Interrelationships between EU data protection law and the circular economy

: Data protection and environmental challenges raised by the Internet of Things

Student thesis: Master-after-master


Environmental and health-related risks deriving from electronic waste are well known. Nonetheless, the threats posed by this waste stream to privacy and data protection, that have increased with the widespread of the Internet of Things, have received very few insights both from academia and European institutions.
After the entry into force in Europe of the new data protection legal framework, that introduced stronger data protection obligations, and the adoption of the Commission Circular Economy Strategy, aimed at promoting a shift towards a circular economy, the conflicts between these two areas risk to exacerbate to detriment to the rights of European citizens.
On the one hand, reuse and recycling of electronic devices, promoted by waste hierarchy in compliance with a circular economy thinking, are necessary to reduce the amount of waste and protect the environment, but, on the other hand, they can be extremely risky from a data protection perspective. That is why it must be made clear that the deletion of personal data shall be an essential part of waste management.
The objective of this work is contributing in filling a gap in research, providing an analysis of the interrelationships between the data protection and circular economy, looking at the challenges posed by the Internet of Things, that, in their quality of “smart” e-waste, are particularly problematic from a data protection perspective, to suggest solutions capable to reconcile the inconsistencies between the data protection rules and the environmental legal framework rules applicable to them.
Adopting a fundamental right perspective, in Chapter 1, I will provide an overview on the evolution of data protection and environmental protection as fundamental rights in the history of the European Union, focusing on the Treaties, concluding that, to solve their inconsistencies, it is not possible to identify a hierarchy between them. That is why their coordination must be ensured at secondary legislation.
In Chapter 2, I will critically analyse some key provisions of the environmental waste framework related to Internet of Things, as amended with 2018 Circular Economy Package after latest amendments, to assess to which extent data protection needs have been there considered. I will propose a series of practical solutions to effectively embed data protection in the considered legal framework, providing also to ensure a “General Data Protection Regulation (GDPR)-oriented interpretation of the concept Extended Producer Responsibility (EPR)”.
Finally, in Chapter 3, I will compare certain provisions and concepts of the GDPR, to outline the legacy of environmental law in it. To better reconcile the two legal frameworks, the other way around than in Chapter 2, I will propose an interpretation of key GDPR definitions in the light of EPR.
Date of Award2019
Original languageEnglish
SupervisorHarri Kalimo (Promotor)


  • data protection
  • circular economy
  • electronic waste
  • Internet of Things
  • extended producer responsibility
  • waste hierarchy
  • waste treatment
  • GDPR

Cite this