The Right to Privacy and Protection of Personal Data: Emerging Trends and Implications for Development in Jurisprudence of European Court of Human Rights
Vol.16,No.1(2022)
The emergence of the right to personal data protection is usually considered in close proximity to the right to private life, however, the two rights despite the sufficient degree of similarity are not identical. The article analyses the main concepts and discussions around the protection of privacy and personal data protection, which primarily was only perceived as another facet of privacy, as well as provides a comprehensive overview of theoretical and practical problems associated with their protection. Provided for the right to data protection is not explicitly mentioned in the ECHR the main concern, therefore, is whether it receives an adequate level of protection within the Convention system. The article argues that given the lack of an explicit criterion for distinguishing the rights to privacy and data protection, it is the jurisprudence of the ECHR, which is of the utmost importance for the development of the right to personal data protection as a fundamental right. Due regard is given to the evolution of the fundamental approaches of the ECHR in this field. It is concluded that the effective enjoyment of the right to data protection, which is not specified in the text of the ECHR or its Protocols, undeniably relies on the ECHR’s interpretation of the key data protection standards enlisted in the Convention no. 108, as well as relevant EU legislation.
privacy; data protection; the right to private life; the right to protection of personal data; the case-law of the ECtHR;
37–58
Yuliia Kovalenko
Koretsky Institute of State and Law of National Academy of Sciences of Ukraine
1. Airey v. Ireland (1979) No. 6289/73.
2. Antović and Mirković v. Montenegro (2017). No. 70838/13.
3. Amann v. Switzerland (2000). No. 27798/95.
4. Bărbulescu v. Romania (2017) No. 61496/08.
5. Benedik v. Slovenia (2018) No. 62357/14.
6. Bernh Larsen Holding AS and Others v. Norway (2013) No. 24117/08.
7. Buttarelli G. (2016) Convention 108: from a European reality to a global treaty. Council of Europe International Conference, Strasbourg, 17 June 2016. Available from: https://edps.europa.eu/sites/edp/files/publication/16-06-17_speech_strasbourg_coe_en.pdf [Accessed 29 January 2021].
8. Bygrave A. L. (2010). Privacy and Data Protection in an International Perspective. Stockholm Institute for Scandinavian Law pp. 181-183.
9. Byström N. (2016). The Data Subject and the European Convention on Human Rights: Access to Own Data. EDILEX pp.209-246.
10. Council of Europe (2018). Explanatory Report to the Protocol Amending the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, 10 October. Available from: https://rm.coe.int/cets-223-explanatory-report-to-the-protocol-amending-the-convention-fo/16808ac91a [Accessed 12 January 2021].
11. Council of Europe, European Court of Human Rights, European Data Protection Supervisor, European Union Agency for Fundamental Rights (2018) Handbook on European data protection law. 2018 ed. Luxembourg: Publication Office of the European Union, pp. 18-27.
12. de Hert P. and Gutwirth S. (2009) Data Protection in the Case Law of Strasbourg and Luxemburg: Constitutionalisation in Action. In: Gutwirth S., Poullet Y., de Hert P., Nouwt J., de Terwangne C. (eds.) Reinventing Data Protection? Dordrecht: Springer Science, pp. 3-44.
13. European Commission (2018) Data Protection in the EU. [online]. Available from: https://ec.europa.eu/info/law/law-topic/data-protection/data-protection-eu_en [Accessed 15 January 2021].
14. Gaskin v. the United Kingdom (1989). Series A no 160.
15. Gaughran v. the United Kingdom (2020). No. 45245/15.
16. Greenleaf G. (2018) ‘Modernised’ data protection Convention 108+ and the GDPR. 154 Privacy Laws & Business International Report 22-3. Available from: http://www.ssrn.com/link/UNSW-LEG.html [Accessed 13 January 2021].
17. Greenleaf G. (2018) The UN should adopt Data Protection Convention 108 as a global treaty: Submission on ‘the right to privacy in the digital age’ to the UN High Commission for Human Rights, to the Human Rights Council, and to the Special Rapporteur on the Right to Privacy. Sydney, 8 April 2018. Available from: https://www.ohchr.org/Documents/Issues/DigitalAge/ReportPrivacyinDigitalAge/GrahamGreenleafAMProfessorLawUNSWAustralia.pdf [Accessed 13 January 2021].
18. Ivanišević B. (2018) Distinction Between Privacy and Data Protection in ECtHR’s Montenegro Case. BDK Advokati. 13 February. Available from: https://bdkadvokati.com/distinction-between-privacy-and-data-protection-in-ecthrs-montenegro-case/ [Accessed 02 February 2021].
19. Kittichaisaree K., Kuner C. (2015) The Growing Importance of Data Protection in Public International Law. EJIL:Talk! 14 October. Available from: https://www.ejiltalk.org/the-growing-importance-of-data-protection-in-public-international-law/ [Accessed 25 January 2021].
20. Kokott J., Sobotta C. (2013) The distinction between privacy and data protection in the jurisprudence of the CJEU and the ECtHR. International Data Privacy Law, 3(4), pp. 222–228.
21. Kuner C. (2009) An International Legal Framework for Data Protection: Issues and Prospects. Computer Law & Security Review, 25, pp. 307-317.
22. Leander v. Sweden (1987) No. 9248/81.
23. Lynskey O. (2014) Deconstructing data protection: the 'added-value' of a right to data protection in the EU legal order. International and Comparative Law Quarterly 63(3) pp. 569-597.
24. M.M. v. the United Kingdom (2012). No. 24029/07.
25. M.S. v. Sweden (1997). No. 20837/92.
26. Malone v. the United Kingdom (1984) No. 8691/79.
27. P. and S. v. Poland (2012). No. 57375/08.
28. Panteleyenko v. Ukraine (2006). No. 11901/02.
29. Pazyuk A. (2016) European Approach to the Data Protection in the Police Sector: Current Status and Trends. Law Review of Kyiv University of Law, 4, pp. 360-364.
30. Peck v. the United Kingdom (2003) No. 44647/98.
31. Rojszczak M. (2020) Does Global Scope Guarantee Effectiveness? Searching for a New Legal Standard for Privacy Protection in Cyberspace. Information & Communications Technology Law, 29 (1), pp. 22-44.
32. Roman Zakharov v. Russia (2015). No. 47143/06, ECHR 2015.
33. Rotaru v. Romania (2000) No. 28341/95.
34. S. and Marper v. the United Kingdom (2008) nos. 30562/04 and 30566/04.
35. Satakunnan Markkinaporssi Oy and Satamedia Oy v. Finland (2017). No. 931/13.
36. Tyrer v. the United Kingdom (1978) No. 5856/72.
37. Tzanou M. (2013) Data Protection as a Fundamental Right Next to Privacy? ‘Reconstructing’ a not so New Right. International Data Privacy Law, 3(2), pp. 88-99.
38. UN Human Rights Committee (HRC) (1988) CCPR General Comment No. 16: Article 17 (Right to Privacy), The Right to Respect of Privacy, Family, Home and Correspondence, and Protection of Honour and Reputation, 8 April. Available from: https://www.refworld.org/docid/453883f922.html [Accessed 11 January 2021].
39. Uzun v. Germany (2010) No. 35623/05.
40. Van der Sloot B. (2014) Privacy as Human Flourishing: Could a Shift Towards Virtue Ethics Strengthen Privacy Protection in the Age of Big Data? JIPITEC, 5(3), pp. 230-244.
41. Van der Sloot B. (2015) Privacy as Personality Right: Why the ECtHR’s Focus on Ulterior Interests Might Prove Indispensable in the Age of “Big Data”. Utrecht Journal of International and European Law, 31(80), pp. 25–50.
42. Van der Sloot B. (2020) The Quality of Law: How the European Court of Human Rights Gradually Became a European Constitutional Court for Privacy Cases. JIPITEC, 11(2), pp. 160-185.
43. Z v. Finland (1997) No. 22009/93.
44. Zaichenko v. Ukraine (No.2) (2015) No. 45797/09.
Copyright © 2022 Masaryk University Journal of Law and Technology