Personal Data Protection in the Decision-Making of the CJEU Before and After the Lisbon Treaty

Abstract Personal data protection is one of the important areas of the EU’s operation and the general public is especially aware of the General Data Protection Regulation (GDPR). However, personal data protection has been an issue in the EU for a long time. The Court of Justice of the European Union (CJEU) plays a major role in personal data protection as their function is to interpret EU law and thus also EU legislation related to personal data protection. Until now, research papers have tackled specific issues related to interpreting EU legislation or analyses of specific decisions made by the CJEU. However, no comprehensive empirical legal study has been published so far which would evaluate the decision-making of the CJEU in the area of personal data protection using a combination of quantitative and qualitative methods. Therefore, no analysis has been carried out to determine how many decisions of the CJEU have been related to personal data protection, how their number has increased, or which participants and from which areas have participated in the proceedings. The results of the analysis presented here can be used as a basis for studying the future development of the CJEU’s decision-making in the area of personal data protection in relation to digitization and especially to the COVID-19 pandemic, which undoubtedly has contributed to a significant increase in online communication, posing new challenges towards a more efficient personal data protection in the online world.