Journal №2
“Data Protection Law” of the European Union
∘ Norbert Bernsdorff ∘

I would like to start my presentation with a question: Does the European Commission – EU Commission - complain about deficits in Georgian data protection at all? If so, are they substantial or does the existing data protection law just need a "fine-tuning"? The opinion of the EU Commission of 17 June 2022 is ambivalent: The Commission demands - firstly - "to equip the...Personal Data Protection Service with resources to its mandate" and - secondly - "to ensure its institutional independence" (page 17). Elsewhere in her report (page 10), she states that "the Personal Data Protection Service...still needs to prove its efficiency and independence". That is all the opinion contains. In my first presentation I already referred to the so-called Copenhagen criteria that an applicant country must fulfil. One of these criteria is the "acquis criterion” – from the French word “acquis communautaire". According to this, a candidate state must adopt the entire body of rules and regulations of the European Union (EU), meaning integrate several 10,000 pages of legal texts into its national law and implement them into corresponding administrative and judicial structures. What the "acquis" comprises in the area of European data protection law results from the "Association Agreement" between the EU and Georgia from 2014. There, in an “Annex” (I and XV-b) to Article 14 and Article 327 of the “Agreement”, reference ismade to data protection law of the Council of Europe and now obsolete - no longer valid - law of the EU... one more reason to look at the current, completely redesigned legal situation in the EU today.

See in detail: 

---