The concept of fairness in the GDPR

Abstract

There is a growing attention on the notion of fairness in the GDPR in the European legal literature. However, the principle of fairness in the Data Protection framework is still ambiguous and uncertain, as computer science literature and interpretative guidelines reveal. This paper looks for a better understanding of the concept of fairness in the data protection field through two parallel methodological tools: linguistic comparison and contextual interpretation. In terms of linguistic comparison, the paper analyses all translations of the world in the GDPR in the EU official languages, as the CJEU suggests in CILFIT Case for the interpretation of the EU law. The analysis takes into account also the translation of the notion of fairness in other contiguous fields (e.g. at Article 8 of the EU Charter of fundamental rights or in the Consumer field, e.g. Unfair terms directive or Unfair commercial practice directive). In general, the notion of fairness is translated with several different nuances (in accordance or in discordance with the previous Data protection Directive and with Article 8 of the Charter) In some versions different words are used interchangeably (it is the case of French, Spanish and Portuguese texts), in other versions there seems to be a specific rationale for using different terms in different parts of the GDPR (it is the case of German and Greek version). The analysis reveals three mean semantic notions: correctness (Italian, Swedish, Romanian), loyalty (French, Spanish, Portuguese and the German version of Treu und Glaube) and equitability (French, Spanish and Portuguese). Interestingly, these three notions have common roots in the Western legal history: the Roman law notion of bona fide. Taking into account both the value of bona fide in the current European legal contexts and also a contextual interpretation of the role of fairness in the GDPR, the preliminary conclusions is that fairness refers to a substantial balancing of interests among data controllers and data subjects. The approach of fairness is effect-based: what is relevant is not the formal respect of procedures (in terms of transparency, lawfulness or accountability), but the substantial mitigation of unfair imbalances that create situations of vulnerability. Building on these reflections, the paper analyses how the notion of fairness and imbalance are related to the idea of vulnerability, within and beyond the GDPR. In sum, the article suggests that the best interpretation of the fairness principles in the GDPR (taking into account both the notion of procedural fairness and of fair balancing) is the mitigation of data subjects' vulnerabilities through specific safeguards and measures.