Rely on the most comprehensive, up-to-date legal content designed and curated by lawyers for lawyers
Work faster and smarter to improve your drafting productivity without increasing risk
Accelerate the creation and use of high quality and trusted legal documents and forms
Streamline how you manage your legal business with proven tools and processes
Manage risk and compliance in your organisation to reduce your risk profile
Stay up to date and informed with insights from our trusted experts, news and information sources
Access the best content in the industry, effortlessly — confident that your news is trustworthy and up to date.
Find up-to-date guidance on points of law and then easily pull up sources to support your advice with Lexis PSL
With over 30 practice areas, we have all bases covered. Find out how we can help
Our trusted tax intelligence solutions, highly-regarded exam training and education materials help guide and tutor Tax professionals
Regulatory, business information and analytics solutions that help professionals make better decisions
A leading provider of software platforms for professional services firms
In-depth analysis, commentary and practical information to help you protect your business
LexisNexis Blogs shed light on topics affecting the legal profession and the issues you're facing
Legal professionals trust us to help navigate change. Find out how we help ensure they exceed expectations
Lex Chat is a LexisNexis current affairs podcast sharing insights on topics for the legal profession
Discuss the latest legal developments, ask questions, and share best practice with other LexisPSL subscribers
What is the legislative basis for determining applicable law?
The provisions of art 4(1) of Directive 95/46/EC govern the application of a member state's legislation to the processing of personal data. Under art 4(1)(a) and 4(1)(c) it is the location of the data controller or the location of equipment used by the data controller which often determines applicable law.
Of significance to those questions is the issue of the data controller's 'establishment'. Recital 19 of Directive 95/46/EC provides some guidance in this regard, indicating that an 'establishment on the territory of a Member State implies the effective and real exercise of activity through stable arrangements; whereas the legal form of such an establishment, whether simply branch or a subsidiary with a legal personality, is not the determining factor in this respect'.
Is there any additional formal guidance as to applicable law?
Continuing uncertainty of the position under the legislation relating to applicable law in different scenarios led to an Article 29 Working Party opinion on the issue in 2010. While this guidance is not binding it is strongly indicative of the approach likely to be taken by national regulators on the interpretation of the legislation.
Where do I start?
Before engaging with this question
Access this article and thousands of others like it free by subscribing to our blog.
Read full article
Already a subscriber? Login
0330 161 1234