The article discusses the future of European Union (EU) data protection law following its fifth anniversary in May 2023. It argues for the expansion of the concept of personal data to cater for collectives and not just the individual. It discusses the interests of collectives in data protection that are overlooked by current laws and highlights the importance of extending data protection to collectives. In this regard, the article argues that EU data protection law should undergo a reverse Brussels effect which allows the EU to look outward and learn from cultures that privilege communities and groups to identify a collective cultural value that can inform a theoretical framework that recognises collective rights. It proposes Ubuntu as one such value that the EU can learn from and transpose into the current data protection system without making drastic changes. It proposes an Ubuntu Framework and the principles accompanying such framework that can be incorporated into the GDPR.
Keywords: collectives, legal persons, groups, ubuntu, GDPR, collective identity, Brussels effect