The Centre for Intellectual Property and Information Law (CIPIL) is building comprehensive dataset of data protection legislation in Europe.
Although the General Data Protection Regulation (GDPR) 2016/679 is in principal now directly applicable across the EU, these national laws remain of great importance. Many issues require national specification and implementation including the constitution of Data Protection Authorities, many aspects of the sensitive data regime, the framework for law enforcement and national security (albeit, as regards the former, as an implementation within the EU of the Law Enforcement Directive 2016/680) and derogations to balance data protection with a whole host of other rights and interests including, most notably, freedom of expression and information.
The CIPIL website already has a fair amount of transnational material on the history of not only European intellectual property but also information law. The new listing provides comprehensive details of the pre-DPD (“first generation”), DPD-era (“second generation”) and GDPR-era (“third generation”) laws which have been enacted in EEA States and also in Switzerland and the UK, both of which have had and retain very close links with EU data protection.
The listing gives preference to English (or, if not, French) texts wherever these are available.
Initiated by Dr David Erdos, Deputy Director of CIPIL, the Centre is refreshing and extending its listing of all applicable and historic data protection laws within Europe.