Could the doctrine of moral rights be used as a basis for understanding the notion of control within data protection law?
This article considers the notion of individual control of personal data as envisaged by the European data protection framework and makes the argument that it is a poorly-understood and under-developed concept, but that our understanding of it may be improved by way of analyses and comparisons with the doctrine of moral rights, an important constituent element of intellectual property law. The article starts by examining the concept of personal data itself, and why an enhanced level of individual control over personal data is thought to be a desirable regulatory objective. Following this, the article examines the scholarly literature pertaining to individual control of personal data, as well as a range of relevant EU policy documents. Having done so, the article argues that the notion of control is muddled and confused from both theoretical and practical perspectives. Following this, the article considers the doctrine of moral rights, and through an exploration of its theoretical and practical elements highlights why it may be of assistance in terms of enhancing our understanding of individual control in the data protection context.