Schrift vergrößern Schrift verkleinern Kontrast ändern zurücksetzen


German Research Institute for Public Administration

Regulatory scope in Member States under the General Data Protection Regulation - the General Data Protection Regulation and national law

The General Data Protection Regulation (EU-GDPR) will permanently alter the nature of data protection law. It is not so much its ground-breaking substantive innovations. It is above all the principle of lex loci solutionis (law of the place where performance occurs) and the modifications to the structure of European data protection supervision that will ensure a rejuvenation of data protection law whose effects will radiate well beyond the borders of the European Union. Combined with the transition to the legislative tool of the Regulation this therefore ushers in a clearly discernible harmonisation - in comparison with the previous regime based on the issue of Directives. However, in actual fact the EU-GDPR is in parts more a Directive in the guise of a Regulation. With around four dozen flexibility clauses it gives Member States ample scope for introducing their own legislative nuances, especially in the public sector. The project takes an in-depth look at to what extent the EU-GDPR alters German data protection law and how far national scope for elaboration extends. The focus is particularly on the data protection requirements under the EU-GDPR with regard to the tasks to be performed by public sector administration.

In what directions does the EU-GDPR alter data protection in Germany and Europe, its implementation and judicial enforcement in the Member States and the relevant supervisory structures?

How, in particular, can data protection principles (such as transparency, data economy, direct collection or necessity for a certain purpose) be realised in an environment of digital containment and the voluntary disclosure of personal data without hampering the economic innovativeness of digital technologies?

At the beginning of 2016, Professor Dr Mario Martini together with his colleague from Regensburg, Professor Dr Jürgen Kühling, LLM and with the support of the research associates from the programme area 'Digitalisation', have already begun to explore the regulatory scope available on a national level to Member States under the regime of the EU-GDPR. In close cooperation with the German Federal Ministry of the Interior (BMI), an expert opinion of 530 pages was produced in the substantive context of the research project. It can be seen as a guideline that has formed the basis for the national legislative process.

As a result the project offers a comprehensive and detailed analysis of the requirements under European law and of the remaining regulatory scope on a national level for shaping data protection principles and thus the right to informational self-determination in the digital 21st century. It takes an in-depth look at the flexibility clauses of the EU-GDPR, the associated regulatory task for German lawmakers and the position of the supervisory authorities for data protection and their possibilities for cooperation. 


Note: The text on this home page is copyrighted. It is taken verbatim or based on Martini, "Digitalisierung als Herausforderung und Chance für Staat und Verwaltung" (Digitalisation as Challenge and Chance for State and Administration), FÖV Discussion Paper No. 85, 2016, in particular p. 54 f.

Senior Fellow

Mario Martini

Prof. Dr. Mario Martini



David Nink

David Nink, Ass. iur.



Quirin Weinzierl

Quirin Weinzierl, Ass. iur.