Personal data protection through the lens of digital sovereignty: the EU perspective
hovsepkocharyan28
60 views
8 slides
Sep 15, 2025
Slide 1 of 8
1
2
3
4
5
6
7
8
About This Presentation
In an era of rapid digital transformation, the protection of personal data has become a cornerstone of democratic societies. This presentation explores the concept of personal data protection through the lens of digital sovereignty, with a focus on the European Union's evolving legal and policy ...
Slide Content
Personal data protection through the lens of digital sovereignty : the EU perspective Mgr. Lusine Vardanyan, Ph.D. & Mgr. Hovsep Kocharyan, Ph.D.
Introduction The concept of digital sovereignty of the EU is particularly difficult due to the uniqueness of the EU as a subject of world politics. T here are different political contexts for its use : " establishing , " defending ", " achieving " digital sovereignty ? (A. Merkel, U. Von der Leyen). Digital sovereignty can be understood both as the goal set by the one who exercises power, and as the quality of the one who exercises power ( Floridi , Moerrel ; Timmers ). The issues of digital sovereignty are being actively discussed in two parallel groups at the United Nations – UN Group of Governmental Experts and UN Open Ended Working Group . The issue of global data flow management remains problematic and still unresolved ( Darnis , 2021 a; Martino, 2021 ).
How the EU data protection laws turn into instruments for the implementation of the EU’s digital sovereignty? The EU uses broad and fictitious links with the territory in its data protection laws (GDPR, DMA, DMA, etc.). Article 3(2) of the GDPR states that it applies to data controllers and processors that are not established in the EU if they process data related to the offer of goods or services to data subjects in the EU or monitor the behavior of persons located in the EU - possibility of broad and flexible interpretation . Through the GDPR, the EU significantly expands the scope of its data protection laws unilaterally and to a greater extent than any other jurisdiction in the world so far. The EU is thereby trying to insure itself in the digital world and have flexible and broad levers of influence on data in the conditions of dynamically changing digital world. Data is the only real asset, what the EU can influence in the digital world.
What special features of the EU's digital sovereignty exist in the context of data protection? Extraterritorial application of the GDPR: for example, the right to be forgotten applies outside the EU in the case of defamation – the case of Eva Pieszczek (The GDPR is a “floor, but not a ceiling”( Samonte )). The problem of ensuring of the CJEU’s decision abroad: The ability to enforce of laws faces many difficulties in an environment that combines non-physical aspects of cyberspace with extraterritoriality. ”Dangerous“ mechanisms of the GDPR: By linking regulation to the location of the data subject or users, rather than the location of the data itself, the GDPR expands its scope and extends even to those companies that are located outside the EU.
How does the judicial practice of the CJEU draw the boundaries of the EU's digital sovereignty? In Google v. CNIL , the CJEU faced a choice between recognizing of the global application and recognizing of the non-universal application of the right to be forgotten, and took into account the sovereignty of other States and the principle of international comity. The CJEU recognized the indirect recognition and possibility of the global application of EU law, and clearly stated that although the EU does not require the global application of the right to be forgotten, it also does not prohibit such practices. The right to be forgotten is turning into a kind of tool for the EU to assert its digital power far beyond its borders. The judicial practice of the CJEU tries to use both extraterritoriality and localization of data at the same time.
How is the EU trying to regain control over data? The EU is attempting to restore borders in the digital sphere and is trying to regain control over data through their localization - reterritorialization of data by requiring their storage on servers and in data processing centers within national borders as an exercise of "data sovereignty". In October 2019, the grandiose European project of the European Data Transmission Infrastructure (Gaia-X) was launched. In November 2021, the European Data Protection Council published two documents with instructions on when the transfer of personal data to third countries outside the EU will be allowed. Localization and reterritorialization of data are also found in the case law of the CJEU. In particular, the CJEU demanded from Google to remove search results from its website on the basis of the right to be forgotten and limit such deletion to the EU territory, encouraging the use of geo-blocking technologies ( Google v. CNIL ).
What risks does data localization contain? Excessive desire to attract data to Europe and the creation of digital infrastructure in the EU can have the opposite effect. Digital sovereignty can lead to an acute struggle, which ultimately will not contribute to the development of the economy. The Council of Europe has warned of the potential adverse cross-border impact on Internet access and use that may arise as a result of the exercise of national sovereignty.
Closing remarks The extension of EU data protection laws beyond the borders of the EU creates a number of problems, contradicting the principles of international comity and global diversity. The issue of the extraterritorial application of EU data protection legislation has been at the center of two recent decisions made by the CJEU ( Google v. CNIL and Eva Piesczek v. Facebook ) , where the Court demonstrated an understanding of the cross-border implications of its decisions and the need to recognize transnational diversity and international comity by finding pragmatic solutions to modulate the impact of EU data protection laws beyond EU borders . However, states should strive to develop a common framework of international law that promotes the development of transnational data protection standards (“New Westphal")
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 60
- Slides 8
- Age 80 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
49 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
48 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
35 views
21
Know for Certain
DaveSinNM
23 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views