In relationships with relevant contacts with more than one sovereign State (transnational relationships), personal data protection raises an issue of determination of the applicable law. The applicable law can either be a national law or a supranational instrument, which unifies or uniformizes the rules applicable in the States bound by it.
The Reg. (EU) no 2016/679, on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of Such Data (GDPR) laid down a developed body of uniform material rules on personal data protection. The problems of determination of the applicable law, however, are not suppressed. These problems are raised mainly at three levels: first, the determination of the spatial scope of application of the GDPR; second, the determination of the applicable law when the GDPR refers to the law of the Member States; and third, the determination of the national law applicable to issues that the GDPR does not govern, not even by reference, such as most of the issues relating to torts resulting from the breach of the GDPR provisions.
The aim of this essay is to provide a first approach to these problems and their solution in the internet context.
Autores: Luís Lima Pinheiro
Ano: 2018