Analyzing Threats to Fundamental Rights Made Fun With a Handy Toolkit!

Europe’s independent data protection authority, the European Data Protection Supervisor, is trying to make it easier for policymakers to determine how new laws affect Europeans’ fundamental right to data protection.

Giovanni Buttarelli, the EDPS, released a “necessity toolkit” for guidance on when limits may be placed on the right to personal data protection. Under the EU Charter on Fundamental Rights, fundamental rights may only be limited when it is “necessary” to meet objectives of general interest or to protect the rights and freedoms of others.

The toolkit includes a four-step checklist to apply to new legislation: (1) obtain a “detailed factual description” of the policy and its purpose; (2) identify whether/which fundamental rights are limited by the policy; (3) consider the objective of the policy which should be assessed against the necessity; and (4) choose the policy that is effective and the least intrusive.

The checklist is based on a six-part legal analysis on how the necessity test applies to the fundamental right to personal data protection that is included in the toolkit. The legal analysis is based on EU legal instruments, decisions of the Court of Justice for the European Union and European Court of Human Rights and opinions of the EDPS and Article 29 Working Party of privacy officials from the 28 EU member countries.

We believe the EDPS necessity toolkit will assist policymakers” demonstrate that any limitation of the right to data protection is “absolutely necessary to achieve an objective of general interest to all concerned” or protect the rights of others, Buttarelli said.


To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.