Search Results

This chapter explores the development of European data protection, both as a codified form of regulation and as a human right, from its inception to the present day. In contrast to more ʻclassicalʼ rights, such as freedom of expression and even privacy, data protection only emerged as a discrete concept with the rise of computer power in the 1970s. The focus in Europe from this time has been on elaborating a progressively more detailed and harmonized regulatory code to govern the processing of personal data across the EU and wider European Economic Area (EEA). Advisory Council of Europe Resolutions in the 1970s led to a binding but optional Data Protection Convention in the 1980s, to a mandatory Data Protection Directive in the 1990s, and finally to a General Data Protection Regulation (GDPR) in the 2010s which is directly applicable across the EU. In addition, data protection has increasingly been recognized as a fundamental right and, in particular, was included within the EU Charter that was drafted in 2000 and acquired pan-EU legal status in 2009. These developments have dovetailed with the emergence of a significant body of relevant Court of Justice of the EU (CJEU) jurisprudence. However, the regulatory Data Protection Authorities (DPAs) also remain critical interpretative actors and have issued a number of important opinions including through the Article 29 Working Party that under the GDPR has become the European Data Protection Board.

This chapter explores the legislative interface between data protection and the professional journalistic media under the Data Protection Directive (DPD) and then examines the formal regulatory guidance produced by European Data Protection Authorities (DPAs) during the same period. Despite the DPD’s emphasis on ensuring a careful balancing between equally fundamental rights, statutory provisions at State level were profoundly divergent. In broad terms, Northern European States tended to grant journalism sweeping exemptions from data protection, whilst Southern and Eastern European States set down tough standards even in this sensitive area. These media system differences mapped on to broader cultural fissures concerning individualism, uncertainty avoidance, and attitudes towards power inequalities. In the great majority of cases the national DPA retained a supervisory role in this area and over 60 per cent of these bodies, as well as the Article 29 Working Party, had published some statutory guidance. However, this guidance was often confined to a brief elucidation of the importance of contextual rights balancing coupled, in a number of cases, with an emphasis on promoting a co-regulatory connection between statutory supervision and self-regulation. A minority of DPAs did produce much more extensive guidance focusing especially on children’s rights over data, image rights and visual/audio-visual content, and the right to be forgotten and digital news/media archives.