In 2009, with the enactment of the Lisbon Treaty, the Charter of Fundamental Rights of the European Union entered into force. Under Article 8 of the Charter, for the first time, a stand-alone fundamental right to data protection was declared. The creation of this right, standing as a distinct right to the right to privacy, is undoubtedly significant, and it is unique to the European legal order, being absent from other international human rights instruments, such as the International Covenant on Civil and Political Rights.
This commentary examines the parameters of this new right to data protection, asking what the values underpinning the right are. This piece also analyses some of the challenges in implementing this right in an era of ubiquitous ‘dataveillance’, or the systematic monitoring of citizen’s communications or actions through the use of information technology and ‘big data’, or the collection of large datasets, which are capable of being searched, aggregated, and cross-referenced.