The U.S. and EU approach towards personal data protection: “A collision of tides or a convergence of waves?” A legal exploration of the differences and convergences between the United States and the EU.

In today’s digitized world, personal data is requested and collected everywhere. With the emergence of the internet and devices that are connected to the internet, such as smartphones, smartwatches or even smartfridges, the collection of personal data has expanded to an unprecedented scale. Due to globalization, personal data flows are occurring between the EU and the United States, since most big tech companies are located in the United States but sell their devices and offer their services also in the EU. In order to protect citizens’ personal data, attempts have been made to reach an agreement between the EU and the United States. Two transatlantic frameworks were already invalidated by the Court of Justice of the European Union, and the question remains whether the third attempt will survive the CJEU's scrutiny.

Upon closer inspection, the underlying problem appears to be the different qualification and legal framework used for personal data (protection) in the EU and the United States, defining it respectively as a fundamental (human) right and a commercial asset. This research aims at determining the strengths and weaknesses of both approaches with a specific focus on transatlantic data privacy. It has to be understood first where these different qualifications come from and on which value judgments they are based: thereto the genesis and evolution of both systems' approach is analyzed. The question is approached through functional comparative law research conducted on three levels to reflect the perspectives of the three main stakeholders: the private sector, civil society, and the public sector, consisting of government intelligence and law enforcement agencies. These approaches are subsequently contextualized in today's globalized and digitized world to determine whether a roadmap can be developed for the United States and the EU to co-exist in the area of data privacy and transatlantic data flows.