{"id":2206,"date":"2021-04-21T12:22:09","date_gmt":"2021-04-21T12:22:09","guid":{"rendered":"https:\/\/live-cornell-international-law-journal-online.pantheonsite.io\/?p=2206"},"modified":"2021-04-21T12:22:09","modified_gmt":"2021-04-21T12:22:09","slug":"data-protection-by-design-a-critique-of-article-25-of-the-gdpr-2","status":"publish","type":"post","link":"https:\/\/publications.lawschool.cornell.edu\/cilj\/2021\/04\/21\/data-protection-by-design-a-critique-of-article-25-of-the-gdpr-2\/","title":{"rendered":"Data Protection by Design? A Critique of Article 25 of the GDPR, Vol. 53"},"content":{"rendered":"\n

Europe\u2019s General Data Protection Regulation (GDPR) took effect on May 25, 2018. Article 25, titled, \u201cData Protection by Design and by Default,\u201d purports to incorporate the concept of \u201cprivacy by design\u201d into European data protection law. This Article challenges that common presumption. Although privacy by design is not a new doctrine, having been the subject of academic debate, legal, and regulatory discussions for more than a decade, the final draft of Article 25(1) reflects little, if any, of that history. Relying on multiple forms of statutory interpretation commonly used to interpret European Community legislation, this Article argues that Article 25 of the GDPR lacks any meaningful connection to privacy by design under textualist, contextual, purposive, and precedential interpretations. Only teleological reasoning offers a meaningful way forward. This means that it is up to the European Court of Justice to determine if Article 25(1) will have any chance of protecting European Union citizens and limiting the power of data controllers.<\/p>\n","protected":false},"excerpt":{"rendered":"

Europe\u2019s General Data Protection Regulation (GDPR) took effect on May 25, 2018. Article 25, titled, \u201cData Protection by Design and by Default,\u201d purports to incorporate the concept of \u201cprivacy by design\u201d into European data protection law. This Article challenges that common presumption. Although privacy by design is not a new doctrine, having been the subject…<\/p>\n","protected":false},"author":1,"featured_media":2263,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[13,22,25],"tags":[],"class_list":["post-2206","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-articles-2","category-print-archive","category-volume-53-issue-1"],"acf":[],"_links":{"self":[{"href":"https:\/\/publications.lawschool.cornell.edu\/cilj\/wp-json\/wp\/v2\/posts\/2206","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/publications.lawschool.cornell.edu\/cilj\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/publications.lawschool.cornell.edu\/cilj\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/publications.lawschool.cornell.edu\/cilj\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/publications.lawschool.cornell.edu\/cilj\/wp-json\/wp\/v2\/comments?post=2206"}],"version-history":[{"count":0,"href":"https:\/\/publications.lawschool.cornell.edu\/cilj\/wp-json\/wp\/v2\/posts\/2206\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/publications.lawschool.cornell.edu\/cilj\/wp-json\/wp\/v2\/media\/2263"}],"wp:attachment":[{"href":"https:\/\/publications.lawschool.cornell.edu\/cilj\/wp-json\/wp\/v2\/media?parent=2206"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/publications.lawschool.cornell.edu\/cilj\/wp-json\/wp\/v2\/categories?post=2206"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/publications.lawschool.cornell.edu\/cilj\/wp-json\/wp\/v2\/tags?post=2206"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}