Difference between the GDPR and the LED


In the age of digital transformation, this blog carefully explores the legal frameworks for data protection in the context of law enforcement in Europe. Through an in-depth comparative analysis, it delves into the nuanced differences between the General Data Protection Regulation (AVG) and the Data Protection in Criminal Matters Directive (LED), with a specific focus on the qualification of “criminal offenses” and the competence of member states. This blog aims to provide insight into the complexities of these regulatory structures, their impact on individual rights, and the challenges and opportunities they present to law enforcement agencies.

1. Jurisdiction of Member States and Qualification of Offenses.

1.1 Scope of the Data Protection in Criminal Matters Directive (LED – Law Enforcement Directive)

A crucial aspect of understanding data protection in the context of law enforcement is the scope of the LED. This directive specifically addresses the processing of personal data by competent authorities for criminal justice purposes. To fall within the scope of LED, data processing must be in line with the objectives of the directive and carried out by a competent authority. However, the term “competent authority” has a broad definition and includes various entities charged with public authority.

1.2 Competent Authorities.

The LED, in defining competent authorities, includes public bodies responsible for preventing, detecting and prosecuting criminal offenses. In addition, it extends to bodies entrusted with public authority for specific processing operations covered by the directive. This broad definition highlights the scope of the directive, which includes a range of law enforcement agencies and entities, adding to the complexity of its implementation across member states.

1.3 Differences in Definitions of Offenses by Member States.

One of the challenges arising from the guideline format is the inherent diversity in how member states define and classify offenses. These differences are due to differing legal traditions and cultural contexts, which may present challenges in achieving uniformity. The impact of this divergence is crucial and affects LED’s effectiveness in harmonizing data protection practices within the European Union. An example is the “Gas Fines” in Flanders, which are seen as fines for criminal offenses but often deal with very minimal violations.

2. Comparative Analysis

2.1 Distinctive Scope of the AVG and the LED

While both the AVG and LED are integral parts of the European data protection package, they operate with different scopes. The AVG is broadly applicable to various industries, while the LED specifically targets processing activities related to law enforcement. Note that the AVG excludes processing for state security or national defense, which is subject to national law.

2.2 Obligations of controllers under the LED

Data controllers covered by the LED share several obligations with the AVG, such as implementing technical and organizational measures and maintaining records of processing activities. However, the LED introduces specific obligations tailored to the nature of law enforcement activities. This includes an increased emphasis on the necessity and proportionality of data processing, taking into account the unique challenges arising from criminal justice objectives.

3. Rights of Data Subjects under the LED.

3.1 Specificity of LED rights

In setting forth the rights granted to data subjects within the Data Protection in Criminal Matters Directive (LED), it is essential to recognize the distinctive nature of these provisions. LED’s unique scope adapts specific rights to recognize and address the complex challenges inherent in law enforcement activities. This section aims to delve deeper into the nuanced landscape of LED rights, discussing their particularities and their alignment with or deviation from provisions of the AVG

3.2 Dissecting LED rights

LED, in its commitment to striking a delicate balance between protecting individual freedoms and facilitating effective law enforcement, introduces a set of rights that go beyond the conventional framework set forth in the AVG. While some fundamental rights, such as information disclosure, access and the right to rectification or deletion of personal data, resonate with provisions of the AVG, it is crucial to examine those rights that deviate from this standard.

3.3 Aligning Rights with AVG Provisions: A Symbiotic Relationship*

Certain LED rights align seamlessly with provisions of the AVG, fostering a symbiotic relationship between the two regulatory frameworks. Disclosure gives data subjects transparency, ensures access control over personal data and enforces the right to rectification or deletion and ensures the integrity of individual information. This alignment emphasizes a cohesive approach to protecting data subjects in a variety of contexts, both in commercial and law enforcement environments.

3.4 Unique Challenges, Unique Rights: The LED Perspective

Nevertheless, LED introduces new aspects in recognizing challenges specific to law enforcement. In particular, rights such as data portability, a cornerstone of the AVG, may face limitations or have limited applicability within the framework of the LED. This divergence encourages a thorough exploration of how these rights, often taken for granted in other contexts, adapt to the unique needs and constraints imposed by criminal justice goals.

3.5 Emphasizing Relevance in Criminal Justice Objectives

This section puts a spotlight on the complicated interplay between LED rights and criminal justice objectives. By unraveling the complexities surrounding information disclosure, access, rectification and deletion of personal data within the LED context, this blog highlights the unique relevance and challenges these rights present in the pursuit of effective law enforcement.

3.6 Balancing: Navigating Restrictions and Protecting Freedoms

In navigating the complex landscape of LED, a delicate balance emerges. Recognizing the limitations on certain rights ensures their pragmatic applicability in law enforcement activities, striking a balance between facilitating criminal justice objectives and protecting the fundamental freedoms of data subjects. This nuanced exploration seeks a deeper understanding of the complex dynamics surrounding data subjects’ rights within LED, which extends beyond the conventional boundaries set by the AVG.


As the legal landscape continues to evolve in response to technological advances, a deep understanding of the AVG and LED becomes essential for law enforcement agencies and individuals. The power of member states to define offenses adds an additional layer of complexity that requires ongoing harmonization efforts.

This blog highlights the dynamic nature of data protection in law enforcement and the importance of adaptability in navigating this complex legal terrain.

Ongoing assessment and cooperation are essential to ensure an effective balance between individual rights and law enforcement objectives within the diverse context of European Member States.


Meer berichten

Onzichtbare Bedreiging Voor Privacy

Invisible Threat To Privacy

Introduction Companies use personal data to optimize their marketing campaigns, perform accurate analysis and improve their business strategies. But as the value

cyber security tips

10 Cyber Security Tips for SMEs

Cyber security is critical for SMEs. A cyber attack can have serious consequences, from data loss to financial and reputational damage. Here

de toekomst van GDPR

The Future of Data Protection

Introduction: Since its implementation in 2018, the General Data Protection Regulation (GDPR) has had a significant impact on how organizations worldwide collect,


©DPO Associates Alle rechten voorbehouden. Privacy verklaringCookie verklaring | Algemene voorwaarden