The Data Protection Directive 95/46/EC (hereinafter the “Directive”) was passed in 1995 to harmonize the national data protection laws within the European Community. The aim of the directive was in protecting the fundamental rights and freedoms of individuals, including their privacy as set out under Article 1 of the Data Protection Directive. The rules governing the processing of personal data are deemed to be inapplicable in the two instances outlined by Article 3(2). The processing of personal data falls outside of community law and is thus excluded from the DPD. The Directive is also inapplicable if the processing of personal data is undertaken by a person in the course of a purely personal or household activity. The second part of Article 3(2), is examined in more detail. The ruling by the European Court of Justice (hereinafter “ECJ”) in Lindqvist provides us with a fresh opportunity to re-examine whether the policy justifications for the exclusion under Article 3(2) continue to remain relevant in the light of widespread use of new technologies such as blogs, podcasts and web pages for processing and distributing information. Greater clarity regarding the implication of new communication technologies for DPD policy is necessary, if the laws on data protection are to evolve in a coherent and principled manner.
- Data Protection; privacy; social networking
Available at: http://works.bepress.com/rebecca_wong/5/