Who controls our data? The legal reasoning of the european court of justice in wirtschaftsakademie schleswig-holstein and tietosuojavaltuutettu v jehovan todistajat

Abstract

This paper analyses two judgments from the European Court of Justice. Both were delivered soon after the new Data Protection Regulation became applicable. The argumentation in the judgments provides timely clarification on certain key concepts in European data protection law. As the analysis will show, the ECJ continues its broad interpretation of the parties responsible for data processing. The judgments are generally compatible with the Court’s previous case law, which seeks to fill any potential gaps in the protection of individuals’ privacy rights. Hence, the aims of data protection rules are predominately interpreted by the Court within a fundamental rights framework. Even though the cases have certain significant differences, the conclusions to be drawn are similar: the argumentation of the Court is focused on data protection throughout. Moreover, the Court emphasises strong protection of personal data in all kinds of situations, even those where other rights could also be relevant.