In the course of the last decade, the EU legal framework governing the processing of personal data has undergone a reform resulting in the adoption of the General Data Protection Regulation and Directive 2016/680 that became applicable across the EU in May 2018. While non-EU private parties and third countries already came within the extensive territorial reach of the EU data protection rules before the reform, the new laws clarified that all data flows from the EU to international organizations must be compliant with the EU's data protection standards. This development raises questions from the point of view of international law, as this requirement prima facie interferes with the autonomy of such organizations.
A decade after the adoption of the GDPR, the exact position of international organizations under EU data protection rules still raises fundamental questions. EU data protection and international organizations: Bridging EU law and international law seeks to fill this lacuna, charting an approach that reconciles two bodies of law that are in apparent conflict with each other. While the point of departure of the proposed book is data protection, it provides fundamental insights into the relationship between EU law and international law. It also addresses the question of data protection as a developing international human right, adding to human rights literature.
Through normative analysis and elements of comparative methodology, this book determines the possibility of direct and indirect application of EU data protection rules and standards to international organizations. Examples of practices followed by various international organizations and the EU are provided throughout the work, illustrating the abstract findings of the normative analysis and offering cases studies for how these day-to-day practices could be improved in light of both EU and international law.
