Title: GDPR: a critical review of the practical, ethical and constitutional aspects one year after it entered into force

Authors: Talita-Maria Tsekoura; Fereniki Panagopoulou

Addresses: Panteion University, 136, Syggrou Av., Suite 104, 17671, Athens, Greece ' Panteion University, 136, Syggrou Av., Suite 104, 17671, Athens, Greece

Abstract: The General Data Protection Regulation (GDPR) aims to reform EU data privacy regulation and personal data processing, both in the private and public sectors, by awarding substantial rights to data subjects and obligations to data controllers and processors. Within the first year of its implementation, a heightened awareness regarding the data protection issues of the data subject has been recorded, while, under the threat of the imposition of heavy penalties, data controllers and processors have accelerated their efforts to achieve an acceptable level of GDPR compliance. Furthermore, other aspects of censure are the amended role of the supervisory authorities, the effect of the implementation of the GDPR on competing constitutional rights, the unprecedented extent of its extraterritoriality, and the highly ambitious consistency mechanism. Finally, the GDPR equally aims to protect the free movement of data within the EU and should not be used to trump other constitutional rights, such as the right to information and freedom of expression.

Keywords: General Data Protection Regulation; GDPR; data protection; constitutional law; human rights; technology law; privacy; data processing; data subjects; data controller; data protection authorities; extraterritoriality; consistency mechanism; public administration; private sector; free movement of data.

DOI: 10.1504/IJHRCS.2020.106548

International Journal of Human Rights and Constitutional Studies, 2020 Vol.7 No.1, pp.35 - 51

Received: 03 Oct 2019
Accepted: 18 Oct 2019

Published online: 09 Apr 2020 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article