This chapter investigates the impact of the new General Data Protection Regulations (GDPR) that came into force on 25 May 2018 about Data Subjects’ (DS) rights. The GDPR grants EU consumers, citizens, and others a range of specific DS’ rights. These can be utilized under particular conditions, such as protecting the personal data of EU citizens and assuring that data subjects’ rights can be exercised according to GDPR rules. The final aim is safeguarding the specific data processing context and operation of DS. Such safeguards need to be appropriate in all perspectives, but the risk to DS is a priority. They are typically a mix of more ‘technical safeguards’ and of organizational measures, anything that properly secures and protects the data of citizens, on top of all the measures that need to be taken in order to enable the exercise of DS’ rights. Therefore, due to the particular conditions of the rights that a DS has, this paper investigates the DS’ rights from the EU citizens’ perspective and the extent to which they are aware of their rights and how to exercise them. According to article 23 GDPR, DS’ rights are not absolute; there are several conditions in which the EU or the Member State’s laws need to comply with fundamental rights and freedoms to avoid breach.
- Custers, B., Dechesne, F., Sears, A. M., Tani, T., & Hof, S. V. (2017). A comparison of data protection legislation and policies across the EU. SSRN Electronic Journal.Google Scholar
- Uddin, M. (2017, May 17). GDPR – The data subject, citizen or resident? Retrieved from https://cybercounsel.co.uk/data-subjects/