The proliferation of large-scale databases containing personal information, and the multiple uses to which they can be put, can be highly problematic from the perspective of fundamental rights and freedoms. This paper discusses two landmark decisions that illustrate some of the risks linked to these developments and point to a better framing of such practices: the Heinz Huber v. Germany judgement, from the European Court of Justice, and the S. and Marper v. United Kingdom ruling, from the European Court of Human Rights. The paper synthesises the lessons to be learnt from such decisions. Additionally, it questions the impact of the logic of pure prevention that is being combined with other rationales in the design and management of databases.

This Policy Brief is published in the context of the INEX project, which looks at converging and conflicting ethical values in the internal/external security continuum in Europe, and is funded by the Security Programme of DG Enterprise of the European Commission’s Seventh Framework Research Programme. For more information visit: www.inexproject.eu