Weiter zum Inhalt
  • «
  • 1
  • »

Die Suche erzielte 2 Treffer.

Fundamental Rights, the Normative Keystone of DPIA Journal Artikel

Dara Hallinan, Nicholas Martin

European Data Protection Law Review, Jahrgang 6 (2020), Ausgabe 2, Seite 178 - 193

The General Data Protection Regulation mandates that data controllers conduct a Data Protection Impact Assessment (DPIA) for certain processing activities. The core of the substance of the DPIA obligation requires that data controllers engage in ‘an assessment of the risks to the rights and freedoms of data subjects [posed by the processing operation]’. A common interpretation has emerged that this obligation only requires data controllers to engage in a ‘compliance assessment’: an assessment of the risks of processing considering the concrete provisions of the GDPR. This article takes issue with this interpretation and offers an elaborated conceptual argument supporting the following, alternative, position: the obligation that the DPIA risk assessment process include ‘an assessment of the risks to the rights and freedoms of data subjects’ requires data controllers to take the complete catalogue of rights and freedoms, outlined in foundational European fundamental rights instruments, as the key normative reference point for the DPIA risk assessment process. Keywords: data protection, privacy, GDPR, data protection impact assessment, DPIA, fundamental rights


  • «
  • 1
  • »