The Rule of Law and EU Data Protection Legislation
Some Controversial Issues in light of the new EU General Data Protection Regulation
The article aims to analyse the evolution of the EU data protection legislation against the rule of law standards related to quality of law, formal justice and protection of human rights, focusing on some recent controversial issues related to the application of EU data protection model to technological environment. The analysis looks into the concepts of data controller and data processor as they are essential for the allocation of responsibilities in the processing of personal data as well as for the identification of applicable legislation. Further it considers the right to be forgotten and the implementation of the balance test in cases when there are opposing rights and legitimate interests of the data subject and data controller. The analysis is made on the basis of the EU data protection legislation, that is currently in force, the Opinions of the Article 29 Working Party and the case law of the Court of Justice of the EU (CJEU), which provides guidance on the uniform interpretation of the data protection concepts at EU level. The article also takes in consideration the current reform in the field of data protection in the frames of which in 2016 the new General Data Protection Regulation has been adopted.