Leeway for Member States to regulate under the General Data Protection Regulation - The GDPR and national law

The General Data Protection Regulation (EU GDPR) will have a profound impact on the landscape of data protection law. It is not so much the substantive legal innovations themselves that are the focus of attention. In particular, the marketplace principle and the changes to the structure of European data protection supervision ensure a data protection regime with far-reaching effects beyond the borders of the Union. Furthermore, the transition to a regulation is accompanied by a discernible harmonisation in comparison to the preceding directive regime. In substance, however, the EU GDPR is, in part, more akin to a directive in the guise of a regulation, with approximately four dozen opening clauses that allow for significant scope for national normative nuances, particularly within the public sector. The project undertook a comprehensive examination of the ways in which the EU GDPR has transformed German data protection law and the extent to which the national scope of interpretation has been applied. The analysis focused on the data protection requirements set forth by the EU-GDPR for the fulfilment of public administration tasks.

(Some publications are in German.)