Protection of Individuals in the light of EU Regulation 2016/679 on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of such Data


Personal data
European Union

How to Cite

Tokarski, M. (2020). Protection of Individuals in the light of EU Regulation 2016/679 on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of such Data. Safety & Defense, 6(2), 63-74.


The process of establishing normative acts in the European Union does not  occur out of nowhere, but in the context of specific social needs. That was the case of the genesis of establishing legal regulations regarding the protection of personal data in the European Union. Socio-economic integration, which resulted from the functioning of internal market in the European Union, has led to a significant increase in cross-border transfers of personal data. It led to situation in which various economic operators or state institutions of the Member States have increasingly processed the personal data of the EU citizens. Within time, these data have become an equally valuable commodity - not to say even more valuable – compared to goods and services (Costa-Cabral, and Lynskey Orla, 2017, p. 11). Making use of personal data on a large scale especially by public and private entities, associations and companies over time has posed a threat to the security of personal data. This has made it necessary to introduce legal protection measures for personal data in the European Union that would eliminate the negative effects of any form of personal data processing. The purpose of this article is to evaluate legal regulations regarding legislative protection of personal data in the European Union against the background of EU Regulation 2016/679 of the European Parliament and the Council with respect to the protection of individuals due to processing personal data, its free movement and repealing Directive 95/46/EC (hereinafter referred to as Regulation 2016/679). Due to initially adopted purpose of the considerations there arose a problem which was formulated in the form of a question: Do the legal measures introduced by the Regulation constitute an effective tool for the protection of personal data in the event of a violation of the law by personal data administrators and entities while processing such data? The presented purpose of the considerations and the research problem determined the order of the analysis.


Charter of fundamental rights of the European Union (Official Journal of the European Union (C 326/391, 26.10.2012).

Costa-Cabral, F., Lynskey, O. (2017). Family ties: the intersection between data protection and competition in EU Law. Common Market Law Review, Kluwer Law International, Available online

Directive 95/46/EC of the European Parliament and of the Council of 24 Oc-tober 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (Official Journal L 281, 23/11/1995).

Dove, E.S. (2018) The EU General Data Protection Regulation: Implications for International Scientific Research in the Digital Era, Journal of Law, 46(4). pp. 1013-1030. DOI:

Ducato, R. (2020). Data protection, scientific research, and the role of information, Computer Law & Security Review, 37. DOI:

González-Fuster, G. (2014) How Unin-formed is the Average Data Subject? A Quest for Benchmarks in EU Personal Data Protection, IDP Revista de Inter-net Derecho y Política, 19. DOI:

Graef, I., Husovec M., Purtova N. (2018), Data Portability and Data Control: Lessons for an Emerging Concept in EU Law. German Law Jurnal, 19(6). DOI:

Helberger, N., and Borgesius, F.Z. and Reyna, A. (2017), The perfect match? a closer look at the relationship between EU consumer law and data protection law, Common Market Law Review, 54(5).

Hoofnagle, Ch.J., and van der Sloot, B. and Borgesius, F.Z. (2019) The Europe-an Union general data protection regu-lation: what it is and what it means. In-formation & Communications Technol-ogy Law, 28, pp. 65-98, Published online: 10 Feb 2019. DOI:

Lenaerts, K., and Gutiérrez-Fons J.A. (2010). The constitutional allocation of powers and general principles of EU law. Powers and general principles, Common Market Law Review, 47, pp 1629-1669.

Lindgren, P. (2016). GDPR Regulation Impact on Different Business Models and Businesses, Journal of Multi Business Model Innovation and Technology, 4(3). DOI:

Pantlin, N., Wiseman, C., Everett, M. (2018). Supply chain arrangements: The ABC to GDPR compliance - A spotlight on emerging market practice in supplier contracts in light of the GDPR, Com-puter Law & Security Review,34(4). DOI:

Pierzchała, E. (2013). Standardy funk-cjonowania administracyjnych środ-ków prawnych w postępowaniu przed organami pomocy społecznej, Wrocław: Wydział Prawa, Administracji i Ekono-mii Uniwersytetu Wrocławskiego.

Polanowski, A. and Lasek, Ł. (2018), Private enforcement under the GDPR,, (Access 2018.07.10).

Przybysz, P.M. (2012). Administracyjne środki prawne w postępowaniu egzeku-cyjnym w administracji, środki-prawne-w-postepowaniu-egzekucyjnym-w-369243969 (Access 14.07.2020).

Regulation (EU) 2016/679 of the Euro-pean Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (Official Journal of the European Union L 119/1, 4.5.2016).

Robinson, N., Graux H., Botterman M., Valeri L. (2009), Review of the Europe-an Data Protection Directive, RAND Corporation - Office of the Information Commissioner.

Rubinstein, I., Big Data: The End of Privacy or a New Beginning? (October 5, 2012). International Data Privacy Law (2013 Forthcoming), NYU School of Law, Public Law Research Paper, 12-56, Available at SSRN: or Treaty on the Functioning of the Euro-pean Union (Official Journal C 326, 26/10/2012, P. 0001 – 0390).

Three Key Risks and Opportunities of GDPR (2018), Comforte AG. (Access 20.08.2020).

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.