Review of the data protection directive: Is there need (and room) for a new concept of personal data?

Abstract

The entry into force of the Lisbon Treaty brought some changes to the EU legal framework and some of them have a direct impact on data protection. In this new scenario, the movements requiring the review of the Data Protection Directive gained a new boost. For the discussion of a possible review of the Directive, the analysis of the concept of personal data is fundamental, because the EU data protection framework has this concept as one of its foundations, since data which are not related to an identified or identifiable person do not fall within the scope of the Data Protection legislation. Taking into account this scenario, this chapter initially analyses the concept of personal data as provided for by Directive 95/46 and the views of the Article 29 Working Party and of the European Data Protection Supervisor regarding the concepts of personal data and anonymous data. Then, it concentrates on the experiences of France, Italy and UK, seeking to identify the differences in the concept of personal data in these member states. After carrying out these analyses, the chapter proposes some changes on the concept of personal data which could be incorporated in the review of the General Data Protection Directive.