The article contains the analysis of several aspects of recent caselaw of the Court of Justice of the European Union concerning the protection of the fundamental rights to private and family life and to protection of personal data. The case-law analysed in this article is of great significance to the interpretation and application of the EU and national legislation and has drawn a lot of attention of legal practitioners and theorists and public media.In the first section of the article, the author focuses on the interpretation of certain notions by this court, such as the notion of personal data, processing of such data and its controller, given by the Court of Justice in its judgements in the cases C-293/12 and C-594/12 Digital Rights Ireland and Others, C-131/12 Google Spain and Google, and C-141/12 and C-372/12 YS and Others. The Court of Justice finds that those operations, which are referred to expressly and unconditionally in Directive 95/46/EC, must be classified as ‘processing’ of personal data. The operations referred to by Directive 95/46 must be classified as ‘processing’ even where they exclusively concern material that has already been published as it stands in the media. The Court holds that the notion of ‘controller’ in terms of Article 2(d) of the Directive 95/46 includes search engine operator, as the operator determines the purposes and means of the personal data processing activity.In the second section of this article, the rulings of the Court of Justice regarding the issues of interference with fundamental rights to private and family life and to protection of personal data, as well as the issues related to the justification of such interference, are analysed. In the judgement Google Spain and Google, the Court of Justice holds that by processing personal data the search engine operator interferes with the person’s rights and that the effect of such interference is heightened on account of the important role played by the internet and search engines in modern society. However, a fair balance should be sought between the legitimate interest of internet users to have access to the information containing personal data and the data subject’s fundamental rights. In the judgement Digital Rights Ireland and Others, the court ruled that Directive 2006/24/ EC was invalid, as it did not lay down any objective criterion of the access to and the use of the data of the electronic communications users, and the interference with the fundamental rights of these users could not be justified.The third section of the article concentrates on the independence of the supervisory authority for the personal data protection. In this section, the author analyses the judgement of the Court of Justice in the case C-288/12 Commission v Hungary, in which the Court declared that, by prematurely bringing to an end the term served by the supervisory authority for the protection of personal data, Hungary has failed to fulfil its obligations under Directive 95/46.