, Institute of European and Comparative Law (IECL). Here you will find a draft of the nearly completed work.