Because of advancements in information technology, the tension between protection of privacy and freedom of information has intensified. In the United States this tension is addressed with sector specific laws, like the Fair Credit Reporting Act. Conversely, in Europe, data protection laws of general applicability have existed for two decades. Recently, the Council of Ministers adopted a Common Position in a data protection directive.

The Author analyzes specific provisions of the Directive, primarily focusing on the provisions that address the tension between the right of privacy and the free flow of information within the European Union. Ultimately, the Directive strikes a balance between privacy and the free flow of information in three ways. First, the Directive is limited to "personal data" and does not apply to information about corporate or governmental bodies. Next, the Directive allows Member States to create their own exceptions in certain categories like journalism. Finally, it requires Member States to prohibit processing of racial, ethnic, political, or religious data although allows processing in five enumerated instances.