Data Subject

  • Anna Maria Emili


This chapter investigates the impact of the new General Data Protection Regulations (GDPR) that came into force on 25 May 2018 about Data Subjects’ (DS) rights. The GDPR grants EU consumers, citizens, and others a range of specific DS’ rights. These can be utilized under particular conditions, such as protecting the personal data of EU citizens and assuring that data subjects’ rights can be exercised according to GDPR rules. The final aim is safeguarding the specific data processing context and operation of DS. Such safeguards need to be appropriate in all perspectives, but the risk to DS is a priority. They are typically a mix of more ‘technical safeguards’ and of organizational measures, anything that properly secures and protects the data of citizens, on top of all the measures that need to be taken in order to enable the exercise of DS’ rights. Therefore, due to the particular conditions of the rights that a DS has, this paper investigates the DS’ rights from the EU citizens’ perspective and the extent to which they are aware of their rights and how to exercise them. According to article 23 GDPR, DS’ rights are not absolute; there are several conditions in which the EU or the Member State’s laws need to comply with fundamental rights and freedoms to avoid breach.


  1. Auwermeulen, B. V. (2017). How to attribute the right to data portability in Europe: A comparative analysis of legislations. Computer Law & Security Review, 33(1), 57–72. Scholar
  2. Custers, B., Dechesne, F., Sears, A. M., Tani, T., & Hof, S. V. (2017). A comparison of data protection legislation and policies across the EU. SSRN Electronic Journal.Google Scholar
  3. Hert, P. D., Papakonstantinou, V., Malgieri, G., Beslay, L., & Sanchez, I. (2018). The right to data portability in the GDPR: Towards user-centric interoperability of digital services. Computer Law & Security Review, 34(2), 193–203. CrossRefGoogle Scholar
  4. Macenaite, M., & Kosta, E. (2017). Consent for processing children’s personal data in the EU: Following in US footsteps? Information & Communications Technology Law, 26(2), 146–197. Scholar
  5. Malgieri, G., & Custers, B. (2018). Pricing privacy – the right to know the value of your personal data. Computer Law & Security Review, 34(2), 289–303. Scholar
  6. Uddin, M. (2017, May 17). GDPR – The data subject, citizen or resident? Retrieved from

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Anna Maria Emili
    • 1
  1. 1.Rights and Science Jean Monnet Centre of Excellence, Department of MedicineUniversity of PerugiaPerugiaItaly

Personalised recommendations