This article discusses the role of data protection in the area of police and judicial cooperation (“Third Pillar”), as well as that of the Common Foreign and Security Policy (“Second Pillar”). In other words, data protection in areas of activities of the State where there is significant increase in the importance of storage and exchange of information, and access to this information, as instruments for ensuring security.
The article demonstrates that the present arrangements for data protection are not fully satisfactory. It focuses in particular on the shortcomings of the framework for data protection related to the pillar structure of the EU Treaty. In the Third Pillar, there are a number of legislative instruments applying to different situations. Framework Decision 2008/977 is not more than a first step towards a general framework for data protection. In the Second Pillar, there is no general legal framework and there are no specific rules. Furthermore, the pillar structure itself leads to unsatisfactory solutions which the case law of the Court did not fully compensate.
The article then analyses to what extent the Lisbon Treaty provides instruments to address these shortcomings. The Lisbon Treaty offers the necessary means to ensure an effective system of data protection applicable to all areas of EU activity. Much will depend on the content and on the timing of the legislation that will eventually be adopted on the basis of the new Treaty, in particular under Article 16 TFEU.Common Market Law Review