General Data Protection Regulation: new ethical and constitutional aspects, along with new challenges to information law

Abstract

The EU 'General Data Protection Regulation' (GDPR) marked the most important step towards reforming data privacy regulation in recent years, as it has brought about significant changes in data process in various sectors, ranging from healthcare to banking and beyond. Various concerns have been raised, and as a consequence of these, certain parts of the text of the GDPR itself have already started to become questionable due to rapid technological progress, including, for example, the use of information technology, automatisation processes and advanced algorithms in individual decision-making activities. The road to GDPR compliance by all European Union members may prove to be a long one and it is clear that only time will tell how GDPR matters will evolve and unfold. In this paper, we aim to offer a review of the practical, ethical and constitutional aspects of the new regulation and examine all the controversies that the new technology has given rise to in the course of the regulation's application.