Nomos Verlagsgesellschaft mbH & Co. KG, 2018

3-8452-9084-6

1 electronic resource (676 p.)

Schriften zur rechtswissenschaftlichen Innovationsforschung

342.0858

Data protection - Law and legislation - European Union countries

Data protection - Law and legislation - Germany

Data protection - Law and legislation

Inglese

Introduction -- Conceptual definitions as a link for regulation -- The function of the principle of purpose limitation in light of Article 8 ECFR and further fundamental rights -- Empirical approach in order to assist answering open legal questions -- Final conclusion: The principle of purpose limitation can not only be open towards but also enhancing innovation.

This thesis examines the principle of purpose limitation in data protection law from the perspective of regulating data-driven innovation. According to this approach, the principle of purpose limitation not only protects an individual’s autonomy but simultaneously leaves sufficient room for data controllers to innovate when finding the best solution for protection. The first component of the principle of purpose limitation (i.e. to specify the purpose of data processing) is a precautionary protection instrument which obliges the controller to identify specific risks arising from its processing against all fundamental rights of the data subject. In contrast, the second component (i.e. the requirement to limit data processing to the preceding purpose) aims to control the risk caused by data processing that occurred at a later stage and adds to the risks which were previously identified. This approach provides an answer to the question of how the General Data Protection Regulation which does not only

effectively protect an individual’s autonomy but also helps controllers to turn their legal compliance into a mechanism that enhances innovation, should be interpreted with regard to all the fundamental rights of the data subject.