Article 4(1)(a) ‘establishment of the controller’ in EU data privacy law—time to rein in this expanding concept?

Article 4 of the Data Protection Directive has always been shrouded in a veil of mystery. No one seems to have been quite certain as to exactly what the role of that Article is and how it relates to other provisions; especially how it relates to Article 28 dealing with jurisdiction. For the first 15...

Full description

Saved in:
Bibliographic Details
Published inInternational data privacy law Vol. 6; no. 3; pp. 210 - 221
Main Author Svantesson, Dan Jerker B.
Format Journal Article
LanguageEnglish
Published Oxford Oxford University Press 01.08.2016
Oxford Publishing Limited (England)
Subjects
Councils
Data integrity
Data security
EU directives
Extraterritoriality
International law
Internet
Jurisdiction
Jurisdiction (International law)
Laws, regulations and rules
Personal information
Privacy
Regulation
Saugmandsgaard Oe, Henrik
Search engines
Security management
Social networks
Europe
Online AccessGet full text

Cover

More Information
Summary:Article 4 of the Data Protection Directive has always been shrouded in a veil of mystery. No one seems to have been quite certain as to exactly what the role of that Article is and how it relates to other provisions; especially how it relates to Article 28 dealing with jurisdiction. For the first 15 years or so, the confusion surrounding Article 4 seems to have mattered little in that, whatever issue Article 4 was to address, that issue did not get much time in the limelight. That has now changed, not least due to the Internet. Article 4 has been the very focal. The Directive and Article 4 thereof were adopted before the large-scale provision of on-line services on the Internet started. Moreover, in this respect, its wording is not consistent and is incomplete. It is no wonder that data protection experts have had considerable difficulties in interpreting it in relation to the Internet.
ISSN:2044-3994
2044-4001
DOI:10.1093/idpl/ipw013