Skip to content
  • «
  • 1
  • »

The search returned 4 results.

Increased Negotiation Power for the Data Subject: A Matter of Interpretation and Enforcement journal article

Diana Dimitrova

European Data Protection Law Review, Volume 8 (2022), Issue 4, Page 474 - 492

Scholars have started to critically examine in how far EU data protection law indeed grants or is able to grant data subjects effective control over the processing of personal data concerning them. Data subject control, however, is not really defined in substance. In addition, there is the question whether the knowledge produced with the help of profiling and predictive technologies may be effectively controlled by either the data controller or the data subject. The GDPR contains provisions which could be interpreted to enable data subjects to engage in an adversarial relationship with the data controller, giving them more negotiation power, which could lead to effectively influencing the data processing and thus some version of control. These opportunities can be found, inter alia, in the provisions on data subject rights and to a lesser extent in the provisions on stakeholder involvement when carrying out a Data Protection Impact Assessment (DPIA). The discussed adversarial relationship opportunities may be found also in the LED, to a certain extent, except as concerns the DPIA. Keywords: Adversarial Relationship | Control | DPIA | Data Subject Rights | Influence | Negotiation Power


The Right to Explanation under the Right of Access to Personal Data: journal article

Legal Foundations in and Beyond the GDPR

Diana Dimitrova

European Data Protection Law Review, Volume 6 (2020), Issue 2, Page 211 - 230

The present article sets out to contribute to the discussion on the right to explanation of (automated) decisions and profiles by examining it in light of the right to access to one’s personal data. To that end it explores the right of access and explanation obligations beyond the GDPR by focusing also on Directive 2016/680, the CJEU case law, CoE Convention 108+ and ECtHR case law. The paper argues that whereas the right to know the reasoning and criteria underlying a decision could be derived from the right of access, this is less explicit in the case-law of the CJEU as compared to the ECtHR and Convention 108+. The discussion also points to the necessity of clarifying the relationship between and boundaries of data protection rights and other areas of law, eg the right to effective remedy and the obligation to state reasons for decisions. Keywords: right to explanation, right of access, GDPR, data rotection


Video Surveillance at Work – In Need of Regulation? (López Ribalda and Others App nos 1874/13 and 8567/13) journal article

Diana Dimitrova

European Data Protection Law Review, Volume 6 (2020), Issue 1, Page 152 - 157

López Ribalda and Others v Spain, Applications numbers 1874/13 and 8567/13, Judgment of European Court of Human Rights of 17 October 2019 Employees not notified of covert video surveillance at work. Other safeguards applicable. Domestic courts struck a fair balance in examining the privacy rights of the employees and the legitimate interests of the emplyoer. No violation of Article 8 ECHR.


  • «
  • 1
  • »