Everyday Automation

Abstract

In the last decade, a flurry of regulatory, legislative and judicial activity has taken place responding to concerns over commercial and government interferences with data privacy. 2 Europe stands out in this regard. In May 2018, the highly anticipated new General Data Protection Regulation (GDPR) came into force. 3 The European legislature is debating revision to the regulatory framework for electronic communications privacy (European Commission Proposal for ePrivacy Regulation 2017a). 4 New frameworks for cross-border access to digital evidence are being discussed. 5 Privacy regulators are stepping up enforcement in relation to Internet companies and adopting a growing stream of regulatory guidance. 6 National courts as well as the Court of Justice of the European Union (CJEU) and the European Court of Human Rights have been asked to rule, as a consequence of citizen and privacy activist initiatives, on the legality of government surveillance measures and the legality of international data flows in view of the fundamental right to privacy and the protection of personal data. 7 The CJEU has been particularly impactful, by invalidating the Data Retention Directive (CJEU 2014a), imposing a right to be forgotten on search engines (CJEU 2014b), and invalidating the Safe Harbour agreement for data flows between the EU and the United States in a sweeping ruling on the need to guarantee data privacy in the context of personal data flowing outside of the EU. The UN General Assembly adopted several resolutions on the right to privacy in the digital age and has also appointed a UN Special Rapporteur on the Right to Privacy.