Environmental and health-related risks deriving from e-waste are well known. Nonetheless, the threats posed by this fast-growing waste stream to privacy and data protection, which have increased with the widespread of the Internet of Things (IoTs), have received very few insights from academia and European institutions. After the entry into force of the General Data Protection Regulation (GDPR), that introduced stronger data protection obligations, and the adoption of the Circular Economy Action Plan, aimed at promoting a shift towards a circular economy, the conflicts between these two areas risk to exacerbate to the detriment to the rights of European citizens. If the reuse and recycling of electronic devices, promoted by the waste hierarchy principle in compliance with a circular economy thinking, are necessary to reduce the amount of waste and protect the environment, they can be extremely risky from a data protection perspective. That is why the deletion of personal data shall be an essential part of waste management. The objective of this presentation to highlight the inconsistencies between the EU data protection rules and the environmental legal framework applicable to e-waste and to suggest solutions to reconcile them. In the first part of the presentation, I will briefly analyse key provisions of the Waste Framework and eWaste directives and propose a series of recommendations to effectively embed data protection therein, to ensure a GDPR-oriented interpretation of the concept Extended Producer Responsibility (EPR). In the second part of the presentation, after highlighting the legacy of environmental law in the GDPR, I will propose an interpretation of key GDPR definitions in the light of EPR.
21 dec 2020
Young Legal Researchers Conference 2020 - University of Hasselt