The Ethical Dimension of the Principle of Responsibility Regarding the Right to the Protection of Personal Data
DOI:
https://doi.org/10.18662/eljpa/12.2/269Keywords:
responsibility, applied ethics, data protection, personal data processing, GDPR, fundamental rightsAbstract
The principle of responsibility, enshrined in Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data, holds a central place in the conceptual framework of data protection in contemporary society. Beyond its legal and operational role, this principle expresses a profound ethical dimension, which calls for a reconceptualization of the relationship between the controller and the data subject. Responsibility is not limited to mere formal compliance with legal requirements, but involves a real, active, and demonstrable commitment to all measures adopted in the data processing activities, aimed at respecting the fundamental rights and freedoms of the individual. In this context, responsibility becomes the expression of an organizational conduct that reflects integrity, transparency, and a commitment to fundamental ethical values such as dignity, autonomy, and informational self-determination of the individual. Therefore, a shift is required from a reactive and minimal approach, focused on formal obligations, to a vision based on the internalization of ethical principles in everyday decision-making practices. This transition presupposes the existence of an organizational culture in which data protection is not treated solely as a legal or technical issue, but as an ongoing commitment to respecting the human person. The present article offers a theoretical reflection on the ethical dimension of the principle of responsibility, without aiming to conduct empirical research. Its purpose is to highlight the importance of a coherent ethical perspective in the application of personal data protection rules. In conclusion, it argues that responsibility should be understood not only as a mechanism of legal traceability, but as a form of moral commitment to a fundamental right, in a digital context marked by complexity, automation, and systemic risks.
References
Bobek, M. (2011). Joined Cases C-92/09 and C-93/09, Volker und Markus Schecke GbR and Hartmut Eifert, judgement of the Court of Justice (Grand Chamber) of 9 November 2010 N.Y.R. Common Market Law Review, 48(6).
Burch, G. F., & Burch, J. (2025). Creating a compliant and accountable data culture. ISACA Journal, 5. https://www.isaca.org/resources/isaca-journal/issues/2025/volume-5/creating-a-compliant-and-accountable-data-culture
Charter of Fundamental Rights of the European Union. (2016). Official Journal of the European Union, C 202, 389–405. https://eur-lex.europa.eu/eli/treaty/char_2016/oj/eng
Cireaşă, D. (2020). Responsabilul cu protecţia datelor personale la un an şi jumătate de aplicare a GDPR [The data protection officer one and a half years after the application of the GDPR]. Revista Română pentru Protecţia şi Securitatea Datelor cu Caracter Personal, 1, 106–108. Universul Juridic
Cireaşă, D.-I. (2021). Principiile GDPR - de la teorie la practică [The principles of the GDPR – from theory to practice]. Curierul judiciar, 4, 189–193. C.H. Beck.
Cireaşă, D.-I., Simionovici, D., & Dumitrescu, M. (2021). Obligaţiile operatorilor de date cu caracter personal în aplicarea GDPR [The obligations of personal data controllers in the application of the GDPR]. Curierul judiciar, 4, 194–200
Council of Europe. (1950). Convention for the Protection of Human Rights and Fundamental Freedoms [European Convention on Human Rights]. https://www.echr.coe.int/documents/d/echr/convention_ENG
Council of Europe. (2018). Modernised convention for the protection of individuals with regard to the processing of personal data (Convention 108+), adopted at the 128th Session of the Committee of Ministers, Elsinore, Denmark, 17–18 May 2018. https://search.coe.int/cm?i=09000016807c65bf
Court of Justice of the European Union. (2010). Judgment of the Court (Grand Chamber) of 9 November 2010: Volker und Markus Schecke GbR (C-92/09) and Hartmut Eifert (C-93/09) v Land Hessen. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex:62009CJ0092
European Court of Human Rights. (2008). Judgment of the Grand Chamber in the case of S. and Marper v. the United Kingdom (nos. 30562/04 and 30566/04), 4 December 2008. https://hudoc.echr.coe.int/fre?i=001-90051
European Data Protection Supervisor. (2016). European Data Protection Supervisor decision of 3 December 2015 establishing an external advisory group on the ethical dimensions of data protection (‘the Ethics Advisory Group’) (2016/C 33/01). https://www.edps.europa.eu/sites/default/files/publication/15-12-03_ethical_dimensions_en.pdf
European Data Protection Supervisor. (2018). Public consultation on digital ethics: Summary of outcomes. https://www.edps.europa.eu/sites/default/files/publication/18-09-25_edps_publicconsultationdigitalethicssummary_en.pdf
European Union Agency for Fundamental Rights. (2018). Handbook on European data protection law: 2018 edition. https://fra.europa.eu/en/publication/2018/handbook-european-data-protection-law-2018-edition
Finn, R. (2019). Cultivating a culture of data protection within your organisation. Trilateral Research. https://trilateralresearch.com/data-protection/cultivating-a-culture-of-data-protection-within-your-organisation
Ploeşteanu, N.-D. (Coord.). (2019). Ghid practic pentru conformare cu Regulamentul General privind Protecţia Datelor: Instrument de audit [Practical guide for compliance with the General Data Protection Regulation: Audit tool]. Universul Juridic.
POEU (2016). Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance) (OJ L 119 04.05.2016, p. 1. https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016R0679
Şandru, D. M. (2018). Principiile protecţiei datelor - de la teorie la practică [Principles of data protection – from theory to practice]. Curierul Judiciar, 364.
Simionovici, D., Cireasă, D.-I., Pantilimon, C., & Dan, M.-F. (2020). GDPR aplicat: Instrument de lucru pentru implementarea Regulamentului (UE) 679/2016 [Applied GDPR: Working tool for the implementation of Regulation (EU) 679/2016]. Wolters Kluwer
Terec-Vlad, L., (2021). Meanings of the Autonomy concept. European Journal of Law and Public Administration 8(1). 114-120.
Terec-Vlad, L., (2022). General considerations on International Human Rights Law in the context of new technologies. Journal of Social Media Inquiry, 4(1). 41-47.
Trifu, A., Juravle A.I., Terec-Vlad L., (2017). The economic and philosophical implications of the concept of responsibility. Ecoforum Journal, 6(1).
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Stefan cel Mare University of Suceava, Faculty of Law and Administrative Sciences, Romania & InManifest Network
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication, with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work, with an acknowledgement of the works authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g. post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in European Journal of Law and Public Administration.
- Authors are permitted and encouraged to post their work online (e.g. in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as an earlier and greater citation of published work (See The Effect of Open Access).
EJLPA Journal has an Attribution-NonCommercial-NoDerivs
CC BY-NC-ND
