About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

8 Int'l Data Priv. L. 1 (2018)

handle is hein.journals/intldatpc8 and id is 1 raw text is: International Data Privacy Law, 2018, Vol. 8, No. 1 An unstoppable force and an immoveable object? EU data protection law and national security Christopher Kuner*, Fred Cate**, Orla Lynskey**, Christopher Millard**, Nora Ni Loideain** and Dan Svantesson** The Grand Chamber of the Court of Justice of the European Union (EU) (CJEU/Luxembourg Court), the EU's highest court, is gaining a reputation for its more purposive and expansive interpretation and application of EU data protection law. This is particularly so in rela- tion to the right to data protection, as guaranteed by Article 8 of the EU Charter of Fundamental Rights (EU CFR) which became part of EU law in 2009 following the entering into force of the Lisbon Treaty [Treaty on the Functioning of the EU (TFEU)]. In addition to Article 8 EU CFR, another important re- form of EU data protection law in 2009 was Article 16 TFEU which provides an explicit legal basis for data pro- tection legislation. Consequently, this relatively new legal framework (especially Article 8 EU CFR) has played an in- strumental role in a succession of landmark judgments concerning the requirements and minimum safeguards that must be applied by EU Member States when personal data is processed for the purposes of law enforcement and public security, or even national security with respect to third countries (non-EU states). One such new require- ment is the need to provide that personal data is retained in the EU in order to ensure that it is subject to the inde- pendent supervision of EU data protection authorities. In its 2014 judgment of Digital Rights Ireland, the CJEU determined that this is 'an essential component' for the protection of individuals under EU data protection law. Notwithstanding the apparently unstoppable force of the expanding scope of EU data protection law, EU law [Article 4(2) of the Treaty of the EU (TEU)] states that the EU shall respect the equality of Member States before the Treaties as well as their national identities, inherent in their fundamental structures, political and constitutional, Editor-in-Chief. Editor. See our Editorial on 'PRISM and Privacy: Will This Change Everything?' (2013) 3(4) International Data Privacy Law 217 <http://idpl.oxfordjour inclusive of regional and local self-government. It shall re- spect their essential State functions, including ensuring the territorial integrity of the State, maintaining law and order and safeguarding national security. In particular, national security remains the sole responsibility of each Member State. Notably, Article 4 TEU clearly stresses that 'national se- curity remains the sole responsibility of each Member State'. Hence, this exemption from EU law should mean that Article 8 EU CFR and Article 16 TFEU should not apply to any national security matters governed by do- mestic law as these provisions are only relevant to 'Member States when carrying out activities that fall within the scope of EU law.' Soon after these major legal changes within EU law (particularly the elevation of data protection to a funda- mental right) the Snowden revelations concerning sys- tematic government surveillance, in the US and beyond, began to emerge. As we have discussed previously, expo- sure of these national security programmes has since led to soul-searching by policymakers worldwide about both the relevance and the effectiveness of existing legal frameworks for ensuring the adequate protection and security of privacy and personal data.' In particular, these revelations have cast a rather stark light on the ex- tent to which legislators and courts have deferred to a State's interpretation of the situations it faces in permit- ting limitations on the rights of individuals where mat- ters of national security arise given the sensitive and confidential nature of the information collected, ana- lysed, and shared. Of course, at the EU level, as noted above, any fundamental rights-based scrutiny of Member State law governing national security has been deemed to fall outside of the competence of the CJEU. nals.org/content/3/4/217.full.pdf+html?sid=b7d1 89ef-Oab 1-4b92-8dd9- dbaa2b4bO24f>. © The Author(s) 2018. Published by Oxford University Press. All rights reserved. For permissions, please email: journals.permissions@oup.com 1 1

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most