Weiter zum Inhalt

Risk to the Right to the Protection of Personal Data:

An Analysis Through the Lenses of Hermagoras

István Böröcz

DOI https://doi.org/10.21552/EDPL/2016/4/6

One of the novelties of the General Data Protection Regulation (GDPR) will be the application of the risk-based approach in European data protection law on a larger scale. Although the Regulation uses the term ‘risk’ in numerous provisions, it does not answer the question ‘What is risk to a right and how should it be assessed?’. Although Article 35 (Data Protection Impact Assessment, DPIA) provides a tool to assess these risks, to keep the GDPR suitable for assessing new technologies, the conduct of a DPIA should be based on solid and clear understanding of the provisions. The applicability and suitability of a risk assessment process is yet to be discovered if the risk relates to a fundamental right. A unified perception of risk to a right is necessary as it is the core element of the risk-based approach, furthermore, a varying perception of risk to a right would undermine the endeavours of the GDPR relating to harmonisation. This contribution elaborates on the attributes of risk to a right and advises a unified understanding of risk to a right and risk to the right to the protection of personal data.

István Böröcz, researcher at the Brussels Laboratory for Data Protection & Privacy Impact Assessments (d.pia.lab), Research Group on Law, Science, Technology & Society (LSTS) at Vrije Universiteit Brussel (VUB). This contribution is partially based on the master’s thesis of the author (title: ‘The Notion of Risk in Data Protection Law - Can Data Protection Impact Assessment Ensure Compliance?’), written and defended in the academic year of 2015/2016 in the Law and Technology LLM Programme, at Tilburg University [Tilburg Institute for Law, Technology and Society (TILT)], under the supervision of Prof Paul De Hert. The research has been carried out in the context of a project funded by the European Union under the Horizon 2020 Programme: FORENsic evidence gathering autonomous sensor (FORENSOR), grant agreement no 653355. For correspondence: <mailto:istvan.mate.borocz@vub.ac.be>.


Lx-Number Search

(e.g. A | 000123 | 01)

Export Citation