Book Review: The Fundamental Right to Data Protection

Having found herself in the audience of talks on privacy (and surreptitiously trying to cover up her privacy-offending activity tracker), this Kat was delighted to delve further into the world of Data Protection. A new book by Maria Tzanou, entitled "The Fundamental Right to Data Protection: Normative Value in the Context of Counter-Terrorism Surveillance," lays out the case for data protection as a fundamental right and explores case studies to test this new 'right.'

The book focuses on surveillance, as a key counter-terrorism tool, and introduces the rather disturbing term, 'dataveillance,' which is defined as "the systematic monitoring of people's actions or communications through the application of information technology." The text discusses the definition of privacy as an important conceptual framework. Part I of the book sets out theoretical aspects and Part II focuses on four case studies of EU counter-terrorism data surveillance. As the author puts it, the book seeks to examine current theories and details three important limitations the fundamental right to data protection faces, "its interconnectivity with privacy, its linking with secondary legislation and the elusiveness of its content."

I was drawn to a discussion on approaches to data protection, which strongly mirror the approaches to IP. Tzanou classifies these approaches as the economic approach and the fundamental rights approach. Using an economic approach, information is assumed to have economic power. International data flows can therefore be problematic as, Tzanou notes, the OECD has highlighted that data flows could lead to a loss of national sovereignty. [Merpel notes that this is not so hard to envision given the US dominance of corporation-owned data, and recent discussions of targeted social media propaganda.]  However, the OECD's mandate is to promote economic growth, meaning that the majority of OECD efforts have been devoted to enabling the free flow of information. In contrast, the fundamental rights approach, which is the EU approach, also originally stems from economic concerns (the single market) but adds a recognition of the right to privacy. As a result, data protection is considered a fundamental right, which is covered in the EU by the respect for private and family life, and protection of personal data.

EvanLovely, Computer Using Cat
via Wikimedia Commons
In the empirical chapters, Tzanou looks at metadata surveillance, travel data surveillance, financial data surveillance and internet data surveillance. In travel, Tzanou examines in detail the history and development of airline passenger screening. In the U.S., the screening of airline passengers began in the 1960s and the author takes the reader through the various permutations of the US approach to the current iteration of "Secure Flight." Unfortunately, the entire process is cloaked in secrecy and there is very little transparency as to how data translate to labeling passengers as cleared to fly, selected for additional screening, or no-fly. Tzanou describes the tensions between the US and EU, which put "EU airlines between a rock and a hard place," as US transportation security requirements contravene EU data protection - an ongoing saga.

The chapter on internet data surveillance starts off with, naturally, Snowden. Here again sovereignty comes up as security agencies in the US, with UK participation, secretly gather mass communications information held by large US tech companies - circumventing legal processes and borders. Tzanou looks at these issues in relation to Safe Harbour, the Schrems case, Privacy Shield and others. It's enough to make the average reader want to learn to use Tor.

"The Fundamental Right to Data Protection" will appeal to the IT and data legal enthusiast.  The text does not contain much by way of IP, however in my experience most IP lawyers are fairly keen on their data protection laws. "The Fundamental Right to Data Protection: Normative Value in the Context of Counter-Terrorism Surveillance," by Maria Tzanou is published by Bloomsbury Publishing and is available here for £70 as an e-book or hardback. Rupture factor: Medium, 290 pages.
Book Review: The Fundamental Right to Data Protection Book Review: The Fundamental Right to Data Protection Reviewed by Nicola Searle on Tuesday, October 03, 2017 Rating: 5


  1. It is odd that the people who are hostile to IP are often the same people who are in favour of data processing law - yet the latter restricts personal freedom just as much (or more than) the former.

  2. I agree Anonymous @ 17:09 - perhaps it is because IP provides a normative property right TO someone, while those in favor of data processing law (protections) seek to have such protections FOR everyone (whether or not the implementation of such results in any "more restrictions" or not - and perhaps critically, as noted in the article, exactly who is being restricted from what - and exactly who is not paying attention to any restrictions).


All comments must be moderated by a member of the IPKat team before they appear on the blog. Comments will not be allowed if the contravene the IPKat policy that readers' comments should not be obscene or defamatory; they should not consist of ad hominem attacks on members of the blog team or other comment-posters and they should make a constructive contribution to the discussion of the post on which they purport to comment.

It is also the IPKat policy that comments should not be made completely anonymously, and users should use a consistent name or pseudonym (which should not itself be defamatory or obscene, or that of another real person), either in the "identity" field, or at the beginning of the comment. Current practice is to, however, allow a limited number of comments that contravene this policy, provided that the comment has a high degree of relevance and the comment chain does not become too difficult to follow.

Learn more here:

Powered by Blogger.