Date of Award

2024

Degree Type

Dissertation

Degree Name

Doctor of Juridical Science (S.J.D.)

First Advisor

Daniel Halberstam

Second Advisor

Don Herzog

Third Advisor

Christopher McCrudden

Abstract

Data protection law has been subject to various criticisms, among which is one of a fundamental kind: devoted to procedures, it lost sight of its privacy-bound origins. This dissertation aims to provide a novel historical and comparative account of the transatlantic development of data protection law, from the origins to this day, identifying how it may yet succeed in reaching the policy goals its original proponents imagined, and untangling key legal concepts along the way.

The regulatory concept of data protection was founded on three basic principles: purpose limitation, universality, and institutional supervision and enforcement. These three principles trace their own roots to the justification principle.

Originally, data protection was designed to work without privacy. As this dissertation shows, it indeed did, at the statutory level. At the constitutional level, data protection had to contend with privacy. As this dissertation’s transatlantic comparative exercise demonstrates, privacy proved to be a conceptual hindrance to the development of data protection on the constitutional plane.

The Court of Justice of the European Union (CJEU) developed a unique data protection doctrine, fully independent from privacy, elevating the three principles of data protection to the constitutional level. This was an unexpected outcome, from which the CJEU walked back somewhat in the 2024 Quadrature du Net II decision. Still, the CJEU’s doctrine demonstrates that the independence of constitutional data protection from privacy is both possible and fruitful. In that regard, the transatlantic convergence away from data protection and towards a privacy-infused notion of profiling is concerning.

Download

Share

COinS