(ProQuest: ... denotes non-US-ASCII text omitted.)

Articles

My thanks to Dr Albertina Albors-Llorens, Dr Christopher Kuner, Mr Angus Johnston and Professor Andrew Murray who have contributed to the development of the thoughts expressed in this paper. All opinions expressed and errors remain my own.

I.

INTRODUCTION

Article 8 of the EU Charter of Fundamental Rights¹(EU Charter) sets out a right to data protection which sits alongside, and in addition to, the right to privacy in the Charter. This inclusion of an independent right to data protection in the EU Charter differentiates it from other international human rights documents which tend to treat data protection as a subset of the right to privacy.²When the Charter was signed and proclaimed as a solemn political declaration in 2000, the Court of Justice of the EU (CJEU) had yet to recognize the existence of a right to data protection in the EU legal order.³Moreover, the European Data Protection Directive,⁴enacted in 1995, makes no reference to the right to data protection. Its inclusion in the Charter therefore merits justification. Unfortunately, the Charter's explanatory memorandum⁵offers little by way of explanation. It laconically states that the right to data protection is based on Article 286 EC,⁶the Data Protection Directive,⁷Article 8 ECHR⁸and the Council of Europe's Convention No 108.⁹It therefore does little to elucidate why such a new right was introduced, in addition to the pre-existing right to privacy, and how these two rights should interact.

The failure to provide a convincing rationale for the inclusion of a right to data protection in the EU Charter prompted scholars to advance potential justifications. It has been suggested, for instance, that the Charter's right to data protection was introduced in order to bolster the legitimacy of EU data protection law by emphasizing the fundamental rights dimension of the Data Protection Directive.¹⁰Indeed, although the Directive's stated objectives are to ensure the free flow of personal data in the EU internal market and to protect fundamental rights, the Directive was legally justified on the basis of internal market considerations alone as the EU lacks competence to enact fundamental rights legislation.¹¹This potential justification is therefore plausible....